def view_img(request, user_id, img_id): "view image" user = get_object_or_404(User, id=user_id) img = get_object_or_404(SignatureImg, id=img_id) if not check_access(request, user): return HttpResponseForbidden(_("You are not authorized to access this resource")) return HttpResponse(base64.decodestring(img.image), mimetype=img.content_type)
def view_img(request, user_id, img_id): "view image" user = get_object_or_404(User, id=user_id) img = get_object_or_404(SignatureImg, id=img_id) if not check_access(request, user): return HttpResponseForbidden( _('You are not authorized to access this resource')) return HttpResponse(base64.decodestring(img.image), mimetype=img.content_type)
def filemanager(request, user_id, domain_id=None): "handle file access requests from jquery" def unauthorized(): "return unauthorized" body = anyjson.dumps(dict(success=False, error=_("Not authorized."))) return HttpResponseForbidden(body, mimetype='application/json') if request.user.is_authenticated(): user = User.objects.get(pk=user_id) if user: if not check_access(request, user): unauthorized() action = request.REQUEST.get('action', None) if domain_id: requesturl = reverse('domains-image-manager', args=[domain_id, user_id]) else: requesturl = reverse('accounts-image-manager', args=[user_id]) if action and action == 'auth': body = dict(success=True, data=dict( move=dict(enabled=False, handler=requesturl), rename=dict(enabled=False, handler=requesturl), remove=dict(enabled=True, handler=requesturl), mkdir=dict(enabled=False, handler=requesturl), upload=dict(enabled=True, handler=requesturl + '?action=upload', accept_ext=['gif', 'jpg', 'png']), baseUrl='') ) elif action and action == 'list': imgquery = SignatureImg.objects.filter(owner=user) imgs = {} def builddict(img): imgs[img.name] = reverse('img-view', args=[user_id, img.id]) [builddict(img) for img in imgquery] body = dict(success=True, data=dict( directories={}, files=imgs)) elif action and action == 'upload': if request.method == 'POST': handle = request.FILES['handle'] prevent = False currentsigs = SignatureImg.objects.filter(owner=user).count() profile = UserProfile.objects.filter(user=user)[0] if user.is_superuser: prevent = True elif profile.account_type == 2: domains = UserAddresses.objects.filter(address_type=1, user=user).count() if currentsigs >= domains: prevent = True else: if currentsigs: prevent = True if not prevent: chunk = handle.read() ext = imghdr.what('./xxx', chunk) if ext in ['gif', 'jpg', 'png', 'jpeg']: try: name = request.REQUEST.get('newName') or 'image.%s' % ext name = os.path.basename(name) dbimg = SignatureImg( name = name, image = base64.encodestring(chunk), content_type = handle.content_type, owner = user,) dbimg.save() respond = _('File has been uploaded') except DatabaseError: respond = _('An error occured, try again later') else: respond = _('The uploaded file is not acceptable') chunk = None handle.close() else: respond = _('You already have a signature image, ' 'delete the current image before ' 'uploading a new one') return HttpResponse(respond) elif action and action == 'remove': try: fname = request.REQUEST.get('file', None) SignatureImg.objects.filter(owner=user, name=fname).delete() respond = _('The file has been deleted') success = True except DatabaseError: respond = _('The file could not be deleted') success = False body = dict(success=success, data=respond) else: body = dict(success=False, error=_("Action not supported"), errorno=255) return HttpResponse(anyjson.dumps(body), mimetype='application/json') else: unauthorized()
def filemanager(request, user_id, domain_id=None): "handle file access requests from jquery" def unauthorized(): "return unauthorized" body = anyjson.dumps(dict(success=False, error=_("Not authorized."))) return HttpResponseForbidden(body, mimetype='application/json') if request.user.is_authenticated(): user = User.objects.get(pk=user_id) if user: if not check_access(request, user): unauthorized() action = request.REQUEST.get('action', None) if domain_id: requesturl = reverse('domains-image-manager', args=[domain_id, user_id]) else: requesturl = reverse('accounts-image-manager', args=[user_id]) if action and action == 'auth': body = dict(success=True, data=dict( move=dict(enabled=False, handler=requesturl), rename=dict(enabled=False, handler=requesturl), remove=dict(enabled=True, handler=requesturl), mkdir=dict(enabled=False, handler=requesturl), upload=dict(enabled=True, handler=requesturl + '?action=upload', accept_ext=['gif', 'jpg', 'png']), baseUrl='')) elif action and action == 'list': imgquery = SignatureImg.objects.filter(owner=user) imgs = {} def builddict(img): imgs[img.name] = reverse('img-view', args=[user_id, img.id]) [builddict(img) for img in imgquery] body = dict(success=True, data=dict(directories={}, files=imgs)) elif action and action == 'upload': if request.method == 'POST': handle = request.FILES['handle'] prevent = False currentsigs = SignatureImg.objects.filter( owner=user).count() profile = UserProfile.objects.filter(user=user)[0] if user.is_superuser: prevent = True elif profile.account_type == 2: domains = UserAddresses.objects.filter( address_type=1, user=user).count() if currentsigs >= domains: prevent = True else: if currentsigs: prevent = True if not prevent: chunk = handle.read() ext = imghdr.what('./xxx', chunk) if ext in ['gif', 'jpg', 'png', 'jpeg']: try: name = request.REQUEST.get( 'newName') or 'image.%s' % ext name = os.path.basename(name) dbimg = SignatureImg( name=name, image=base64.encodestring(chunk), content_type=handle.content_type, owner=user, ) dbimg.save() respond = _('File has been uploaded') except DatabaseError: respond = _( 'An error occured, try again later') else: respond = _('The uploaded file is not acceptable') chunk = None handle.close() else: respond = _('You already have a signature image, ' 'delete the current image before ' 'uploading a new one') return HttpResponse(respond) elif action and action == 'remove': try: fname = request.REQUEST.get('file', None) SignatureImg.objects.filter(owner=user, name=fname).delete() respond = _('The file has been deleted') success = True except DatabaseError: respond = _('The file could not be deleted') success = False body = dict(success=success, data=respond) else: body = dict(success=False, error=_("Action not supported"), errorno=255) return HttpResponse(anyjson.dumps(body), mimetype='application/json') else: unauthorized()
def filemanager(request, user_id, domain_id=None): "handle file access requests from jquery" def unauthorized(): "return unauthorized" body = anyjson.dumps(dict(success=False, error=_("Not authorized."))) return HttpResponseForbidden(body, mimetype="application/json") if request.user.is_authenticated(): user = User.objects.get(pk=user_id) if user: if not check_access(request, user): unauthorized() action = request.REQUEST.get("action", None) if domain_id: requesturl = reverse("domains-image-manager", args=[domain_id, user_id]) else: requesturl = reverse("accounts-image-manager", args=[user_id]) if action and action == "auth": body = dict( success=True, data=dict( move=dict(enabled=False, handler=requesturl), rename=dict(enabled=False, handler=requesturl), remove=dict(enabled=True, handler=requesturl), mkdir=dict(enabled=False, handler=requesturl), upload=dict( enabled=True, handler=requesturl + "?action=upload", accept_ext=["gif", "jpg", "png"] ), baseUrl="", ), ) elif action and action == "list": imgquery = SignatureImg.objects.filter(owner=user) imgs = {} def builddict(img): imgs[img.name] = reverse("img-view", args=[user_id, img.id]) [builddict(img) for img in imgquery] body = dict(success=True, data=dict(directories={}, files=imgs)) elif action and action == "upload": if request.method == "POST": handle = request.FILES["handle"] prevent = False currentsigs = SignatureImg.objects.filter(owner=user).count() profile = UserProfile.objects.filter(user=user)[0] if user.is_superuser: prevent = True elif profile.account_type == 2: domains = UserAddresses.objects.filter(address_type=1, user=user).count() if currentsigs >= domains: prevent = True else: if currentsigs: prevent = True if not prevent: chunk = handle.read() ext = imghdr.what("./xxx", chunk) if ext in ["gif", "jpg", "png", "jpeg"]: try: name = request.REQUEST.get("newName") or "image.%s" % ext name = os.path.basename(name) dbimg = SignatureImg( name=name, image=base64.encodestring(chunk), content_type=handle.content_type, owner=user, ) dbimg.save() respond = _("File has been uploaded") except DatabaseError: respond = _("An error occured, try again later") else: respond = _("The uploaded file is not acceptable") chunk = None handle.close() else: respond = _( "You already have a signature image, " "delete the current image before " "uploading a new one" ) return HttpResponse(respond) elif action and action == "remove": try: fname = request.REQUEST.get("file", None) SignatureImg.objects.filter(owner=user, name=fname).delete() respond = _("The file has been deleted") success = True except DatabaseError: respond = _("The file could not be deleted") success = False body = dict(success=success, data=respond) else: body = dict(success=False, error=_("Action not supported"), errorno=255) return HttpResponse(anyjson.dumps(body), mimetype="application/json") else: unauthorized()