def on_post(self, req, resp):
try:
userinfo = req.context['user']
if not userinfo.is_logged_in():
resp.status = falcon.HTTP_400
return
user = session.query(model.User).filter(model.User.id == userinfo.get_id()).first()
files = multipart.MultiDict()
content_type, options = multipart.parse_options_header(req.content_type)
boundary = options.get('boundary','')
if not boundary:
raise multipart.MultipartError("No boundary for multipart/form-data.")
for part in multipart.MultipartParser(req.stream, boundary, req.content_length):
files[part.name] = part
file = files.get('file')
user_id = req.context['user'].get_id()
tmpfile = tempfile.NamedTemporaryFile(delete = False)
file.save_as(tmpfile.name)
mime = magic.Magic(mime=True).from_file(tmpfile.name)
if mime not in ALLOWED_MIME_TYPES:
resp.status = falcon.HTTP_400
return
if not os.path.isdir(UPLOAD_DIR):
try:
os.makedirs(UPLOAD_DIR)
except OSError:
print 'Unable to create directory for profile pictures'
resp.status = falcon.HTTP_500
return
new_picture = os.path.join(UPLOAD_DIR, 'user_%d.%s' % (user_id, ALLOWED_MIME_TYPES[mime]))
self._crop(tmpfile.name, new_picture)
try:
os.remove(tmpfile.name)
except OSError:
print 'Unable to remove temporary file %s' % tmpfile.name
user.profile_picture = new_picture
session.add(user)
session.commit()
except SQLAlchemyError:
session.rollback()
raise
finally:
session.close()
async def handle(self, body):
ctype = dict(self.scope['headers'])[b'content-type']
_, options = parse_options_header(ctype.decode())
mp = MultipartParser(BytesIO(body), options['boundary'])
content = ''
for part in mp.parts():
if part.filename:
content = part.value
await self.send_response(200,
b'%d' % len(content),
headers=[
('Content-Type',
'text/plain; charset=utf-8'),
])
def _do_parse_payload(self, request):
env = request.env
# Parse Content-Type header
c_type_hdr = env.get('CONTENT_TYPE', '')
c_type, options = multipart.parse_options_header(c_type_hdr)
# Content-Length
c_len = int(env.get('CONTENT_LENGTH', '-1'))
# wsgi.input
# Using ``or`` here prevents unnecessary instantiations if the get
# operation is to succeed, which is almost always the case.
stream = env.get('wsgi.input', None) or BytesIO()
# Check mimetype of payload against configuration.
if c_type in self._acceptable_post_mimes:
return _FORM_CONTENT_HANDLERS[c_type](stream, c_len, options)
return None, None
def on_post(self, req, resp):
user = req.context['user']
if (not user.is_logged_in()) or (not user.is_org()):
req.context['result'] = { 'errors': [ { 'status': '401', 'title': 'Unauthorized', 'detail': u'Upravovat content může pouze organizátor.' } ] }
resp.status = falcon.HTTP_400
return
if req.get_param('path'):
shortPath = req.get_param('path').replace('..', '')
else:
shortPath = "."
dirPath = 'data/content/' + shortPath
if not req.content_length:
resp.status = falcon.HTTP_411
return
if req.content_length > util.config.MAX_UPLOAD_FILE_SIZE:
resp.status = falcon.HTTP_413
return
files = multipart.MultiDict()
content_type, options = multipart.parse_options_header(req.content_type)
boundary = options.get('boundary', '')
if not boundary:
raise multipart.MultipartError("No boundary for multipart/form-data.")
try:
if not os.path.isdir(dirPath): os.makedirs(dirPath)
for part in multipart.MultipartParser(req.stream, boundary, req.content_length, 2**30, 2**20, 2**18, 2**16, 'utf-8'):
path = '%s/%s' % (dirPath, part.filename)
part.save_as(path)
except:
resp.status = falcon.HTTP_500
raise
req.context['result'] = {}
resp.status = falcon.HTTP_200
def file_add():
user = users.get_current_user()
if not user:
redirect(users.create_login_url(request.url))
response.headers['Content-Type'] = 'text/html; charset=utf-8'
url_id = request.forms.get('url_id')
application = ndb.Key(urlsafe=url_id).get()
if application.author != user and not users.is_current_user_admin():
redirect('/')
try:
upload = request.files["upload"]
blob_data = parse_options_header(upload.content_type)[1]
blob_key = blob_data["blob-key"]
if application.test_blob:
application.test_blob.append(blob_key)
else:
application.test_blob = [blob_key]
application.put()
except:
pass
redirect('/view/%s' % url_id)
def decode_multipart(o, content_type, **kwargs):
har = []
try:
if isinstance(o, six.string_types):
import multipart
content_type, options = multipart.parse_options_header(
content_type)
assert content_type == 'multipart/form-data'
stream = six.BytesIO(o)
boundary = six.binary_type(options.get('boundary'))
assert boundary
for part in multipart.MultipartParser(stream, boundary, len(o),
**kwargs):
if part.filename or not part.is_buffered():
param = {'name': part.name, 'value': part.value,
'filename': part.filename}
else: # TODO: Big form-fields are in the files dict. really?
param = {'name': part.name, 'value': part.value}
har.append(param)
except Exception as err:
print(repr(err))
return har
def _upload_files(self, req, module, user_id, resp):
# Soubory bez specifikace delky neberem.
if not req.content_length:
resp.status = falcon.HTTP_411
req.context['result'] = {
'result': 'error',
'error': 'Nelze nahrát neukončený stream.'
}
return
# Prilis velke soubory neberem.
if req.content_length > util.config.MAX_UPLOAD_FILE_SIZE:
resp.status = falcon.HTTP_413
req.context['result'] = {
'result': 'error',
'error': 'Maximální velikost dávky je 20 MB.'
}
return
# Pokud uz existuji odevzdane soubory, nevytvarime nove
# evaluation, pouze pripojujeme k j*z existujicimu
try:
existing = util.module.existing_evaluation(module.id, user_id)
if len(existing) > 0:
evaluation = session.query(model.Evaluation).get(existing[0])
evaluation.time = datetime.datetime.utcnow()
report = evaluation.full_report
else:
report = (str(datetime.datetime.now()) +
' : === Uploading files for module id \'%s\' for '
'task id \'%s\' ===\n' % (module.id, module.task))
evaluation = model.Evaluation(user=user_id, module=module.id,
ok=True)
session.add(evaluation)
session.commit()
# Lze uploadovat jen omezeny pocet souboru.
file_cnt = session.query(model.SubmittedFile).\
filter(model.SubmittedFile.evaluation ==
evaluation.id).count()
if file_cnt > util.config.MAX_UPLOAD_FILE_COUNT:
resp.status = falcon.HTTP_400
req.context['result'] = {
'result': 'error',
'error': 'K řešení lze nahrát nejvýše 20 souborů.'
}
return
except SQLAlchemyError:
session.rollback()
raise
dir = util.module.submission_dir(module.id, user_id)
try:
os.makedirs(dir)
except OSError:
pass
if not os.path.isdir(dir):
resp.status = falcon.HTTP_400
req.context['result'] = {
'result': 'error',
'error': 'Chyba 42, kontaktuj orga.'
}
return
files = multipart.MultiDict()
content_type, options = multipart.parse_options_header(
req.content_type)
boundary = options.get('boundary', '')
if not boundary:
raise multipart.MultipartError(
"No boundary for multipart/form-data.")
for part in multipart.MultipartParser(req.stream, boundary,
req.content_length, 2**30, 2**20,
2**18, 2**16, 'utf-8'):
path = '%s/%s' % (dir, part.filename)
part.save_as(path)
mime = magic.Magic(mime=True).from_file(path)
report += (str(datetime.datetime.now()) +
' : [y] uploaded file: \'%s\' (mime: %s) to '
'file %s\n' % (part.filename, mime, path))
# Pokud je tento soubor j*z v databazi, zaznam znovu nepridavame
try:
file_in_db = session.query(model.SubmittedFile).\
filter(model.SubmittedFile.evaluation == evaluation.id).\
filter(model.SubmittedFile.path == path).scalar()
if file_in_db is None:
submitted_file = model.SubmittedFile(
evaluation=evaluation.id,
mime=mime,
path=path)
session.add(submitted_file)
except SQLAlchemyError:
session.rollback()
raise
evaluation.full_report = report
try:
session.add(evaluation)
session.commit()
except SQLAlchemyError:
session.rollback()
raise
finally:
session.close()
req.context['result'] = {'result': 'ok'}
def _upload_files(self, req, module, user_id, resp):
# Soubory bez specifikace delky neberem.
if not req.content_length:
resp.status = falcon.HTTP_411
req.context['result'] = { 'result': 'error', 'error': 'Nelze nahrát neukončený stream.' }
return
# Prilis velke soubory neberem.
if req.content_length > util.config.MAX_UPLOAD_FILE_SIZE:
resp.status = falcon.HTTP_413
req.context['result'] = { 'result': 'error', 'error': 'Maximální velikost dávky je 20 MB.' }
return
# Pokud uz existuji odevzdane soubory, nevytvarime nove
# evaluation, pouze pripojujeme k j*z existujicimu
try:
existing = util.module.existing_evaluation(module.id, user_id)
if len(existing) > 0:
evaluation = session.query(model.Evaluation).get(existing[0])
evaluation.time = datetime.datetime.utcnow()
report = evaluation.full_report
else:
report = str(datetime.datetime.now()) + ' : === Uploading files for module id \'%s\' for task id \'%s\' ===\n' % (module.id, module.task)
evaluation = model.Evaluation(user=user_id, module=module.id, ok=True)
session.add(evaluation)
session.commit()
# Lze uploadovat jen omezeny pocet souboru.
file_cnt = session.query(model.SubmittedFile).\
filter(model.SubmittedFile.evaluation == evaluation.id).count()
if file_cnt > util.config.MAX_UPLOAD_FILE_COUNT:
resp.status = falcon.HTTP_400
req.context['result'] = { 'result': 'error', 'error': 'K řešení lze nahrát nejvýše 20 souborů.' }
return
except SQLAlchemyError:
session.rollback()
raise
dir = util.module.submission_dir(module.id, user_id)
try:
os.makedirs(dir)
except OSError:
pass
if not os.path.isdir(dir):
resp.status = falcon.HTTP_400
req.context['result'] = { 'result': 'error', 'error': 'Chyba 42, kontaktuj orga.' }
return
files = multipart.MultiDict()
content_type, options = multipart.parse_options_header(req.content_type)
boundary = options.get('boundary', '')
if not boundary:
raise multipart.MultipartError("No boundary for multipart/form-data.")
for part in multipart.MultipartParser(req.stream, boundary, req.content_length, 2**30, 2**20, 2**18, 2**16, 'utf-8'):
path = '%s/%s' % (dir, part.filename)
part.save_as(path)
mime = magic.Magic(mime=True).from_file(path)
report += str(datetime.datetime.now()) + ' : [y] uploaded file: \'%s\' (mime: %s) to file %s\n' % (part.filename, mime, path)
# Pokud je tento soubor j*z v databazi, zaznam znovu nepridavame
try:
file_in_db = session.query(model.SubmittedFile).\
filter(model.SubmittedFile.evaluation == evaluation.id).\
filter(model.SubmittedFile.path == path).scalar()
if file_in_db is None:
submitted_file = model.SubmittedFile(evaluation=evaluation.id, mime=mime, path=path)
session.add(submitted_file)
except SQLAlchemyError:
session.rollback()
raise
evaluation.full_report = report
try:
session.add(evaluation)
session.commit()
except SQLAlchemyError:
session.rollback()
raise
finally:
session.close()
req.context['result'] = { 'result': 'correct' }
def on_post(self, req, resp):
try:
userinfo = req.context['user']
if not userinfo.is_logged_in():
resp.status = falcon.HTTP_400
return
user = session.query(model.User).\
filter(model.User.id == userinfo.get_id()).\
first()
files = multipart.MultiDict()
content_type, options = multipart.parse_options_header(
req.content_type
)
boundary = options.get('boundary', '')
if not boundary:
raise multipart.MultipartError("No boundary for "
"multipart/form-data.")
for part in multipart.MultipartParser(req.stream, boundary,
req.content_length):
files[part.name] = part
file = files.get('file')
user_id = req.context['user'].get_id()
tmpfile = tempfile.NamedTemporaryFile(delete=False)
file.save_as(tmpfile.name)
mime = magic.Magic(mime=True).from_file(tmpfile.name)
if mime not in ALLOWED_MIME_TYPES:
resp.status = falcon.HTTP_400
return
if not os.path.isdir(UPLOAD_DIR):
try:
os.makedirs(UPLOAD_DIR)
except OSError:
print('Unable to create directory for profile pictures')
resp.status = falcon.HTTP_500
return
new_picture = os.path.join(UPLOAD_DIR, 'user_%d.%s' % (
user_id, ALLOWED_MIME_TYPES[mime]
))
self._crop(tmpfile.name, new_picture)
try:
os.remove(tmpfile.name)
except OSError:
print('Unable to remove temporary file %s' % tmpfile.name)
user.profile_picture = new_picture
session.commit()
req.context['result'] = {}
except SQLAlchemyError:
session.rollback()
raise
finally:
session.close()
def edit_post():
user = users.get_current_user()
if not user:
redirect(users.create_login_url(request.url))
response.headers['Content-Type'] = 'text/html; charset=utf-8'
url_id = request.forms.get('url_id')
#return url_id
application = ndb.Key(urlsafe=url_id).get()
if application.author != user and not users.is_current_user_admin() :
redirect('/')
application.content = decode_field(request.forms.get('content'))
application.author_fn = decode_field(request.forms.get('author_fn'))
application.author_phone = request.forms.get('author_phone')
#application.author_bdate = datetime.strptime(request.forms.get('author_bdate'), '%d-%m-%Y')
#application.author_mail = request.forms.get('author_mail')
application.author_contacts = decode_field(request.forms.get('author_contacts'))
application.app_type = request.forms.get('app_type').decode('utf-8')
application.app_title = decode_field(request.forms.get('app_title'))
application.app_origin = decode_field(request.forms.get('app_origin'))
application.city = decode_field(request.forms.get('city'))
application.timing = request.forms.get('timing')
if users.is_current_user_admin():
application.app_status = request.forms.get('app_status')
#return application.app_title
try:
upload = request.files["upload"]
blob_data = parse_options_header(upload.content_type)[1]
blob_key = blob_data["blob-key"]
if application.test_blob:
application.test_blob.append(blob_key)
else:
application.test_blob = [blob_key]
except:
pass
try:
rehersal = decode_field(request.forms.get('rehersal'))
except:
rehersal = None
if rehersal:
match = re.search(r"(?:youtube\.com\/\S*(?:(?:\/e(?:mbed))?\/|watch\?(?:\S*?&?v\=))|youtu\.be\/)([a-zA-Z0-9_-]{6,11})", rehersal)
if match:
rehersal = match.group(1)
if application.rehersals and rehersal:
application.rehersals.append(rehersal)
elif rehersal and not application.rehersals:
application.rehersals = [rehersal]
participants_list = []
for i in range(10):
fullname = request.forms.get("participant_fn_%d" % i)
nickname = request.forms.get("participant_nickname_%d" % i)
age = request.forms.get("participant_age_%d" % i)
fullname = decode_field(fullname)
nickname = decode_field(nickname)
delete = request.forms.get("participant_delete_%d" % i)
#participants_list.append([fullname, nickname, age, "participant_fn_%d" % i])
if fullname and nickname and age and not delete:
try:
participants_list.append(Participant(participant_fn=fullname,
participant_nickname=nickname,
participant_age=int(age) )
)
except:
redirect("/error")
#print participants_list
application.participants = participants_list
comment = Comments(parent=comments_key)
comment_body = request.forms.get('comment')
if comment_body:
comment.comment = decode_field(comment_body)
comment.author = user
comment.application = url_id
comment.put()
application.put()
#return "success"
#return application
referer = request.headers.get('Referer')
return_page = request.query.get('return_page')
if return_page:
redirect('/%s' % return_page)
elif referer:
redirect(referer)
else:
redirect('/')
