piwigo: Add .images.add including form handling.
To make things a bit easier, switch to WTForms for validating the received data.
This commit is contained in:
Elrond
parent
180a008100
commit
c1df8d1963
@ -26,3 +26,19 @@ class AddSimpleForm(wtforms.Form):
|
|||||||
# tags = wtforms.FieldList(wtforms.TextField())
|
# tags = wtforms.FieldList(wtforms.TextField())
|
||||||
category = wtforms.IntegerField()
|
category = wtforms.IntegerField()
|
||||||
level = wtforms.IntegerField()
|
level = wtforms.IntegerField()
|
||||||
|
|
||||||
|
|
||||||
|
_md5_validator = wtforms.validators.Regexp(r"^[0-9a-fA-F]{32}$")
|
||||||
|
|
||||||
|
|
||||||
|
class AddForm(wtforms.Form):
|
||||||
|
original_sum = wtforms.TextField(None,
|
||||||
|
[_md5_validator,
|
||||||
|
wtforms.validators.Required()])
|
||||||
|
thumbnail_sum = wtforms.TextField(None,
|
||||||
|
[wtforms.validators.Optional(False),
|
||||||
|
_md5_validator])
|
||||||
|
file_sum = wtforms.TextField(None, [_md5_validator])
|
||||||
|
name = wtforms.TextField()
|
||||||
|
date_creation = wtforms.TextField()
|
||||||
|
categories = wtforms.TextField()
|
||||||
|
|||||||
@ -18,7 +18,7 @@ import logging
|
|||||||
|
|
||||||
import six
|
import six
|
||||||
import lxml.etree as ET
|
import lxml.etree as ET
|
||||||
from werkzeug.exceptions import MethodNotAllowed
|
from werkzeug.exceptions import MethodNotAllowed, BadRequest
|
||||||
|
|
||||||
from mediagoblin.tools.response import Response
|
from mediagoblin.tools.response import Response
|
||||||
|
|
||||||
@ -106,3 +106,16 @@ class CmdTable(object):
|
|||||||
_log.warn("Method %s only allowed for POST", cmd_name)
|
_log.warn("Method %s only allowed for POST", cmd_name)
|
||||||
raise MethodNotAllowed()
|
raise MethodNotAllowed()
|
||||||
return func
|
return func
|
||||||
|
|
||||||
|
|
||||||
|
def check_form(form):
|
||||||
|
if not form.validate():
|
||||||
|
_log.error("form validation failed for form %r", form)
|
||||||
|
for f in form:
|
||||||
|
if len(f.error):
|
||||||
|
_log.error("Errors for %s: %r", f.name, f.errors)
|
||||||
|
raise BadRequest()
|
||||||
|
dump = []
|
||||||
|
for f in form:
|
||||||
|
dump.append("%s=%r" % (f.name, f.data))
|
||||||
|
_log.debug("form: %s", " ".join(dump))
|
||||||
|
|||||||
@ -23,8 +23,8 @@ from werkzeug.wrappers import BaseResponse
|
|||||||
from mediagoblin import mg_globals
|
from mediagoblin import mg_globals
|
||||||
from mediagoblin.meddleware.csrf import csrf_exempt
|
from mediagoblin.meddleware.csrf import csrf_exempt
|
||||||
from mediagoblin.submit.lib import check_file_field
|
from mediagoblin.submit.lib import check_file_field
|
||||||
from .tools import CmdTable, PwgNamedArray, response_xml
|
from .tools import CmdTable, PwgNamedArray, response_xml, check_form
|
||||||
from .forms import AddSimpleForm
|
from .forms import AddSimpleForm, AddForm
|
||||||
|
|
||||||
|
|
||||||
_log = logging.getLogger(__name__)
|
_log = logging.getLogger(__name__)
|
||||||
@ -133,6 +133,15 @@ def pwg_images_addChunk(request):
|
|||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
@CmdTable("pwg.images.add", True)
|
||||||
|
def pwg_images_add(request):
|
||||||
|
_log.info("add: %r", request.form)
|
||||||
|
form = AddForm(request.form)
|
||||||
|
check_form(form)
|
||||||
|
|
||||||
|
return {'image_id': 123456, 'url': ''}
|
||||||
|
|
||||||
|
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
def ws_php(request):
|
def ws_php(request):
|
||||||
if request.method not in ("GET", "POST"):
|
if request.method not in ("GET", "POST"):
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user