class UploadManager(object):
def __init__(self, app):
self.videos = UploadSet('videos', (
'mp4',
'webm',
'wmv',
'avi',
'mov',
))
self.images = UploadSet('images', ('jpeg', ))
configure_uploads(app, (
self.videos,
self.images,
))
def save_image(self, image):
filename = self.images.save(image)
return {
'url': self.images.url(filename),
'path': self.images.path(filename)
}
def save_video(self, video):
filename = self.videos.save(video)
return filename
def lookup_video(self, filename):
url = self.videos.url(filename)
path = self.videos.path(filename)
return url, path
def profile_handler(form, insti, req):
insti.name = form.name.data
insti.intro = form.intro.data
logo = request.files.get('logo')
if not (logo.filename is None or logo.filename == ''):
logo_upload = UploadSet('logos', ('jpg', 'png'))
configure_uploads(current_app, (logo_upload))
try:
filename = logo_upload.save(logo)
logo_url = logo_upload.url(filename)
insti.logo_url = logo_url
except UploadNotAllowed:
return (False, '上传LOGO时出错')
poster = request.files.get('poster')
if not (poster.filename is None or poster.filename == ''):
poster_upload = UploadSet('posters', ('jpg', 'png'))
configure_uploads(current_app, (poster_upload))
try:
filename = poster_upload.save(poster)
poster_url = poster_upload.url(filename)
insti.poster_url = poster_url
except UploadNotAllowed:
return (False, '上传海报时出错')
db.session.add(insti)
return (True, '资料更新成功')
def member_edit():
edit_form = EditForm()
if request.method == 'POST' and edit_form.validate_on_submit():
user = User.query.get(current_user.id)
user.name = edit_form.username.data
avatar = request.files.get('avatar')
# print(avatar) # <FileStorage: '' ('application/octet-stream')>
# print(avatar.filename)
if avatar.filename is not None: # and avatar.filename!=''
avatar_upload = UploadSet(name='avatars',
extensions=('jpg', 'jpeg', 'png', 'bmp'))
configure_uploads(current_app, (avatar_upload)) #加载上传集配置
try:
filename = avatar_upload.save(avatar)
# avatar_upload.resolve_conflict(avatar_upload, fname) #解决可能存在的文件名冲突问题
user.avatar_url = avatar_upload.url(filename)
except UploadNotAllowed:
pass
else:
flash('头像上传失败', 'alert-warning')
portrait = request.files.get('portrait')
if portrait.filename is not None:
portrait_upload = UploadSet(name='portraits',
extensions=('jpg', 'jpeg', 'png',
'bmp'))
configure_uploads(current_app, (portrait_upload)) #加载上传集配置
try:
filename = portrait_upload.save(portrait)
# portrait_upload.resolve_conflict(portrait_upload, fname) #解决可能存在的文件名冲突问题
user.portrait_url = portrait_upload.url(filename)
except UploadNotAllowed:
pass
else:
flash('半身像上传失败', 'alert-warning')
user.signature = edit_form.signature.data
user.intro = edit_form.intro.data
password = edit_form.password.data
if password is not None and password != '': #更改密码
if user.verify_password(edit_form.old_password.data):
if len(password) > 6 and len(password) < 24:
if password == edit_form.password2.data:
user.password = password
flash('密码更改成功!', 'alert-success')
else:
flash('两次密码输入不一致,密码未更改', 'alert-warning')
else:
flash('密码长度必须 6-24 位,密码未更改', 'alert-warning')
else:
flash('当前密码错误,密码未更改', 'alert-danger')
db.session.add(user)
flash('个人资料更新成功!', 'alert-success')
return redirect(url_for('member.member_page', userid=user.id))
edit_form.username.data = current_user.name
edit_form.signature.data = current_user.signature
edit_form.intro.data = current_user.intro
return render_template('member/edit.html', form=edit_form)
def post(self):
if 'photo' in request.files:
upload_type = 'photo'
upload_files = UploadSet('photos',IMAGES)
configure_uploads(app, upload_files)
filename = upload_files.save(request.files[upload_type])
splits = []
for item in filename.split('.'):
splits.append(item)
extension = filename.split('.')[len(splits) - 1]
else:
return {'status':'error',
'description':'No attached Files'}, 400
f = File(filename=filename, user_id=g.user.id, extension=extension, type=upload_type)
try:
db.session.add(f)
db.session.commit()
except:
return {'status':'error',
'description':'Something went wrong'}, 500
return {'status':'success',
'description':'Upload Succeeded',
'data':{'id':f.id,
'url':upload_files.url(f.name)}}, 201
def edit_event(uurl, eid):
event = Event.query.get_or_404(int(eid))
edit_form = EditForm()
if request.method == 'POST' and edit_form.validate_on_submit():
event.detail = edit_form.detail.data
poster = request.files.get('poster')
if poster.filename is not None:
poster_upload = UploadSet(name='posters',
extensions=('jpg', 'jpeg', 'png', 'bmp'))
configure_uploads(current_app, (poster_upload)) #加载上传集配置
try:
filename = poster_upload.save(poster)
event.poster_url = poster_upload.url(filename)
except UploadNotAllowed:
pass
else:
flash('海报上传失败……', 'alert-warning')
db.session.add(event)
flash('更新成功', 'alert-success')
return redirect(url_for('event.event_page', eid=event.id))
edit_form.detail.data = event.detail
return render_template('institution/event_edit.html',
insti=current_insti(),
event=event,
edit_form=edit_form)
def group_new():
group_form = GroupForm()
if request.method == 'POST' and group_form.validate_on_submit():
name = group_form.name.data
intro = group_form.intro.data
icon = request.files.get('icon')
if not (icon is None or icon == ''):
icon_upload = UploadSet('icons', ('jpg', 'png'))
configure_uploads(current_app, (icon_upload))
try:
filename = icon_upload.save(icon)
icon_url = icon_upload.url(filename) #得到icon的URL
except UploadNotAllowed:
flash('请上传小组图标', 'alert-danger')
return render_template('group/new.html', form=group_form)
else:
flash('小组图标没上传', 'alert-danger')
return render_template('group/new.html', form=group_form)
group = Group(name=name,
icon_url=icon_url,
intro=intro,
owner_id=current_user.id) #_get_current_object()
db.session.add(group)
flash('新建小组 %s 成功!' % name, 'alert-success')
return redirect(url_for('group.group_index'))
return render_template('group/new.html', form=group_form)
class UploadManager(object):
def __init__(self, app):
self.videos = UploadSet('videos', ('mp4','webm','wmv','avi','mov',))
self.images = UploadSet('images', ('jpeg',))
configure_uploads(app, (self.videos,self.images,))
def save_image(self, image):
filename = self.images.save(image)
return {
'url': self.images.url(filename),
'path': self.images.path(filename)
}
def save_video(self, video):
filename = self.videos.save(video)
return filename
def lookup_video(self, filename):
url = self.videos.url(filename)
path = self.videos.path(filename)
return url, path
def file(self, file_content):
uploader = UploadSet('surveyimg', IMAGES)
configure_uploads(app, (uploader))
patch_request_class(app, 16 * 1024 * 1024) #: 16 MB limit.
self.filename = uploader.save(file_content,
name="{0}.".format(str(self)))
def file(self, file_content):
uploader = UploadSet('surveyimg', IMAGES)
configure_uploads(app, (uploader))
patch_request_class(app, 16 * 1024 * 1024) #: 16 MB limit.
self.filename = uploader.save(file_content,
name = "{0}.".format(str(self)))
def post(self, bucket_id):
b = Bucket.query.filter_by(id=bucket_id).first()
if b is None:
return {'status':'error',
'description':'There\'s no bucket with id: '+id}, 403
if g.user.id != b.user_id:
return {'status':'error',
'description':'Unauthorized'}, 401
if request.json:
params = request.json
elif request.form:
params = {}
for key in request.form:
params[key] = request.form[key]
else:
return {'status':'error','description':'Request Failed'}, 400
# Replace blank value to None(null) in params
for key in params:
params[key] = None if params[key] == "" else params[key]
if key in ['id', 'user_id', 'bucket_id', 'language', 'body', 'timestamp', 'reg_dt', 'lst_mod_dt']:
return {'error': key + ' cannot be entered manually.'}, 401
contents = []
if 'text' in params and params['text'] is not None:
contents.append('text')
if 'url1' in params and params['url1'] is not None:
contents.append('url1')
if 'url2' in params and params['url2'] is not None:
contents.append('url2')
if 'url3' in params and params['url3'] is not None:
contents.append('url3')
if 'photo' in request.files:
upload_type = 'photo'
if len(request.files[upload_type].filename) > 64:
return {'status':'error',
'description':'Filename is too long (Max 64bytes include extensions)'}, 403
upload_files = UploadSet('photos',IMAGES)
configure_uploads(app, upload_files)
filename = upload_files.save(request.files[upload_type])
splits = []
for item in filename.split('.'):
splits.append(item)
extension = filename.split('.')[len(splits) -1]
f = File(filename=filename, user_id=g.user.id, extension=extension, type=upload_type)
db.session.add(f)
db.session.flush()
db.session.refresh(f)
else:
if len(contents) == 0:
return {'status':'error',
'description':'Nothing to Post'}, 403
p = Plan.query.filter_by(bucket_id=b.id).first()
if p is None:
plan = Plan(date=datetime.datetime.now().strftime('%Y%m%d'),
user_id=g.user.id,
bucket_id=b.id,
status=0,
lst_mod_dt=datetime.datetime.now())
db.session.add(plan)
post = Post(body=None,
date=params['date'] if 'date' in params else datetime.datetime.now().strftime('%Y%m%d'),
user_id=b.user_id,
language=None,
bucket_id=bucket_id,
text=params['text'] if 'text' in params else None,
img_id=f.id if 'photo' in request.files else None,
url1=params['url1'] if 'url1' in params else None,
url2=params['url2'] if 'url2' in params else None,
url3=params['url3'] if 'url3' in params else None,
reg_dt=datetime.datetime.now(),
lst_mod_dt=datetime.datetime.now())
db.session.add(post)
db.session.flush()
db.session.refresh(post)
db.session.commit()
data = {'id':post.id,
'user_id':post.user_id,
'bucket_id':post.bucket_id,
'text':None if post.text is None else post.text,
'img_url':None if post.img_id is None else photos.url(File.query.filter_by(id=post.img_id).first().name),
'urls':[{'url1':None if post.url1 is None else post.url1},
{'url2':None if post.url2 is None else post.url2},
{'url3':None if post.url3 is None else post.url3},],
'reg_dt':post.reg_dt.strftime("%Y-%m-%d %H:%M:%S"),
'lst_mod_dt': None if post.lst_mod_dt is None else post.lst_mod_dt.strftime("%Y-%m-%d %H:%M:%S")}
return {'status':'success',
'description':'Successfully posted.',
'data':data}, 201
def post(self, id):
u = User.query.filter_by(id=id).first()
if u.id != g.user.id:
return {'status':'error',
'description':'Unauthorized'}, 401
if request.json:
params = request.json
elif request.form:
params = {}
for key in request.form:
params[key] = request.form[key]
else:
return {'status':'error','description':'Request Failed'}, 400
# Replace blank value to None(null) in params
for key in params:
params[key] = None if params[key] == "" else params[key]
if key in ['id', 'user_id', 'reg_dt', 'language']:
return {'error': key + ' cannot be entered manually.'}, 401
# Bucket Title required
if not 'title' in params:
return {'error':'Bucket title required'}, 401
# Check ParentID is Valid & set level based on ParentID
if not 'parent_id' in params or params['parent_id'] == None:
level = 0
else:
b = Bucket.query.filter_by(id=params['parent_id']).first()
if b is None:
return {'error':'Invalid ParentID'}, 401
elif b.user_id != g.user.id:
return {'error':'Cannot make sub_bucket with other user\'s Bucket'}, 401
else:
level = int(b.level) + 1
if 'rpt_cndt' in params:
dayOfWeek = datetime.date.today().weekday()
if params['rpt_type'] == 'WKRP':
if params['rpt_cndt'][dayOfWeek] == '1':
p = Plan(date=datetime.date.today().strftime("%Y%m%d"),
user_id=g.user.id,
bucket_id=None,
status=0,
lst_mod_dt=datetime.datetime.now())
db.session.add(p)
if 'photo' in request.files:
upload_type = 'photo'
if len(request.files[upload_type].filename) > 64:
return {'status':'error','description':'Filename is too long (Max 64bytes include extensions)'}, 403
upload_files = UploadSet('photos',IMAGES)
configure_uploads(app, upload_files)
filename = upload_files.save(request.files[upload_type])
splits = []
for item in filename.split('.'):
splits.append(item)
extension = filename.split('.')[len(splits) -1]
f = File(filename=filename, user_id=g.user.id, extension=extension, type=upload_type)
db.session.add(f)
db.session.flush()
db.session.refresh(f)
bkt = Bucket(title=params['title'],
user_id=g.user.id,
level=str(level),
status= params['status'] if 'status' in params else True,
private=params['private'] if 'private' in params else False,
reg_dt=datetime.datetime.now(),
lst_mod_dt=datetime.datetime.now(),
deadline=datetime.datetime.strptime(params['deadline'],'%Y-%m-%d').date() if 'deadline' in params \
else datetime.datetime.now(),
description=params['description'] if 'description' in params else None,
parent_id=params['parent_id'] if 'parent_id' in params else None,
scope=params['scope'] if 'scope' in params else None,
range=params['range'] if 'range' in params else None,
rpt_type=params['rpt_type'] if 'rpt_type' in params else None,
rpt_cndt=params['rpt_cndt'] if 'rpt_cndt' in params else None,
cvr_img_id=f.id if 'photo' in request.files else None)
# cvr_img_id=f.id if 'cvr_img' in params and params['cvr_img'] == 'true' else None)
db.session.add(bkt)
db.session.flush()
db.session.refresh(bkt)
if 'rpt_cndt' in params:
if params['rpt_type'] == 'WKRP' and params['rpt_cndt'][dayOfWeek] == '1':
p.bucket_id = bkt.id
if 'fb_share' in params:
social_user = UserSocial.query.filter_by(user_id=u.id).first()
graph = facebook.GraphAPI(social_user.access_token)
resp = graph.put_object("me","feed",
message= g.user.username + " Posted " + params['title'].encode('utf-8'),
link="http://masunghoon.iptime.org:5001",
picture=photos.url(File.query.filter_by(id=bkt.cvr_img_id).first().name) if 'photo' in request.files else None,
caption="Dream Proj.",
description=None if bkt.description is None else bkt.description.encode('utf-8'),
name=bkt.title.encode('utf-8'),
privacy={'value':params['fb_share'].encode('utf-8')})
bkt.fb_feed_id = resp['id']
db.session.commit()
data={
'id': bkt.id,
'user_id': bkt.user_id,
'title': bkt.title,
'description': bkt.description,
'level': bkt.level,
'status': bkt.status,
'private': bkt.private,
'parent_id': bkt.parent_id,
'reg_dt': bkt.reg_dt.strftime("%Y-%m-%d %H:%M:%S"),
'deadline': bkt.deadline.strftime("%Y-%m-%d"),
'scope': bkt.scope,
'range': bkt.range,
'rpt_type': bkt.rpt_type,
'rpt_cndt': bkt.rpt_cndt,
'lst_mod_dt': None if bkt.lst_mod_dt is None else bkt.lst_mod_dt.strftime("%Y-%m-%d %H:%M:%S"),
'cvr_img_url': None if bkt.cvr_img_id is None else photos.url(File.query.filter_by(id=bkt.cvr_img_id).first().name),
'fb_feed_id':None if bkt.fb_feed_id is None else bkt.fb_feed_id
}
return {'status':'success',
'description':'Bucket posted successfully.',
'data':data}, 201
def put(self, id):
if request.json:
params = request.json
elif request.form:
params = {}
for key in request.form:
params[key] = request.form[key]
else:
return {'status':'error','description':'Request Failed'}, 500
b = Bucket.query.filter_by(id=id).first()
if b.user_id != g.user.id:
return {'status':'error','description':'Unauthorized'}, 401
for key in params:
value = None if params[key]=="" else params[key]
# Editable Fields
if key not in ['title','status','private','deadline','description','parent_id','scope','range','rpt_type','rpt_cndt']:
return {'status':'error','description':'Invalid key: '+key}, 403
# Nobody can modify id, user_id, reg_dt
# if key in ['id','user_id','reg_dt']:
# return {'status':'error','description':'Cannot change '+key}, 403
# Just ROLE_ADMIN user can change 'language', 'level'
if key in ['language','level'] and g.user.role == ROLE_USER:
return {'status':'error','description':'Only Admin can change' + key}, 401
# When modify user's parent_id adjusts its level
if key == 'parent_id':
if value == None:
params['level'] = '0'
else:
pb = Bucket.query.filter_by(id=int(value)).first() # pb = parent bucket
if pb == None:
return {'status':'error','description':'Parent does not exists'}, 400
else:
params['level'] = str(int(pb.level)+1)
# Set other key's validation
if key == 'title' and len(value) > 128:
return {'status':'error','description':'Title length must be under 128'}, 400
if key == 'description' and len(value) > 512:
return {'status':'error','description':'Description too long (512)'}, 400
if key == 'deadline':
value = datetime.datetime.strptime(value,'%Y-%m-%d')
if key == 'scope' and value not in ['DECADE','YEARLY','MONTHLY']:
return {'status':'error','description':'Invalid scope value'}, 400
if key == 'rpt_type' and value not in ['WKRP','WEEK','MNTH']:
return {'status':'error','description':'Invalid repeat-type value'}, 400
if key == 'rpt_cndt':
dayOfWeek = datetime.date.today().weekday()
if b.rpt_type == 'WKRP' and b.rpt_cndt[dayOfWeek] != value[dayOfWeek]:
if value[dayOfWeek] == '1':
p = Plan(date=datetime.date.today().strftime("%Y%m%d"),
user_id=b.user_id,
bucket_id=id,
status=0,
lst_mod_dt=datetime.datetime.now())
db.session.add(p)
else:
p = Plan.query.filter_by(date=datetime.date.today().strftime("%Y%m%d"),bucket_id=id).first()
db.session.delete(p)
setattr(b, key, value)
if 'photo' in request.files:
upload_type = 'photo'
if len(request.files[upload_type].filename) > 64:
return {'status':'error',
'description':'Filename is too long (Max 64bytes include extensions)'}, 403
upload_files = UploadSet('photos',IMAGES)
configure_uploads(app, upload_files)
filename = upload_files.save(request.files[upload_type])
splits = []
for item in filename.split('.'):
splits.append(item)
extension = filename.split('.')[len(splits) -1]
f = File(filename=filename, user_id=g.user.id, extension=extension, type=upload_type)
db.session.add(f)
db.session.flush()
db.session.refresh(f)
setattr(b, 'cvr_img_id', f.id)
b.lst_mod_dt = datetime.datetime.now()
try:
db.session.commit()
except:
db.session.rollback()
return {'error':'Something went wrong'}, 500
data={'id': b.id,
'user_id': b.user_id,
'title': b.title,
'description': b.description,
'level': b.level,
'status': b.status,
'private': b.private,
'parent_id': b.parent_id,
'reg_dt': b.reg_dt.strftime("%Y-%m-%d %H:%M:%S"),
'deadline': b.deadline.strftime("%Y-%m-%d"),
'scope': b.scope,
'range': b.range,
'rpt_type': b.rpt_type,
'rpt_cndt': b.rpt_cndt,
'lst_mod_dt': None if b.lst_mod_dt is None else b.lst_mod_dt.strftime("%Y-%m-%d %H:%M:%S"),
'cvr_img_url': None if b.cvr_img_id is None else photos.url(File.query.filter_by(id=b.cvr_img_id).first().name)}
return {'status':'success',
'description':'Bucket put success.',
'data':data}, 201
def put(self,content_id):
if request.json:
params = request.json
elif request.form:
params = {}
for key in request.form:
params[key] = request.form[key]
else:
return {'status':'error','description':'Request Failed'}, 500
post = Post.query.filter_by(id=content_id).first()
if post.user_id != g.user.id:
return {'status':'error',
'description':'Unauthorized'}, 401
for key in params:
value = None if params[key] == "" else params[key]
# Editable Fields
if key not in ['text','url1','url2','url3']:
return {'status':'error',
'description':key + ' field is not editable'}, 403
# Just ROLE_ADMIN user can change 'language', 'level'
if key in ['language'] and g.user.role == ROLE_USER:
return {'status':'error','description':'Only Admin can change' + key}, 401
# Set Key validataion
# TODO: Make long url to shortened url
if key in ['url1','url2','url3'] and len(value) > 512:
return {'status':'error',
'description': key + ' is too long. (max 256 bytes)'}
setattr(post, key, value)
if 'photo' in request.files:
upload_type = 'photo'
if len(request.files[upload_type].filename) > 64:
return {'status':'error',
'description':'Filename is too long (Max 64bytes include extensions)'}, 403
upload_files = UploadSet('photos',IMAGES)
configure_uploads(app, upload_files)
filename = upload_files.save(request.files[upload_type])
splits = []
for item in filename.split('.'):
splits.append(item)
extension = filename.split('.')[len(splits) -1]
f = File(filename=filename, user_id=g.user.id, extension=extension, type=upload_type)
db.session.add(f)
db.session.flush()
db.session.refresh(f)
setattr(post, 'img_id', f.id)
post.lst_mod_dt = datetime.datetime.now()
try:
db.session.commit()
except:
db.session.rollback()
return {'status':'error',
'description':'DB write error'}, 500
data = {'id':post.id,
'user_id':post.user_id,
'date':post.date,
'bucket_id':post.bucket_id,
'text':None if post.text is None else post.text,
'img_url':None if post.img_id is None else photos.url(File.query.filter_by(id=post.img_id).first().name),
'urls':[{'url1':None if post.url1 is None else post.url1},
{'url2':None if post.url2 is None else post.url2},
{'url3':None if post.url3 is None else post.url3},],
'reg_dt':post.reg_dt.strftime("%Y-%m-%d %H:%M:%S"),
'lst_mod_dt': None if post.lst_mod_dt is None else post.lst_mod_dt.strftime("%Y-%m-%d %H:%M:%S")}
return {'status':'success',
'description':'Post PUT success',
'data':data}, 201
