Changeset 7123 for main/waeup.sirp/trunk


Ignore:
Timestamp:
17 Nov 2011, 07:42:42 (13 years ago)
Author:
Henrik Bettermann
Message:

Allow upload of files with various extensions as defined in ALLOWED_FILE_EXTENSIONS. Check file extension in handle_file_upload, not in createFile.

Location:
main/waeup.sirp/trunk/src/waeup/sirp/students
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.sirp/trunk/src/waeup/sirp/students/student.py

    r7122 r7123  
    231231        """
    232232        ext = os.path.splitext(filename)[1].lower()
    233         if ext not in ['.jpg', '.png']:
    234             raise ValueError('Only .jpg and .png allowed')
    235233        # call super method to ensure that any old files with
    236234        # different filename extension are deleted.
  • main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_browser.py

    r7122 r7123  
    364364        # No birth certificate has been uploaded yet
    365365        # Browsing the link shows a placerholder image
    366         self.browser.open('birth_certificate.jpg')
     366        self.browser.open('birth_certificate')
    367367        self.assertEqual(
    368368            self.browser.headers['content-type'], 'image/jpeg')
     
    378378        self.browser.getControl("Save (no upload)").click() # submit form
    379379        self.assertFalse(
    380             '<a target="image" href="birth_certificate.jpg">'
     380            '<a target="image" href="birth_certificate">'
    381381            in self.browser.contents)
    382382        # ... but the correct upload submit button does
     
    389389        # There is a correct <img> link included
    390390        self.assertTrue(
    391             '<a target="image" href="birth_certificate.jpg">'
     391            '<a target="image" href="birth_certificate">'
    392392            in self.browser.contents)
    393393
    394394        # Browsing the link shows a real image
    395         self.browser.open('birth_certificate.jpg')
     395        self.browser.open('birth_certificate')
    396396        self.assertEqual(
    397397            self.browser.headers['content-type'], 'image/jpeg')
     
    428428        self.browser.getControl(
    429429            name='upload_birthcertificateuploadmanage').click()
    430         self.assertTrue('.jpg file extension expected' in self.browser.contents)
     430        self.assertTrue('Only the following extension are allowed'
     431            in self.browser.contents)
    431432        # Managers can delete files
    432433        self.browser.getControl(name='delete_birthcertificateuploadmanage').click()
    433434        self.assertTrue(
    434             'File birth_certificate.jpg deleted'
    435             in self.browser.contents)
     435            'birth_certificate deleted' in self.browser.contents)
    436436        # Managers can add and delete second file
    437437        self.browser.open(self.edit_clearance_student_path)
     
    443443            name='upload_acceptanceletteruploadmanage').click()
    444444        self.assertFalse(
    445             '<a target="image" href="acceptance_letter.jpg">'
     445            '<a target="image" href="acceptance_letter">'
    446446            in self.browser.contents)
    447447        ctrl = self.browser.getControl(name='acceptanceletteruploadmanage')
     
    451451            name='upload_acceptanceletteruploadmanage').click()
    452452        self.assertTrue(
    453             '<a target="image" href="acceptance_letter.jpg">'
     453            '<a target="image" href="acceptance_letter">'
    454454            in self.browser.contents)
    455455        self.browser.getControl(
    456456            name='delete_acceptanceletteruploadmanage').click()
    457457        self.assertTrue(
    458             'File acceptance_letter.jpg deleted'
     458            'acceptance_letter deleted'
     459            in self.browser.contents)
     460        # Managers can upload a file via the StudentBaseManageFormPage
     461        self.browser.open(self.manage_student_path)
     462        pseudo_image = StringIO('I pretend to be a graphics file')
     463        ctrl = self.browser.getControl(name='passportuploadmanage')
     464        file_ctrl = ctrl.mech_control
     465        file_ctrl.add_file(pseudo_image, filename='my_photo.bmp')
     466        self.browser.getControl(
     467            name='upload_passportuploadmanage').click()
     468        self.assertTrue('jpg file extension expected'
     469            in self.browser.contents)
     470        ctrl = self.browser.getControl(name='passportuploadmanage')
     471        file_ctrl = ctrl.mech_control
     472        file_ctrl.add_file(pseudo_image, filename='my_photo.jpg')
     473        self.browser.getControl(
     474            name='upload_passportuploadmanage').click()
     475        self.assertTrue(
     476            '<img align="middle" height="125px" src="passport.jpg" />'
    459477            in self.browser.contents)
    460478
  • main/waeup.sirp/trunk/src/waeup/sirp/students/viewlets.py

    r7117 r7123  
    1616grok.templatedir('browser_templates')
    1717
     18ALLOWED_FILE_EXTENSIONS = ('jpg', 'png', 'pdf', 'tif')
     19
    1820class StudentManageSidebar(grok.ViewletManager):
    1921    grok.name('left_studentmanage')
     
    202204    store.deleteFileByContext(context, attr=download_name)
    203205    write_log_message(view, 'deleted: %s' % download_name)
    204     view.flash('File %s deleted.' % download_name)
     206    view.flash('%s deleted.' % download_name)
    205207    return
    206208
     
    223225    dummy, ext = os.path.splitext(upload.filename)
    224226    ext.lower()
    225     if ext != expected_ext:
    226         view.flash('%s file extension expected.' % expected_ext)
    227         return False
     227    if expected_ext:
     228        if ext != expected_ext:
     229            view.flash('%s file extension expected.' %
     230                expected_ext.replace('.',''))
     231            return False
     232    else:
     233        if not ext.replace('.','') in ALLOWED_FILE_EXTENSIONS:
     234            view.flash(
     235                'Only the following extension are allowed: %s' %
     236                ', '.join(ALLOWED_FILE_EXTENSIONS))
     237            return False
     238        download_name += ext
    228239    size = file_size(upload)
    229240    if size > max_size:
     
    341352    grok.order(1)
    342353    label = u'Birth Certificate:'
    343     download_name = u'birth_certificate.jpg'
     354    download_name = u'birth_certificate'
    344355
    345356class BirthCertificateUploadManage(FileUpload):
     
    347358    """
    348359    grok.order(1)
    349     label = u'Birth Certificate (jpg only):'
     360    label = u'Birth Certificate:'
    350361    mus = 1024 * 150
    351     download_name = u'birth_certificate.jpg'
     362    download_name = u'birth_certificate'
    352363
    353364class AcceptanceLetterDisplay(FileDisplay):
     
    356367    grok.order(1)
    357368    label = u'Acceptance Letter:'
    358     download_name = u'acceptance_letter.jpg'
     369    download_name = u'acceptance_letter'
    359370
    360371class AcceptanceLetterUploadManage(FileUpload):
     
    362373    """
    363374    grok.order(2)
    364     label = u'Acceptance Letter (jpg only):'
     375    label = u'Acceptance Letter:'
    365376    mus = 1024 * 150
    366     download_name = u'acceptance_letter.jpg'
     377    download_name = u'acceptance_letter'
    367378
    368379class BirthCertificateUploadEdit(BirthCertificateUploadManage):
     
    390401        image = getUtility(IExtFileStore).getFileByContext(
    391402            self.context, attr=self.download_name)
    392         # We expect that image is a jpeg pictures
    393         self.response.setHeader(
    394             'Content-Type', 'image/jpeg')
    395403        if image is None:
    396404            # show placeholder image
     405            self.response.setHeader('Content-Type', 'image/jpeg')
    397406            return open(DEFAULT_IMAGE_PATH, 'rb').read()
     407        dummy,ext = os.path.splitext(image.name)
     408        if ext == '.jpg':
     409            self.response.setHeader('Content-Type', 'image/jpeg')
     410        elif ext == '.png':
     411            self.response.setHeader('Content-Type', 'image/png')
     412        elif ext == '.pdf':
     413            self.response.setHeader('Content-Type', 'application/pdf')
     414        elif ext == '.tif':
     415            self.response.setHeader('Content-Type', 'image/tiff')
    398416        return image
    399417
     
    408426    """Renders birth certificate jpeg scan.
    409427    """
    410     grok.name('birth_certificate.jpg')
    411     download_name = u'birth_certificate.jpg'
     428    grok.name('birth_certificate')
     429    download_name = u'birth_certificate'
    412430
    413431class AcceptanceLetterImage(Image):
    414432    """Renders acceptance letter jpeg scan.
    415433    """
    416     grok.name('acceptance_letter.jpg')
    417     download_name = u'acceptance_letter.jpg'
     434    grok.name('acceptance_letter')
     435    download_name = u'acceptance_letter'
Note: See TracChangeset for help on using the changeset viewer.