Python flask 模块,safe_join() 实例源码

我们从Python开源项目中,提取了以下18个代码示例,用于说明如何使用flask.safe_join()

项目:FRG-Crowdsourcing    作者:97amarnathk    | 项目源码 | 文件源码
def get_zip(self, project, ty):
        """Get a ZIP file directly from uploaded directory
        or generate one on the fly and upload it if not existing."""
        filename = self.download_name(project, ty)
        if not self.zip_existing(project, ty):
            print "Warning: Generating %s on the fly now!" % filename
            self._make_zip(project, ty)
        if isinstance(uploader, local.LocalUploader):
            filepath = self._download_path(project)
            res = send_file(filename_or_fp=safe_join(filepath, filename),
                            mimetype='application/octet-stream',
                            as_attachment=True,
                            attachment_filename=filename)
            # fail safe mode for more encoded filenames.
            # It seems Flask and Werkzeug do not support RFC 5987 http://greenbytes.de/tech/tc2231/#encoding-2231-char
            # res.headers['Content-Disposition'] = 'attachment; filename*=%s' % filename
            return res
        else:
            return redirect(url_for('rackspace', filename=filename,
                                    container=self._container(project),
                                    _external=True))
项目:FRG-Crowdsourcing    作者:97amarnathk    | 项目源码 | 文件源码
def _download_path(self, project):
        container = self._container(project)
        if isinstance(uploader, local.LocalUploader):
            filepath = safe_join(uploader.upload_folder, container)
        else:
            print("The method Exporter _download_path should not be used for Rackspace etc.!")  # TODO: Log this stuff
            filepath = container
        return filepath
项目:micropayment-storage    作者:mitchoneill    | 项目源码 | 文件源码
def files_head(path):
    """
    access(path) -> HEAD /files/<path>
        200
        404     Not Found
    """
    if path == "/":
        path = app.config['serve_dir']
    else:
        path = flask.safe_join(app.config['serve_dir'], path)

    if not os.path.exists(path):
        return "File not found.", 404

    return ""
项目:micropayment-storage    作者:mitchoneill    | 项目源码 | 文件源码
def files_post(path):
    """
    create(path) -> POST /files/<path>?op=create
        200

    mkdir(path) -> POST /files/<path>?op=mkdir
        200
        400     Directory exists.
    """
    if 'op' not in flask.request.args:
        return 'Missing operation.', 400

    op = flask.request.args['op']
    path = flask.safe_join(app.config['serve_dir'], path)

    if op == "create":
        fd = os.open(path, os.O_WRONLY | os.O_CREAT, 0o755)
        os.close(fd)
        return ""
    elif op == "mkdir":
        try:
            fd = os.mkdir(path, 0o755)
        except FileExistsError:
            return 'Directory exists.', 400
        return ""

    return 'Unknown operation.', 400
项目:micropayment-storage    作者:mitchoneill    | 项目源码 | 文件源码
def files_put(path):
    """
    write(path, data, offset) -> PUT /files/<path>
        {"data": "<base64 str>", "offset": <offset int>}

        200     <bytes written int>
        404     File not found.
    """
    path = flask.safe_join(app.config['serve_dir'], path)

    payload = flask.request.json

    if 'data' not in payload:
        return 'Missing data.', 400
    elif 'offset' not in payload:
        return 'Missing offset.', 400

    data = base64.b64decode(payload['data'])
    offset = int(payload['offset'])

    # Open, seek, write, close
    try:
        fd = os.open(path, os.O_WRONLY)
        os.lseek(fd, offset, os.SEEK_SET)
        n = os.write(fd, data)
        os.close(fd)
    except FileNotFoundError:
        return 'File not found.', 404

    return flask.jsonify({"count": n})
项目:micropayment-storage    作者:mitchoneill    | 项目源码 | 文件源码
def files_delete(path):
    """
    unlink(path) -> DELETE /files/<path>?op=unlink
        200
        404     File not found.

    rmdir(path) -> DELETE /files/<path>?op=rmdir
        200
        404     File not found.
    """
    if 'op' not in flask.request.args:
        return 'Missing operation.', 400

    op = flask.request.args['op']
    path = flask.safe_join(app.config['serve_dir'], path)

    if op == 'unlink':
        try:
            os.unlink(path)
        except FileNotFoundError:
            return 'File not found.', 404
        return ""
    elif op == 'rmdir':
        try:
            os.rmdir(path)
        except FileNotFoundError:
            return 'File not found.', 404
        except OSError as e:
            return 'Errno {}'.format(e.errno), 400
        return ""

    return 'Unknown operation.', 400
项目:Alexandria    作者:indrora    | 项目源码 | 文件源码
def get_file_path(path):
    """
    Gets the real filepath of a file within the Alexandria environment
    """
    return safe_join(app.config.get('storage','location',None),path)
项目:Alexandria    作者:indrora    | 项目源码 | 文件源码
def preview_file(name):
    # get information about the file
    basepath=app.config.get("storage", "location")

    # Now, we're going to join the two together and normalize path
    fullpath = safe_join(basepath, name)

    # TODO: This could be nicer. 
    if(not os.path.exists(fullpath)):
        abort(404)



    parent_dir='/'.join(name.split('/')[:-1])

    file_stat = os.stat(fullpath)
    file_record = {
        "path":name,
        "name":name.split('/')[-1],
        "size":sizeof_fmt(file_stat.st_size)
    }
    previews = get_previews(name)
    if(len(previews) > 0):
        file_record["previews"] = previews
    # Render the preview template.
    return render_template('browser/preview_panel.html',
        parent_dir=parent_dir,
        file=file_record
        )
项目:Alexandria    作者:indrora    | 项目源码 | 文件源码
def upload(path=""):
    """

    Uploads a file to a place.
    """
    # Check that uploads are OK
    if not can_upload():
        return redirect(sign_auth_path(request.full_path))
    if request.method=='POST':
        # handle uploaded files
        if not 'file' in request.files:
            abort(400) # General UA error
        file = request.files["file"]
        # We default to using the name of the file provided,
        # but allow the filename to be changed via POST details.
        fname = file.filename
        if 'name' in request.form:
            fname = request.form['name']
        safe_fname = secure_filename(fname)
        if not allowed_filename(safe_fname):
            abort(400) # General client error
        # We're handling a potentially dangerous path, better run it through
        # The flask path jointer.
        basepath=app.config.get("storage", "location")
        fullpath = safe_join(basepath, path)
        file.save(os.path.join(fullpath,fname))
        flash("File uploaded successfully")
        return redirect(url_for('browser.upload',path=path))
    else:
        return render_template("browser/upload.html",path=path,title="Upload Files")
项目:alexandria    作者:LibraryBox-Dev    | 项目源码 | 文件源码
def get_file_path(path):
    """
    Gets the real filepath of a file within the Alexandria environment
    """
    return safe_join(app.config.get('storage','location',None),path)
项目:alexandria    作者:LibraryBox-Dev    | 项目源码 | 文件源码
def preview_file(name):
    # get information about the file
    basepath=app.config.get("storage", "location")

    # Now, we're going to join the two together and normalize path
    fullpath = safe_join(basepath, name)

    # TODO: This could be nicer. 
    if(not os.path.exists(fullpath)):
        abort(404)



    parent_dir='/'.join(name.split('/')[:-1])

    file_stat = os.stat(fullpath)
    file_record = {
        "path":name,
        "name":name.split('/')[-1],
        "size":sizeof_fmt(file_stat.st_size)
    }
    previews = get_previews(name)
    if(len(previews) > 0):
        file_record["previews"] = previews
    # Render the preview template.
    return render_template('browser/preview_panel.html',
        parent_dir=parent_dir,
        file=file_record
        )
项目:alexandria    作者:LibraryBox-Dev    | 项目源码 | 文件源码
def upload(path=""):
    """

    Uploads a file to a place.
    """
    # Check that uploads are OK
    if not can_upload():
        return redirect(sign_auth_path(request.full_path))
    if request.method=='POST':
        # handle uploaded files
        if not 'file' in request.files:
            abort(400) # General UA error
        file = request.files["file"]
        # We default to using the name of the file provided,
        # but allow the filename to be changed via POST details.
        fname = file.filename
        if 'name' in request.form:
            fname = request.form['name']
        safe_fname = secure_filename(fname)
        if not allowed_filename(safe_fname):
            abort(400) # General client error
        # We're handling a potentially dangerous path, better run it through
        # The flask path jointer.
        basepath=app.config.get("storage", "location")
        fullpath = safe_join(basepath, path)
        file.save(os.path.join(fullpath,fname))
        flash("File uploaded successfully")
        return redirect(url_for('browser.upload',path=path))
    else:
        return render_template("browser/upload.html",path=path,title="Upload Files")
项目:RNNVis    作者:myaooo    | 项目源码 | 文件源码
def send_js(path):
    return send_from_directory(safe_join(app.config['STATIC_FOLDER'], 'js'), path)
项目:RNNVis    作者:myaooo    | 项目源码 | 文件源码
def send_css(path):
    return send_from_directory(safe_join(app.config['STATIC_FOLDER'], 'css'), path)
项目:RNNVis    作者:myaooo    | 项目源码 | 文件源码
def send_fonts(path):
    return send_from_directory(safe_join(app.config['STATIC_FOLDER'], 'fonts'), path)
项目:RNNVis    作者:myaooo    | 项目源码 | 文件源码
def root():
    print(safe_join(app.config['FRONT_END_ROOT'], 'index.html'))
    file = send_from_directory(app.config['FRONT_END_ROOT'], 'index.html')
    return file
项目:micropayment-storage    作者:mitchoneill    | 项目源码 | 文件源码
def files_get(path):
    """
    getattr(path) -> GET /files/<path>?op=getattr
        200     {"st_mode": <mode int>, "st_size": <size int>}
        404     Not Found

    readdir(path) -> GET /files/<path>?op=readdir
        200     {"files": ["<file str>", ... ]}
        404     Not Found

    read(path, size, offset) -> GET /files/<path>?op=read&size=<size>&offset=<offset>
        200     "<base64 str>"
        404     Not Found
    """
    if 'op' not in flask.request.args:
        return 'Missing operation.', 400

    op = flask.request.args['op']

    if path == "/":
        path = app.config['serve_dir']
    else:
        path = flask.safe_join(app.config['serve_dir'], path)

    if op == 'getattr':
        try:
            info = os.stat(path)
            return flask.jsonify({'st_mode': info.st_mode, 'st_size': info.st_size})
        except FileNotFoundError:
            return 'File not found.', 404
    elif op == 'readdir':
        try:
            return flask.jsonify({"files": os.listdir(path)})
        except FileNotFoundError:
            return 'File not found.', 404
    elif op == 'read':
        if 'size' not in flask.request.args:
            return 'Missing size.', 400
        elif 'offset' not in flask.request.args:
            return 'Missing offset.', 400

        size = int(flask.request.args['size'])
        offset = int(flask.request.args['offset'])

        # Open, seek, read, close
        try:
            fd = os.open(path, os.O_RDONLY)
            os.lseek(fd, offset, os.SEEK_SET)
            buf = os.read(fd, size)
            os.close(fd)
        except FileNotFoundError:
            return 'File not found.', 404

        return flask.jsonify({"data": base64.b64encode(buf).decode()})

    return 'Unknown operation.', 400
项目:CodeGra.de    作者:CodeGra-de    | 项目源码 | 文件源码
def get_file(
    file_name: str, name: str = 'export'
) -> werkzeug.wrappers.Response:
    """Serve some specific file in the uploads folder.

    .. :quickref: File; Get an uploaded file directory.

    .. note::
        Only files uploaded using :http:post:`/api/v1/files/` may be retrieved.

    :param str file_name: The filename of the file to get.
    :returns: The requested file.

    :raises PermissionException: If there is no logged in user. (NOT_LOGGED_IN)
    """
    name = request.args.get('name', name)

    directory = app.config['MIRROR_UPLOAD_DIR']
    error = False

    @after_this_request
    def delete_file(response: t.Any) -> t.Any:
        if not error:
            filename = safe_join(directory, file_name)
            os.unlink(filename)
        return response

    try:
        mimetype = request.args.get('mime', None)
        as_attachment = request.args.get('not_as_attachment', False)
        return send_from_directory(
            directory,
            file_name,
            attachment_filename=name,
            as_attachment=as_attachment,
            mimetype=mimetype
        )
    except NotFound:
        error = True
        raise APIException(
            'The specified file was not found',
            f'The file with name "{file_name}" was not found or is deleted.',
            APICodes.OBJECT_NOT_FOUND,
            404,
        )