diff options
Diffstat (limited to 'fbin.py')
| -rwxr-xr-x | fbin.py | 46 |
1 files changed, 45 insertions, 1 deletions
@@ -141,6 +141,17 @@ class Application(object): finally: session.close() + def delete_file(self, file): + session = db.Session() + try: + session.delete(file) + session.commit() + os.unlink(file.get_path()) + except: + raise + finally: + session.close() + def not_modified(self, environ, date): if not 'HTTP_IF_MODIFIED_SINCE' in environ: return False @@ -471,6 +482,38 @@ class Application(object): start_response('200 OK', [('Content-Type', 'image/jpeg'), ('Last-Modified', date.strftime(rfc1123_format))]) return open(thumbfile, 'rb') + def delete(self, environ, start_response, path): + c = Cookie.SimpleCookie(environ['HTTP_COOKIE'] if 'HTTP_COOKIE' in environ else None) + user = self.validate_cookie(c) + if user == None: + start_response('200 OK', [('Content-Type', 'text/html')]) + return ['Not logged in.'] + hash = path[1] + file = self.get_file(hash) + if file == None: + start_response('404 Not Found', [('Content-Type', 'text/html')]) + return ['<h1>Not Found</h1><p>The file you requested does not exist.</p>'] + if file.user_id != user.id: + start_response('403 Forbidden', [('Content-Type', 'text/html')]) + return ['<h1>Forbidden</h1><p>You are not allowed to delete this file.</p>'] + if environ['REQUEST_METHOD'] == 'POST': + try: + self.delete_file(file) + except Exception as e: + start_response('500 Internal Error', [('Content-Type', 'text/html')]) + return ['Failed to delete file {filename} ({error}).'.format(filename = file.filename, error = str(e))] + else: + start_response('302 Found', [('Location', settings.virtual_root + 'u')]) + return [] + else: + start_response('200 OK', [('Content-Type', 'text/html')]) + return str(templates.delete(searchList = { + 'root': settings.virtual_root, + 'user': user, + 'hash': hash, + 'filename': file.filename, + })) + f = file u = upload l = login @@ -482,11 +525,12 @@ class Application(object): o = logout r = register c = changepass + d = delete def __call__(self, environ, start_response): path = environ['PATH_INFO'].split('/')[1:] module = path[0] if len(path) else '' - if len(module) and module in 'fulshmitorc': + if len(module) and module in 'fulshmitorcd': return getattr(self, module)(environ, start_response, path) else: start_response('302 Found', [('Location', settings.virtual_root + 'u')]) |