def test_edit(self):
"""endpoint returns valid configuration for editor"""
for i in range(3):
self.override_acl({
'max_attachment_size': 1000,
})
with open(TEST_DOCUMENT_PATH, 'rb') as upload:
response = self.client.post(
reverse('misago:api:attachment-list'),
data={'upload': upload})
self.assertEqual(response.status_code, 200)
attachments = list(Attachment.objects.order_by('id'))
attachments[0].uploader = None
attachments[0].save()
for attachment in attachments[:2]:
attachment.post = self.post
attachment.save()
self.override_acl({
'can_edit_posts': 1,
})
response = self.client.get(self.api_link)
for attachment in attachments:
add_acl(self.user, attachment)
self.assertEqual(response.status_code, 200)
self.assertEqual(
json.loads(smart_str(response.content)), {
'id':
self.post.pk,
'api':
self.post.get_api_url(),
'post':
self.post.original,
'can_protect':
False,
'is_protected':
self.post.is_protected,
'poster':
self.post.poster_name,
'attachments': [
AttachmentSerializer(attachments[1],
context={
'user': self.user
}).data,
AttachmentSerializer(attachments[0],
context={
'user': self.user
}).data,
]
})
def post_editor(self, request, thread_pk, pk=None):
thread = self.get_thread(request, thread_pk)
post = self.get_post(request, thread, pk).unwrap()
allow_edit_post(request.user, post)
attachments = []
for attachment in post.attachment_set.order_by('-id'):
add_acl(request.user, attachment)
attachments.append(attachment)
attachments_json = AttachmentSerializer(attachments,
many=True,
context={
'user': request.user
}).data
return Response({
'id':
post.pk,
'api':
post.get_api_url(),
'post':
post.original,
'attachments':
attachments_json,
'can_protect':
bool(thread.category.acl['can_protect_posts']),
'is_protected':
post.is_protected,
'poster':
post.poster_name,
})
def create_attachment(self, request):
upload = request.FILES.get('upload')
if not upload:
raise UploadError(_("No file has been uploaded."))
user_roles = set(r.pk for r in request.user.get_roles())
filetype = validate_filetype(upload, user_roles)
validate_filesize(upload, filetype, request.user.acl_cache['max_attachment_size'])
attachment = Attachment(
secret=Attachment.generate_new_secret(),
filetype=filetype,
size=upload.size,
uploader=request.user,
uploader_name=request.user.username,
uploader_slug=request.user.slug,
uploader_ip=request.user_ip,
filename=upload.name,
)
if is_upload_image(upload):
try:
attachment.set_image(upload)
except IOError:
raise UploadError(_("Uploaded image was corrupted or invalid."))
else:
attachment.set_file(upload)
attachment.save()
add_acl(request.user, attachment)
return Response(AttachmentSerializer(attachment, context={'user': request.user}).data)
def create(self, request):
if not request.user.acl_cache['max_attachment_size']:
raise PermissionDenied(_("You don't have permission to upload new files."))
serializer = NewAttachmentSerializer(data=request.data, context={'request': request})
serializer.is_valid(raise_exception=True)
attachment = serializer.save()
add_acl(request.user, attachment)
return Response(AttachmentSerializer(attachment, context={'user': request.user}).data)
def update_attachments_caches(posts):
for post in Post.objects.filter(pk__in=posts).iterator():
attachments = post.attachment_set.order_by('id')
post.attachments_cache = AttachmentSerializer(attachments, many=True).data
for attachment in post.attachments_cache:
del attachment['acl']
del attachment['post']
del attachment['uploader_ip']
post.save()
def sync_attachments_cache(self, post, attachments):
if attachments:
post.attachments_cache = AttachmentSerializer(attachments,
many=True).data
for attachment in post.attachments_cache:
del attachment['acl']
del attachment['post']
else:
post.attachments_cache = None
post.update_fields.append('attachments_cache')