Use URL safe encoded filename

2014-07-08 15:32:42 -04:00
parent 0dee7f3640
commit b430f08509
7 changed files with 19 additions and 14 deletions
--- a/mayan/apps/sources/api.py
+++ b/mayan/apps/sources/api.py
@@ -42,8 +42,7 @@ class APIStagingSourceView(generics.RetrieveAPIView):
 class APIStagingSourceFileImageView(generics.GenericAPIView):
    def get(self, request, staging_folder_pk, filename):
        staging_folder = get_object_or_404(StagingFolder, pk=staging_folder_pk)
-
-        staging_file = staging_folder.get_file(filename)
+        staging_file = staging_folder.get_file(encoded_filename=filename)

        #try:
        #    Permission.objects.check_permissions(request.user, [PERMISSION_DOCUMENT_VIEW])
--- a/mayan/apps/sources/classes.py
+++ b/mayan/apps/sources/classes.py
@@ -3,6 +3,7 @@ from __future__ import absolute_import
 import base64
 import errno
 import os
+import urllib

 from django.core.exceptions import ObjectDoesNotExist
 from django.core.files import File
@@ -22,9 +23,14 @@ class StagingFile(object):
    Simple class to extend the File class to add preview capabilities
    files in a directory on a storage
    """
-    def __init__(self, staging_folder, filename):
+    def __init__(self, staging_folder, filename=None, encoded_filename=None):
        self.staging_folder = staging_folder
+        if encoded_filename:
+            self.encoded_filename = str(encoded_filename)
+            self.filename = base64.urlsafe_b64decode(urllib.unquote_plus(self.encoded_filename))
+        else:
            self.filename = filename
+            self.encoded_filename = base64.urlsafe_b64encode(filename)

    def __unicode__(self):
        return unicode(self.filename)
--- a/mayan/apps/sources/links.py
+++ b/mayan/apps/sources/links.py
@@ -13,7 +13,7 @@ from .permissions import (PERMISSION_SOURCES_SETUP_VIEW,
 document_create_multiple = {'text': _(u'upload new documents'), 'view': 'document_create_multiple', 'famfam': 'page_add', 'permissions': [PERMISSION_DOCUMENT_CREATE], 'children_view_regex': [r'upload_interactive']}
 document_create_siblings = {'text': _(u'clone metadata'), 'view': 'document_create_siblings', 'args': 'object.id', 'famfam': 'page_copy', 'permissions': [PERMISSION_DOCUMENT_CREATE]}

-staging_file_delete = {'text': _(u'delete'), 'view': 'staging_file_delete', 'args': ['source.pk', 'object.filename'], 'famfam': 'delete', 'keep_query': True, 'permissions': [PERMISSION_DOCUMENT_NEW_VERSION, PERMISSION_DOCUMENT_CREATE]}
+staging_file_delete = {'text': _(u'delete'), 'view': 'staging_file_delete', 'args': ['source.pk', 'object.encoded_filename'], 'famfam': 'delete', 'keep_query': True, 'permissions': [PERMISSION_DOCUMENT_NEW_VERSION, PERMISSION_DOCUMENT_CREATE]}

 setup_sources = {'text': _(u'sources'), 'view': 'setup_web_form_list', 'famfam': 'application_form', 'icon': 'application_form.png', 'children_classes': [WebForm], 'permissions': [PERMISSION_SOURCES_SETUP_VIEW], 'children_view_regex': [r'setup_web_form', r'setup_staging_folder', r'setup_source_']}
 setup_web_form_list = {'text': _(u'web forms'), 'view': 'setup_web_form_list', 'famfam': 'application_form', 'icon': 'application_form.png', 'children_classes': [WebForm], 'permissions': [PERMISSION_SOURCES_SETUP_VIEW]}
--- a/mayan/apps/sources/models.py
+++ b/mayan/apps/sources/models.py
@@ -169,15 +169,15 @@ class StagingFolder(InteractiveBaseModel):

        return DIMENSION_SEPARATOR.join(dimensions)

-    def get_file(self, filename):
-        return StagingFile(staging_folder=self, filename=filename)
+    def get_file(self, *args, **kwargs):
+        return StagingFile(staging_folder=self, *args, **kwargs)

    def get_files(self):
        try:
            for entry in sorted([os.path.normcase(f) for f in os.listdir(self.folder_path) if os.path.isfile(os.path.join(self.folder_path, f))]):
                yield self.get_file(filename=entry)
        except OSError as exception:
-            raise Exception(ugettext(u'Unable get list of staging files: %s') % exception)
+            raise Exception(_(u'Unable get list of staging files: %s') % exception)

    class Meta(InteractiveBaseModel.Meta):
        verbose_name = _(u'staging folder')
--- a/mayan/apps/sources/urls.py
+++ b/mayan/apps/sources/urls.py
@@ -8,7 +8,7 @@ from .literals import (SOURCE_CHOICE_WEB_FORM, SOURCE_CHOICE_STAGING,
 from .wizards import DocumentCreateWizard

 urlpatterns = patterns('sources.views',
-    url(r'^staging_file/(?P<staging_folder_pk>\d+)/(?P<filename>[0-9_\.\w-]+)/delete/$', 'staging_file_delete', name='staging_file_delete'),
+    url(r'^staging_file/(?P<staging_folder_pk>\d+)/(?P<filename>.+)/delete/$', 'staging_file_delete', name='staging_file_delete'),

    url(r'^upload/document/new/interactive/(?P<source_type>\w+)/(?P<source_id>\d+)/$', 'upload_interactive', (), 'upload_interactive'),
    url(r'^upload/document/new/interactive/$', 'upload_interactive', (), 'upload_interactive'),
@@ -39,8 +39,8 @@ urlpatterns = patterns('sources.views',


 #version_0_api_services = [
-    url(r'^api/staging_folder/file/(?P<staging_folder_pk>[0-9]+)/(?P<filename>[0-9_\.\w-]+)/image/$', APIStagingSourceFileImageView.as_view(), name='stagingfolderfile-image-view'),
-    url(r'^api/staging_folder/file/(?P<staging_folder_pk>[0-9]+)/(?P<filename>[0-9_\.\w-]+)/$', APIStagingSourceFileView.as_view(), name='stagingfolderfile-detail'),
+    url(r'^api/staging_folder/file/(?P<staging_folder_pk>[0-9]+)/(?P<filename>.+)/image/$', APIStagingSourceFileImageView.as_view(), name='stagingfolderfile-image-view'),
+    url(r'^api/staging_folder/file/(?P<staging_folder_pk>[0-9]+)/(?P<filename>.+)/$', APIStagingSourceFileView.as_view(), name='stagingfolderfile-detail'),
    url(r'^api/staging_folder/$', APIStagingSourceListView.as_view(), name='stagingfolder-list'),
    url(r'^api/staging_folder/(?P<pk>[0-9]+)/$', APIStagingSourceView.as_view(), name='stagingfolder-detail')
 #]
--- a/mayan/apps/sources/views.py
+++ b/mayan/apps/sources/views.py
@@ -378,7 +378,7 @@ def staging_file_delete(request, staging_folder_pk, filename):
    Permission.objects.check_permissions(request.user, [PERMISSION_DOCUMENT_CREATE, PERMISSION_DOCUMENT_NEW_VERSION])
    staging_folder = get_object_or_404(StagingFolder, pk=staging_folder_pk)

-    staging_file = staging_folder.get_file(filename)
+    staging_file = staging_folder.get_file(encoded_filename=filename)
    next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', '/')))
    previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', '/')))

--- a/mayan/apps/sources/widgets.py
+++ b/mayan/apps/sources/widgets.py
@@ -54,7 +54,7 @@ def staging_file_html_widget(staging_file, click_view=None, page=DEFAULT_PAGE_NU

    query_string = urlencode(query_dict)

-    preview_view = u'%s?%s' % (reverse('stagingfolderfile-image-view', args=[staging_file.staging_folder.pk, staging_file.filename]), query_string)
+    preview_view = u'%s?%s' % (reverse('stagingfolderfile-image-view', args=[staging_file.staging_folder.pk, staging_file.encoded_filename]), query_string)

    plain_template = []
    plain_template.append(u'<img src="%s" alt="%s" />' % (preview_view, alt_text))
@@ -70,7 +70,7 @@ def staging_file_html_widget(staging_file, click_view=None, page=DEFAULT_PAGE_NU
        # TODO: fix this hack
        query_dict['size'] = PREVIEW_SIZE
        query_string = urlencode(query_dict)
-        result.append(u'<a %s class="%s" href="%s" %s>' % (gallery_template, fancybox_class, u'%s?%s' % (reverse(click_view, args=[staging_file.staging_folder.pk, staging_file.filename]), query_string), title_template))
+        result.append(u'<a %s class="%s" href="%s" %s>' % (gallery_template, fancybox_class, u'%s?%s' % (reverse(click_view, args=[staging_file.staging_folder.pk, staging_file.encoded_filename]), query_string), title_template))

    if nolazyload:
        result.append(u'<img style="border: 1px solid black;" src="%s" alt="%s" />' % (preview_view, alt_text))