From 2c4374938f05782cd8aceb789098f787d04adc51 Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Fri, 5 Aug 2011 22:08:29 +0200 Subject: [PATCH] Feature #482 - Media attachments --- mediagoblin/config_spec.ini | 5 +++ mediagoblin/edit/forms.py | 4 +++ mediagoblin/edit/views.py | 17 +++++++++- mediagoblin/submit/forms.py | 3 ++ mediagoblin/submit/views.py | 32 ++++++++++++++++++- .../templates/mediagoblin/edit/edit.html | 9 +++++- .../templates/mediagoblin/submit/start.html | 3 ++ .../mediagoblin/user_pages/media.html | 14 ++++++++ 8 files changed, 84 insertions(+), 3 deletions(-) diff --git a/mediagoblin/config_spec.ini b/mediagoblin/config_spec.ini index bbc1f7d6..a82541b6 100644 --- a/mediagoblin/config_spec.ini +++ b/mediagoblin/config_spec.ini @@ -37,6 +37,11 @@ local_templates = string() # itself) celery_setup_elsewhere = boolean(default=False) +# Whether or not users are able to upload files of any filetype with +# their media entries -- This is useful if you want to provide the +# source files for a media file but can also be a HUGE security risk. +allow_attachments = boolean(default=False) + [celery] # known booleans celery_result_persistent = boolean() diff --git a/mediagoblin/edit/forms.py b/mediagoblin/edit/forms.py index a1783a72..37e2349c 100644 --- a/mediagoblin/edit/forms.py +++ b/mediagoblin/edit/forms.py @@ -30,6 +30,10 @@ class EditForm(wtforms.Form): tags = wtforms.TextField( 'Tags', [tag_length_validator]) + attachment_name = wtforms.TextField( + 'Attachment title') + attachment_delete = wtforms.BooleanField( + 'Delete attachment') class EditProfileForm(wtforms.Form): bio = wtforms.TextAreaField('Bio', diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index 5cbaadb5..09aee48b 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -34,12 +34,21 @@ def edit_media(request, media): if not may_edit_media(request, media): return exc.HTTPForbidden() - form = forms.EditForm(request.POST, + + defaults = dict( title = media['title'], slug = media['slug'], description = media['description'], tags = media_tags_as_string(media['tags'])) + if len(media['attachment_files']): + defaults['attachment_name'] = media['attachment_files'][0]['name'] + + + form = forms.EditForm( + request.POST, + **defaults) + if request.method == 'POST' and form.validate(): # Make sure there isn't already a MediaEntry with such a slug # and userid. @@ -60,6 +69,12 @@ def edit_media(request, media): media['description_html'] = cleaned_markdown_conversion( media['description']) + if 'attachment_name' in request.POST: + media['attachment_files'][0]['name'] = request.POST['attachment_name'] + + if 'attachment_delete' in request.POST and 'y' == request.POST['attachment_delete']: + del media['attachment_files'][0] + media['slug'] = request.POST['slug'] media.save() diff --git a/mediagoblin/submit/forms.py b/mediagoblin/submit/forms.py index f02c95a6..9b35a8c3 100644 --- a/mediagoblin/submit/forms.py +++ b/mediagoblin/submit/forms.py @@ -28,3 +28,6 @@ class SubmitStartForm(wtforms.Form): tags = wtforms.TextField( 'Tags', [tag_length_validator]) + attachment = wtforms.FileField( + 'Attachment', + [wtforms.validators.Optional()]) diff --git a/mediagoblin/submit/views.py b/mediagoblin/submit/views.py index 87e57dda..213b2494 100644 --- a/mediagoblin/submit/views.py +++ b/mediagoblin/submit/views.py @@ -14,6 +14,10 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . + +import mediagoblin.mg_globals as mg_globals +from datetime import datetime + from os.path import splitext from cgi import FieldStorage from string import split @@ -72,6 +76,31 @@ def submit_start(request): # Generate a slug from the title entry.generate_slug() + # Add any attachements + if (mg_globals.app_config['allow_attachments'] + and request.POST.has_key('attachment') + and isinstance(request.POST['attachment'], FieldStorage) + and request.POST['attachment'].file): + + attachment_public_filepath = mg_globals.public_store.get_unique_filepath( + ['media_entries', + unicode('attachment-%s' % entry['_id']), + secure_filename(request.POST['attachment'].filename)]) + + attachment_public_file = mg_globals.public_store.get_file( + attachment_public_filepath, 'wb') + + try: + attachment_public_file.write(request.POST['attachment'].file.read()) + finally: + request.POST['attachment'].file.close() + + entry['attachment_files'] = [dict( + name=request.POST['attachment'].filename, + filepath=attachment_public_filepath, + created=datetime.utcnow() + )] + # Now store generate the queueing related filename queue_filepath = request.app.queue_store.get_unique_filepath( ['media_entries', @@ -100,4 +129,5 @@ def submit_start(request): return render_to_response( request, 'mediagoblin/submit/start.html', - {'submit_form': submit_form}) + {'submit_form': submit_form, + 'app_config': mg_globals.app_config}) diff --git a/mediagoblin/templates/mediagoblin/edit/edit.html b/mediagoblin/templates/mediagoblin/edit/edit.html index d19034cb..c834918e 100644 --- a/mediagoblin/templates/mediagoblin/edit/edit.html +++ b/mediagoblin/templates/mediagoblin/edit/edit.html @@ -31,7 +31,14 @@ - {{ wtforms_util.render_divs(form) }} + {{ wtforms_util.render_field_div(form.title) }} + {{ wtforms_util.render_field_div(form.slug) }} + {{ wtforms_util.render_field_div(form.description) }} + {{ wtforms_util.render_field_div(form.tags) }} + {% if media.attachment_files %} + {{ wtforms_util.render_field_div(form.attachment_name) }} + {{ wtforms_util.render_field_div(form.attachment_delete) }} + {% endif %}
Cancel diff --git a/mediagoblin/templates/mediagoblin/submit/start.html b/mediagoblin/templates/mediagoblin/submit/start.html index 6d00510c..42bbf724 100644 --- a/mediagoblin/templates/mediagoblin/submit/start.html +++ b/mediagoblin/templates/mediagoblin/submit/start.html @@ -28,6 +28,9 @@ {{ wtforms_util.render_field_div(submit_form.title) }} {{ wtforms_util.render_textarea_div(submit_form.description) }} {{ wtforms_util.render_field_div(submit_form.tags) }} + {% if app_config.allow_attachments %} + {{ wtforms_util.render_field_div(submit_form.attachment) }} + {% endif %}
diff --git a/mediagoblin/templates/mediagoblin/user_pages/media.html b/mediagoblin/templates/mediagoblin/user_pages/media.html index a1382518..cc4c3350 100644 --- a/mediagoblin/templates/mediagoblin/user_pages/media.html +++ b/mediagoblin/templates/mediagoblin/user_pages/media.html @@ -105,6 +105,20 @@ {% include "mediagoblin/utils/prev_next.html" %}

Sidebar content here!

+ {% if media.attachment_files %} +
+
Attachments
+ {% for attachment in media.attachment_files %} +
+ + {{ attachment.name }} + +
+ {% endfor %} +
+ {% endif %} +

{% if media['uploader'] == request.user['_id'] or request.user['is_admin'] %} -- 2.25.1