def process_attachment(attachment): """will save a single attachment and return link to file in the markdown format and the file storage object """ file_storage, file_name, file_url = store_file(attachment) markdown_link = '[%s](%s) ' % (attachment.name, file_url) file_extension = os.path.splitext(attachment.name)[1] #todo: this is a hack - use content type if file_extension.lower() in ('.png', '.jpg', '.jpeg', '.gif'): markdown_link = '!' + markdown_link return markdown_link, file_storage
def upload(request): # ajax upload file to a question or answer """view that handles file upload via Ajax """ # check upload permission result = '' error = '' new_file_name = '' try: #may raise exceptions.PermissionDenied if request.user.is_anonymous(): msg = _('Sorry, anonymous users cannot upload files') raise exceptions.PermissionDenied(msg) request.user.assert_can_upload_file() #todo: build proper form validation file_name_prefix = request.POST.get('file_name_prefix', '') if file_name_prefix not in ('', 'organization_logo_'): raise exceptions.PermissionDenied('invalid upload file name prefix') #todo: check file type f = request.FILES['file-upload'] # take first file #todo: extension checking should be replaced with mimetype checking #and this must be part of the form validation file_extension = os.path.splitext(f.name)[1].lower() if not file_extension in settings.OPENODE_ALLOWED_UPLOAD_FILE_TYPES: file_types = "', '".join(settings.OPENODE_ALLOWED_UPLOAD_FILE_TYPES) msg = _("allowed file types are '%(file_types)s'") % \ {'file_types': file_types} raise exceptions.PermissionDenied(msg) # generate new file name and storage object file_storage, new_file_name, file_url = store_file( f, file_name_prefix ) # create document to document storage document = Document.objects.create( author=request.user, ) dr = document.revisions.create( author=request.user, file_data=f, original_filename=new_file_name.replace(file_extension, ""), suffix=file_extension.replace(".", ""), filename_slug=sanitize_file_name(new_file_name), ) file_url = dr.file_data.url file_storage.delete(new_file_name) # # check file size # # byte # size = file_storage.size(new_file_name) # if size > settings.OPENODE_MAX_UPLOAD_FILE_SIZE: # file_storage.delete(new_file_name) # msg = _("maximum upload file size is %(file_size)sK") % \ # {'file_size': settings.OPENODE_MAX_UPLOAD_FILE_SIZE} # raise exceptions.PermissionDenied(msg) except exceptions.PermissionDenied, e: error = unicode(e)