Age | Commit message (Collapse) | Author | Files | Lines |
|
This makes database access a bit easier and also greatly simplifies some
upcoming changes.
|
|
scans is a dict, not a list, so we need to call values() to retrieve the
result dicts.
|
|
By including a result name in the VIRUSTOTAL_SINGULAR_MATCHES setting we
can override VIRUSTOTAL_MINIMUM_POSITIVES. This is useful for some
matches that's usually only matched by a few engines, such as phishing.
|
|
Move the chmod call into the try block so we always call this when
add_file succeeds, otherwise new_file might not be set yet and we will
get an UnboundLocalError.
|
|
|
|
This allows configuring max file sizes for both registered and anonymous
users. For registered users the USER_FILE_SIZE_LIMIT is used, and
ANONYMOUS_FILE_SIZE_LIMIT for anonymous users. If the size is not
specified or None, the limit is not enforced. Setting the limit to 0
effectively disables uploads.
|
|
Usually we want the file data, not the thumbnail.
|
|
This makes sure the upload form is visually updated when dropping or
pasting a file.
|
|
Wrap the call to get_size() in a generator so we don't have to look up
the files (if needed) twice.
|
|
|
|
|
|
|
|
This will allow us to remotely store thumbnails in case of S3. For S3
the thumb bucket is configurable to allow these to be stored separately.
The S3 key for thumbnails does not conflict with files, so these can be
stored in the same bucket if needed.
|
|
Regression since b72ecc321c315bafe40cc7406e87e088564ab8a9. This is
needed eg. when using X-Sendfile so that the web server can access the
files.
|
|
|
|
|
|
|
|
|
|
|
|
Allows for storing files other places than the local file system.
Currently the local filesystem and S3 are supported.
|
|
|
|
|
|
|
|
|
|
Files are blocked if blocked_reason is non-NULL. This value is currently
not exposed publicly, instead a 404 will be returned.
Files are scanned using virustotal.com's public API if scanned is False.
Scans are performed by the fbin-scanner.py script. If a match is found,
blocked_reason is set to the payload received. Files that are not in
VT's database will be automatically submitted and the script will wait
for the scan to complete before continuing.
|
|
|
|
Add a separate video page for listing uploaded videos. The thumbnail
endpoint now supports generating video thumbnails using
ffmpegthumbnailer.
|
|
JPEG does not support alpha channels, so remove RGBA from the list of
valid modes.
|
|
|
|
|
|
For some reason chrome sometimes does two requests on redirect, where
the first in unused, causing the second to hang because we only process
one request at a time.
|
|
Also updated the API (previously help) page.
|
|
|
|
Highlights:
- Uses the oauth branch of jab.
- Changed design to use bootstrap.
- Some minor changes to functionality in file uploading and listing.
- API is currently disabled and incomplete.
|
|
For small files the file attribute is a StringIO object instead of a
NamedTemporaryFile. For cStringIO we're not allowed to set the delete
attribute, so check wether the object already has a delete attribute
before attempting to set it.
|
|
|
|
This fixes multipart upload where temporary files are created for all
fields. Instead we explicitly set the uploaded file itself to not be
auto-deleted. This doesn't work on Windows (see NamedTemporaryFile for
more details).
|
|
|
|
This API method checks whether the provided token is valid or not.
|
|
Replaced jquery-lazyload with jquery.lazy which provides an onError
event handler.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* create_active_users:
Controls whether new user accounts are created as 'active'; accounts
that are not marked as active will not be able to log in, and will be
automatically logged out if they're already logged in.
* allow_registration:
Allow or disallow creation of new user accounts. Any attempts to
access the registration page will result in an error message.
* allow_anonymous_uploads:
Allow or disallow uploading of files by anonymous (not logged in)
users. Combined with either allow_registration or create_active_users,
this will effectively create a private filebin where the admin must
explicitly create or activate new users.
|