def post(self): job_id = g.token['job']['id'] project_id = g.token['project']['id'] r = g.db.execute_one( """ SELECT count(*) FROM job_badge WHERE job_id = %s """, (job_id, )) if r[0] > 0: abort(403, "Forbidden") if len(request.files) > 10: abort(400, "Too many uploads") path = '/tmp/%s.json' % uuid.uuid4() @after_this_request def _remove_file(response): delete_file(path) return response for _, f in request.files.iteritems(): if not allowed_file(f.filename, ("json", )): abort(400, "Filetype not allowed") f.save(path) # check file size if os.path.getsize(path) > 4 * 1024: abort(400, "File too big") # Parse it try: with open(path, 'r') as md: data = json.load(md) validate_badge(data) except ValidationError as e: abort(400, e.message) except: abort(400, "Failed to parse json") subject = data['subject'] status = data['status'] color = data['color'] g.db.execute( """INSERT INTO job_badge (job_id, subject, status, color, project_id) VALUES (%s, %s, %s, %s, %s)""", (job_id, subject, status, color, project_id)) g.db.commit() return jsonify({})
def upload_badge(): token = validate_token() if not token: return "Forbidden", 403 job_id = token['job']['id'] project_id = token['project']['id'] r = execute_one( """ SELECT count(*) FROM job_badge WHERE job_id = %s """, (job_id, )) if r[0] > 0: return "Forbidden", 403 if len(request.files) > 10: return "Too many uploads", 400 for _, f in request.files.iteritems(): if not allowed_file(f.filename, ("json", )): return "Filetype not allowed", 400 path = '/tmp/data.json' f.save(path) # check file size if os.path.getsize(path) > 4 * 1024: return "File too big", 400 # Parse it try: with open(path, 'r') as md: data = json.load(md) validate_badge(data) except ValidationError as e: return e.message, 400 except: return "Failed to parse json", 400 subject = data['subject'] status = data['status'] color = data['color'] cursor = conn.cursor() cursor.execute( """INSERT INTO job_badge (job_id, subject, status, color, project_id) VALUES (%s, %s, %s, %s, %s)""", (job_id, subject, status, color, project_id)) cursor.close() conn.commit() return ""