# itself)
celery_setup_elsewhere = boolean(default=False)
+# Whether or not users are able to upload files of any filetype with
+# their media entries -- This is useful if you want to provide the
+# source files for a media file but can also be a HUGE security risk.
+allow_attachments = boolean(default=False)
+
[celery]
# known booleans
celery_result_persistent = boolean()
tags = wtforms.TextField(
'Tags',
[tag_length_validator])
+ attachment_name = wtforms.TextField(
+ 'Attachment title')
+ attachment_delete = wtforms.BooleanField(
+ 'Delete attachment')
class EditProfileForm(wtforms.Form):
bio = wtforms.TextAreaField('Bio',
if not may_edit_media(request, media):
return exc.HTTPForbidden()
- form = forms.EditForm(request.POST,
+
+ defaults = dict(
title = media['title'],
slug = media['slug'],
description = media['description'],
tags = media_tags_as_string(media['tags']))
+ if len(media['attachment_files']):
+ defaults['attachment_name'] = media['attachment_files'][0]['name']
+
+
+ form = forms.EditForm(
+ request.POST,
+ **defaults)
+
if request.method == 'POST' and form.validate():
# Make sure there isn't already a MediaEntry with such a slug
# and userid.
media['description_html'] = cleaned_markdown_conversion(
media['description'])
+ if 'attachment_name' in request.POST:
+ media['attachment_files'][0]['name'] = request.POST['attachment_name']
+
+ if 'attachment_delete' in request.POST and 'y' == request.POST['attachment_delete']:
+ del media['attachment_files'][0]
+
media['slug'] = request.POST['slug']
media.save()
tags = wtforms.TextField(
'Tags',
[tag_length_validator])
+ attachment = wtforms.FileField(
+ 'Attachment',
+ [wtforms.validators.Optional()])
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import mediagoblin.mg_globals as mg_globals
+from datetime import datetime
+
from os.path import splitext
from cgi import FieldStorage
from string import split
# Generate a slug from the title
entry.generate_slug()
+ # Add any attachements
+ if (mg_globals.app_config['allow_attachments']
+ and request.POST.has_key('attachment')
+ and isinstance(request.POST['attachment'], FieldStorage)
+ and request.POST['attachment'].file):
+
+ attachment_public_filepath = mg_globals.public_store.get_unique_filepath(
+ ['media_entries',
+ unicode('attachment-%s' % entry['_id']),
+ secure_filename(request.POST['attachment'].filename)])
+
+ attachment_public_file = mg_globals.public_store.get_file(
+ attachment_public_filepath, 'wb')
+
+ try:
+ attachment_public_file.write(request.POST['attachment'].file.read())
+ finally:
+ request.POST['attachment'].file.close()
+
+ entry['attachment_files'] = [dict(
+ name=request.POST['attachment'].filename,
+ filepath=attachment_public_filepath,
+ created=datetime.utcnow()
+ )]
+
# Now store generate the queueing related filename
queue_filepath = request.app.queue_store.get_unique_filepath(
['media_entries',
return render_to_response(
request,
'mediagoblin/submit/start.html',
- {'submit_form': submit_form})
+ {'submit_form': submit_form,
+ 'app_config': mg_globals.app_config})
<img src="{{ request.app.public_store.file_url(
media['media_files']['thumb']) }}" />
</div>
- {{ wtforms_util.render_divs(form) }}
+ {{ wtforms_util.render_field_div(form.title) }}
+ {{ wtforms_util.render_field_div(form.slug) }}
+ {{ wtforms_util.render_field_div(form.description) }}
+ {{ wtforms_util.render_field_div(form.tags) }}
+ {% if media.attachment_files %}
+ {{ wtforms_util.render_field_div(form.attachment_name) }}
+ {{ wtforms_util.render_field_div(form.attachment_delete) }}
+ {% endif %}
<div class="form_submit_buttons">
<a href="{{ media.url_for_self(request.urlgen) }}">Cancel</a>
<input type="submit" value="Save changes" class="button" />
{{ wtforms_util.render_field_div(submit_form.title) }}
{{ wtforms_util.render_textarea_div(submit_form.description) }}
{{ wtforms_util.render_field_div(submit_form.tags) }}
+ {% if app_config.allow_attachments %}
+ {{ wtforms_util.render_field_div(submit_form.attachment) }}
+ {% endif %}
<div class="form_submit_buttons">
<input type="submit" value="Submit" class="button" />
</div>
{% include "mediagoblin/utils/prev_next.html" %}
<h3>Sidebar content here!</h3>
+ {% if media.attachment_files %}
+ <dl>
+ <dd>Attachments</dd>
+ {% for attachment in media.attachment_files %}
+ <dt>
+ <a href="{{ request.app.public_store.file_url(
+ attachment.filepath) }}">
+ {{ attachment.name }}
+ </a>
+ </dt>
+ {% endfor %}
+ </dl>
+ {% endif %}
+
<p>
{% if media['uploader'] == request.user['_id'] or
request.user['is_admin'] %}
projects / mediagoblin.git / commitdiff