Improvements for file uploading format restriction

4 years ago · 7929711fea
parent 49a028a599
commit 7929711fea
4 changed files with 9 additions and 6 deletions
--- a/cps/admin.py
+++ b/cps/admin.py
@ -641,8 +641,11 @@ def _configuration_update_helper():
        _config_int(to_save, "config_external_port")
        _config_checkbox_int(to_save, "config_kobo_proxy")
-        _config_string(to_save, "config_upload_formats")
+        if "config_upload_formats" in to_save:
-        constants.EXTENSIONS_UPLOAD = [x.lstrip().rstrip() for x in config.config_upload_formats.split(',')]
+            to_save["config_upload_formats"] = ','.join(
                helper.uniq([x.lstrip().rstrip().lower() for x in to_save["config_upload_formats"].split(',')]))
            _config_string(to_save, "config_upload_formats")
            constants.EXTENSIONS_UPLOAD = config.config_upload_formats.split(',')
        _config_string(to_save, "config_calibre")
        _config_string(to_save, "config_converterpath")
--- a/cps/config_sql.py
+++ b/cps/config_sql.py
@ -287,7 +287,7 @@ class _ConfigSQL(object):
                db_file = os.path.join(self.config_calibre_dir, 'metadata.db')
                have_metadata_db = os.path.isfile(db_file)
        self.db_configured = have_metadata_db
-        constants.EXTENSIONS_UPLOAD = [x.lstrip().rstrip() for x in self.config_upload_formats.split(',')]
+        constants.EXTENSIONS_UPLOAD = [x.lstrip().rstrip().lower() for x in self.config_upload_formats.split(',')]
        logfile = logger.setup(self.config_logfile, self.config_log_level)
        if logfile != self.config_logfile:
            log.warning("Log path %s not valid, falling back to default", self.config_logfile)
--- a/cps/editbooks.py
+++ b/cps/editbooks.py
@ -504,7 +504,7 @@ def upload_single_file(request, book, book_id):
        if requested_file.filename != '':
            if '.' in requested_file.filename:
                file_ext = requested_file.filename.rsplit('.', 1)[-1].lower()
-                if file_ext not in constants.EXTENSIONS_UPLOAD:
+                if file_ext not in constants.EXTENSIONS_UPLOAD and '' not in constants.EXTENSIONS_UPLOAD:
                    flash(_("File extension '%(ext)s' is not allowed to be uploaded to this server", ext=file_ext),
                          category="error")
                    return redirect(url_for('web.show_book', book_id=book.id))
@ -754,7 +754,7 @@ def upload():
                # check if file extension is correct
                if '.' in requested_file.filename:
                    file_ext = requested_file.filename.rsplit('.', 1)[-1].lower()
-                    if file_ext not in constants.EXTENSIONS_UPLOAD:
+                    if file_ext not in constants.EXTENSIONS_UPLOAD and '' not in constants.EXTENSIONS_UPLOAD:
                        flash(
                            _("File extension '%(ext)s' is not allowed to be uploaded to this server",
                              ext=file_ext), category="error")
--- a/cps/templates/layout.html
+++ b/cps/templates/layout.html
@ -64,7 +64,7 @@
                    <form id="form-upload" class="navbar-form" action="{{ url_for('editbook.upload') }}" method="post" enctype="multipart/form-data">
                      <div class="form-group">
                        <span class="btn btn-default btn-file">{{_('Upload')}}<input id="btn-upload" name="btn-upload"
-                        type="file" accept="{% for format in accept %}.{{format}}{{ ',' if not loop.last }}{% endfor %}" multiple></span>
+                        type="file" accept="{% for format in accept %}.{% if format != ''%}{{format}}{% else %}*{% endif %}{{ ',' if not loop.last }}{% endfor %}" multiple></span>
                      </div>
                    </form>
                  </li>