--- OLD/AttachFile.py 2005-04-08 09:57:16.179409904 +0200 +++ NEW/AttachFile.py 2005-04-08 09:56:45.953585457 +0200 @@ -21,12 +21,14 @@ @copyright: 2001 by Ken Sugino (sugino@mediaone.net) @copyright: 2001-2004 by Jürgen Hermann @license: GNU GPL, see COPYING for details. + 2005 April R.Bauer zipfile code added """ import os, mimetypes, time, urllib from MoinMoin import config, user, util, wikiutil from MoinMoin.Page import Page from MoinMoin.util import MoinMoinNoFooter, filesys, web +import zipfile,string action_name = __name__.split('.')[-1] @@ -54,7 +56,7 @@ # direct file access via webserver, from public htdocs area pagename = wikiutil.quoteWikinameFS(pagename) attach_dir = os.path.join(request.cfg.attachments['dir'], pagename, "attachments") - if create and not os.path.isdir(attach_dir): + if create and not os.path.isdir(attach_dir): filesys.makeDirs(attach_dir) else: # send file via CGI, from page storage area @@ -203,6 +205,7 @@ label_get = _("get") label_edit = _("edit") label_view = _("view") + label_unzip = _("unzip") for file in files: fsize = float(os.stat(os.path.join(attach_dir,file).encode(config.charset))[6]) # in byte @@ -218,16 +221,19 @@ 'urlfile': urlfile, 'label_del': label_del, 'base': base, 'label_edit': label_edit, 'label_view': label_view, + 'label_unzip': label_unzip, 'get_url': get_url, 'label_get': label_get, 'file': file, 'fsize': fsize, 'pagename': pagename} - + del_link = '' if request.user.may.delete(pagename) and not readonly: del_link = '%(label_del)s | ' % parmdict + if zipfile.is_zipfile(os.path.join(attach_dir,file))and request.user.may.read(pagename) and request.user.may.delete(pagename) and request.user.may.write(pagename): + viewlink='%(label_unzip)s' % parmdict - if ext == '.draw': + elif ext == '.draw': viewlink = '%(label_edit)s' % parmdict else: viewlink = '%(label_view)s' % parmdict @@ -367,7 +373,7 @@ 'pagename': wikiutil.quoteWikinameURL(pagename), 'action_name': action_name, 'upload_label_file': _('File to upload'), - 'upload_label_rename': _('Save as'), + 'upload_label_rename': _('Rename to'), 'rename': request.form.get('rename', [''])[0], 'upload_button': _('Upload'), }) @@ -418,6 +424,11 @@ get_file(pagename, request) else: msg = _('You are not allowed to get attachments from this page.') + elif request.form['do'][0] == 'unzip': + if request.user.may.delete(pagename) and request.user.may.read(pagename) and request.user.may.write(pagename): + unzip_file(pagename, request) + else: + msg = _('You are not allowed to unzip attachments of this page.') elif request.form['do'][0] == 'view': if request.user.may.read(pagename): view_file(pagename, request) @@ -442,7 +453,7 @@ request.write('\n') # end content div wikiutil.send_footer(request, pagename, showpage=1) - + def do_upload(pagename, request): _ = request.getText @@ -457,7 +468,7 @@ # if we use twisted, "rename" field is NOT optional, because we # can't access the client filename if rename: - filename = target = rename + target = rename elif filename: target = filename else: @@ -466,7 +477,7 @@ # get file content filecontent = request.form['file'][0] - + target = wikiutil.taintfilename(target) # set mimetype from extension, or from given mimetype @@ -482,7 +493,7 @@ # else: # ext = '' # target = target + ext - + # get directory, and possibly create it attach_dir = getAttachDir(request, pagename, create=1) # save file @@ -509,7 +520,7 @@ def save_drawing(pagename, request): - + filename = request.form['filename'][0] filecontent = request.form['filepath'][0] @@ -544,7 +555,7 @@ filename, fpath = _access_file(pagename, request) if not filename: return # error msg already sent in _access_file - + # delete file os.remove(fpath) _addLogEntry(request, 'ATTDEL', pagename, filename) @@ -557,7 +568,7 @@ filename, fpath = _access_file(pagename, request) if not filename: return # error msg already sent in _access_file - + # get mimetype type, enc = mimetypes.guess_type(filename) if not type: @@ -569,14 +580,84 @@ "Content-Length: %d" % os.path.getsize(fpath), # TODO: fix the encoding here, plain 8 bit is not allowed according to the RFCs # There is no solution that is compatible to IE except stripping non-ascii chars - "Content-Disposition: inline; filename=\"%s\"" % filename.encode(config.charset), + "Content-Disposition: inline; filename=\"%s\"" % filename.encode(config.charset), ]) - + # send data shutil.copyfileobj(open(fpath, 'rb'), request, 8192) raise MoinMoinNoFooter +def unzip_file(pagename, request): + _ = request.getText + + filename, fpath = _access_file(pagename, request) + if not filename: return # error msg already sent in _access_file + + if not request.user.may.delete(pagename): + request.write('

%s

' % _('You are not allowed to unzip on this page.')) + return + + attachment_path = getAttachDir(request, pagename) + single_file_size=2.0*1024*1024 + attachments_file_space=200.0*1024*1024 + + files = _get_files(request, pagename) + + msg="" + if files: + fsize =0.0 + for file in files: + fsize += float(os.stat(os.path.join(attachment_path,file).encode(config.charset))[6]) # in byte + + avalaible_attachments_file_space=attachments_file_space-fsize + + target=request.form['target'][0] + file=attachment_path+'/'+target + if zipfile.is_zipfile(file): + zf = zipfile.ZipFile(file) + sum_size_over_all_valid_files=0.0 + for name in zf.namelist(): + if ((string.find(name,'/') == -1) and (string.find(name,'\\') == -1)): + zi = zf.getinfo(name) + sum_size_over_all_valid_files+=zi.file_size + + if (sum_size_over_all_valid_files < avalaible_attachments_file_space): + valid_name=[] + for name in zf.namelist(): + if ((string.find(name,'/') == -1) and (string.find(name,'\\') == -1)): + zi = zf.getinfo(name) + if (zi.file_size < (single_file_size)): + new_file=os.path.join(attachment_path, name).encode(config.charset) + if not os.path.exists(new_file): + outfile = open(new_file, 'wb') + outfile.write(zf.read(name)) + outfile.flush() + outfile.close() + # it's not allowed to zip a zip file so this is dropped + if zipfile.is_zipfile(new_file): + os.unlink(new_file) + else: + valid_name.append(name) + os.chmod(new_file, 0666 & config.umask) + _addLogEntry(request, 'ATTNEW', pagename, new_file) + + if (len(valid_name) > 0): + upload_form(pagename, request, msg=_("Attachment '%(filename)s' unziped.") % + {'filename': target}) + else: + upload_form(pagename, request, msg=_("Attachment '%(filename)s' not unziped because result to big or included zip file or file exists.") % + {'filename': target}) + else: + upload_form(pagename, request, msg=_("Attachment '%(filename)s' could not be unziped because result to big (%(space)d kB missing).") % + {'filename': target, + 'space':(sum_size_over_all_valid_files-avalaible_attachments_file_space)/1024}) + + else: + msg = _('file '+target+' is no zip file!') + + if msg: + error_msg(pagename, request, msg) def send_viewfile(pagename, request): _ = request.getText @@ -585,7 +666,7 @@ if not filename: return request.write('

' + _("Attachment '%(filename)s'") % {'filename': filename} + '

') - + type, enc = mimetypes.guess_type(filename) if type: if type[:5] == 'image': @@ -609,7 +690,7 @@ request.write('%s' % ( getAttachUrl(pagename, filename, request, escaped=1), wikiutil.escape(filename))) - + def view_file(pagename, request): _ = request.getText