Skip to content
Snippets Groups Projects
Commit 7a791e2c authored by Roman Sebastian Karwacik's avatar Roman Sebastian Karwacik
Browse files

Implemented Upload via token (not completed)

parent 6359499c
No related tags found
No related merge requests found
from server import * from server import *
if config['DB_ENGINE'] == 'sqlite': if config['DB_ENGINE'] == 'sqlite':
import sqlite3 import sqlite3
......
...@@ -16,6 +16,13 @@ CREATE TABLE IF NOT EXISTS `areas` ( ...@@ -16,6 +16,13 @@ CREATE TABLE IF NOT EXISTS `areas` (
`rank` INTEGER DEFAULT NULL, `rank` INTEGER DEFAULT NULL,
`coordinates` varchar(30) NOT NULL `coordinates` varchar(30) NOT NULL
); );
CREATE TABLE IF NOT EXISTS `tokens` (
`token` varchar(20) NOT NULL PRIMARY KEY,
`valid_until` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
`created_by` INTEGER NOT NULL,
`created_for` varchar(255) NOT NULL,
`lecture_id` INTEGER NOT NULL
);
CREATE TABLE IF NOT EXISTS `changelog` ( CREATE TABLE IF NOT EXISTS `changelog` (
`id` INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, `id` INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
`when` datetime NOT NULL, `when` datetime NOT NULL,
......
...@@ -184,17 +184,23 @@ def edit(prefix='', ignore=[]): ...@@ -184,17 +184,23 @@ def edit(prefix='', ignore=[]):
@mod_required @mod_required
@csrf_protect @csrf_protect
def create(table): def create(table):
args = request.values.items()
if (request.method == 'POST') and (request.get_json()):
args = request.get_json().items()
id = internal_create(table, args, session["user"]["dbid"])
if 'ref' in request.values:
return redirect(request.values['ref'])
return str(id), 200
def internal_create(table, args, user_dbid):
assert table in editable_tables assert table in editable_tables
defaults = {'created_by': session['user']['dbid'], 'time_created': datetime.now(), 'time_updated': datetime.now()} defaults = {'created_by': user_dbid, 'time_created': datetime.now(), 'time_updated': datetime.now()}
columns = [] columns = []
values = [] values = []
for column, val in defaults.items(): for column, val in defaults.items():
if column in editable_tables[table]['creationtime_fields']: if column in editable_tables[table]['creationtime_fields']:
columns.append(column) columns.append(column)
values.append(val) values.append(val)
args = request.values.items()
if (request.method == 'POST') and (request.get_json()):
args = request.get_json().items()
for column, val in args: for column, val in args:
if (column == 'ref') or (column == '_csrf_token'): if (column == 'ref') or (column == '_csrf_token'):
continue continue
...@@ -205,10 +211,8 @@ def create(table): ...@@ -205,10 +211,8 @@ def create(table):
id = modify('INSERT INTO %s (%s) VALUES (%s)'%(editable_tables[table]['table'], id = modify('INSERT INTO %s (%s) VALUES (%s)'%(editable_tables[table]['table'],
','.join(columns), ','.join(['?']*len(values))), *values) ','.join(columns), ','.join(['?']*len(values))), *values)
if table == 'courses': if table == 'courses':
set_responsible(id, session['user']['dbid'], 1) set_responsible(id, user_dbid, 1)
if 'ref' in request.values: return id
return redirect(request.values['ref'])
return str(id), 200
@app.route('/internal/changelog') @app.route('/internal/changelog')
@register_navbar('Changelog', icon='book', group='weitere') @register_navbar('Changelog', icon='book', group='weitere')
......
from flask import Flask, g, request, url_for, redirect, session, render_template, flash, Response, make_response from flask import Flask, g, request, url_for, redirect, session, render_template, flash, Response, make_response
from werkzeug.routing import Rule from werkzeug.routing import Rule
from werkzeug.utils import secure_filename
from functools import wraps from functools import wraps
from datetime import date, timedelta, datetime, time, MINYEAR from datetime import date, timedelta, datetime, time, MINYEAR
import os import os
...@@ -508,10 +509,85 @@ def dbstatus(): ...@@ -508,10 +509,85 @@ def dbstatus():
clusters[cluster].append(host) clusters[cluster].append(host)
return render_template('dbstatus.html', clusters=clusters, statuses=status, vars=variables), 200 return render_template('dbstatus.html', clusters=clusters, statuses=status, vars=variables), 200
def allowed_file(filename):
return '.' in filename and filename.split(".")[-1].lower() in ["mkv", "mp4", "webm", "mov", "avi", "wmv"]
"""
CREATE TABLE IF NOT EXISTS `tokens` (
`token` varchar(20) NOT NULL PRIMARY KEY,
`valid_until` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
`created_by` INTEGER NOT NULL,
`created_for` varchar(255) NOT NULL,
`lecture_id` INTEGER NOT NULL,
);
"""
def get_token(token):
res = query('select * from tokens where (token = ?)',token)
if res:
return res[0]
return None
UPLOAD_FOLDER = "/mnt/IntenseShit/sciebo/code/videoag-website/"
@app.route('/upload', methods=['GET', 'POST'])
def upload():
if request.method == 'GET':
return render_template("upload.html"), 200
elif request.method == 'POST':
if not "uploadtoken" in request.values:
return "Token missing", 403
tokenobj = get_token(request.values["uploadtoken"])
if not tokenobj:
return "Token invalid!", 403
print(tokenobj["valid_until"])
print(datetime.now())
if tokenobj["valid_until"] <= datetime.now():
return "Token ist nicht mehr valide!", 403
user_dbid = -1 # create one for each token?
videos = []
i = 0
while f"time[{i}]" in request.values:
if not all(key in request.values for key in [f"time[{i}]", f"title[{i}]", f"speaker[{i}]", f"duration[{i}]", f"place[{i}]"]):
return "Es fehlt ein Argument!"+str([k for k in request.values.keys()]), 403
if f'videofile[{i}]' not in request.files:
return "Keine Datei übertragen!", 403
if request.files[f'videofile[{i}]'] == '':
return "Dateiname ist leer!", 403
if not allowed_file(request.files[f'videofile[{i}]'].filename):
return f'Dateityp {request.files[f"videofile[{i}]"].filename.split(".")[-1]} nicht erlaubt!', 403
videos.append(({"time": request.values[f"time[{i}]"],
"title": request.values[f"title[{i}]"],
"speaker": request.values[f"speaker[{i}]"],
"duration": request.values[f"duration[{i}]"],
"place": request.values[f"place[{i}]"],
"comment": request.values[f"comment[{i}]"] if f"comment[{i}]" in request.values else "",
"internal": "Uploaded with the token from "+str(tokenobj["created_for"]),
"course_id": tokenobj["lecture_id"],
"ref": "/80",
"visible": False},request.files[f'videofile[{i}]']))
i += 1
for vid in videos:
lec_id = internal_create("lectures", vid[0].items(), user_dbid)
lecturehandle = query('select * from courses_data where (id = ?)',tokenobj["lecture_id"])[0]["handle"]
datestring = vid[0]["time"].split(" ")[0].replace("-","")
fileformat = vid[1].filename.split(".")[-1]
filename = f"{lecturehandle}-{datestring}.{fileformat}"
path = os.path.join(UPLOAD_FOLDER, filename)
if os.path.exists(path):
timestring = vid[0]["time"].split(" ")[1].replace(":","")
filename = f"{lecturehandle}-{datestring}-{timestring}.{fileformat}"
path = os.path.join(UPLOAD_FOLDER, filename)
if os.path.exists(path):
return f"Eine Vorlesung existiert bereits am {datestring}!", 403
vid[1].save(path)
sorter.sort_autoencode_internal(filename)
return redirect(f"{request.base_url}/{lecturehandle}")
def date_json_handler(obj): def date_json_handler(obj):
return obj.isoformat() if hasattr(obj, 'isoformat') else obj return obj.isoformat() if hasattr(obj, 'isoformat') else obj
from edit import edit_handler from edit import edit_handler, internal_create
from jobmanagement import job_handler, job_handler_handle, job_set_state, schedule_job, cancel_job, restart_job from jobmanagement import job_handler, job_handler_handle, job_set_state, schedule_job, cancel_job, restart_job
import feeds import feeds
import importer import importer
......
...@@ -201,6 +201,10 @@ def sort_encoded(filename): ...@@ -201,6 +201,10 @@ def sort_encoded(filename):
@sort_api_token_required @sort_api_token_required
def sort_autoencode(): def sort_autoencode():
filename = request.values['path'] filename = request.values['path']
sort_autoencode_internal(filename)
return 'OK', 200
def sort_autoencode_internal(filename):
path = 'autoencode/'+filename path = 'autoencode/'+filename
matches, fmt = sort_file(filename) matches, fmt = sort_file(filename)
if len(matches) != 1: if len(matches) != 1:
...@@ -208,7 +212,6 @@ def sort_autoencode(): ...@@ -208,7 +212,6 @@ def sort_autoencode():
return "Could not match filename", 400 return "Could not match filename", 400
lecture = matches[0] lecture = matches[0]
schedule_job('probe-raw', {'path': path, 'lecture_id': lecture['id'], 'import-chapters': True}) schedule_job('probe-raw', {'path': path, 'lecture_id': lecture['id'], 'import-chapters': True})
return 'OK', 200
@job_handler('publish_video') @job_handler('publish_video')
def handle_published_video(jobid, jobtype, data, state, status): def handle_published_video(jobid, jobtype, data, state, status):
......
{% extends "base.html" %}
{% block content %}
<div class="panel-group">
<div class="panel panel-default">
<div class="panel-heading">
<h1 class="panel-title">Video Upload</h1>
</div>
<div class="panel-body">
<form method="post" enctype="multipart/form-data">
<label for="uploadtoken">Ihr Uploadtoken</label>
<input type="text" name="uploadtoken" id="uploadtoken" required></br></br>
<table class="table table-bordered" id="item_table">
<tr>
<th>Videodatei</th>
<th>Video-Titel</th>
<th>Gehalten von...</th>
<th>Datum/Uhrzeit der Vorlesung</th>
<th>Ort der Vorlesung</th>
<th>Dauer (in Minuten)</th>
<th>Kommentar</th>
<th><button type="button" onclick=addItem() name="add">X</button></th>
</tr>
</table>
<input type="submit" name="submit" value="Submit videos" />
</form>
</div>
</div>
</div>
<script type="text/javascript">
var videonumber = 0;
function getCurrentDate() {
return (new Date()).toISOString().replace(/(\d{4})\-(\d{2})\-(\d{2})T(\d{2}):(\d{2}):(\d{2}).*/, '$1-$2-$3 $4:$5:$6');
}
function removeItem(item) {
item.closest("tr").remove();
videonumber -= 1;
}
function addItem() {
var html = '';
html += '<tr>';
html += '<td><input type="file" name="videofile['+videonumber+']" class="form-control videofile" required/></td>';
html += '<td><input type="text" value="Vorlesung/Übung" name="title['+videonumber+']" class="form-control title" required/></td>';
html += '<td><input type="text" value="Prof. Mustermann" name="speaker['+videonumber+']" class="form-control speaker" required/></td>';
html += '<td><input type="text" value="'+getCurrentDate()+'" name="time['+videonumber+']" class="form-control time" required/></td>';
html += '<td><input type="text" value="H01" name="place['+videonumber+']" class="form-control place" required/></td>';
html += '<td><input type="text" value="60" name="duration['+videonumber+']" class="form-control duration" required/></td>';
html += '<td><input type="text" value="" name="comment['+videonumber+']" class="form-control comment" /></td>';
html += '<td><button type="button" name="remove" class="btn btn-danger btn-sm remove" onclick=removeItem($(this))>X</button></td></tr>';
videonumber += 1;
$('#item_table').append(html);
}
addItem();
</script>
{% endblock %}
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment