From 6578d76e1022a05ddc17c5c9197a0a714699df09 Mon Sep 17 00:00:00 2001 From: pingu Date: Sun, 17 Nov 2024 00:54:42 +0100 Subject: [PATCH] =?UTF-8?q?It=20kinda=20works=20(=E3=83=BB=5F=E3=83=BB;)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- requirements.txt | 1 + src/admin.py | 54 +++++++++++++++++++++-------- src/data.py | 5 +-- src/forms.py | 6 ++-- src/migrations/02-iframe-support.py | 8 +++++ src/templates/admin.html | 13 ++++++- src/templates/pr.html | 26 ++++++++++++-- src/tv.py | 7 ++-- 8 files changed, 96 insertions(+), 24 deletions(-) create mode 100644 src/migrations/02-iframe-support.py diff --git a/requirements.txt b/requirements.txt index 53152d2..edbecd6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -11,3 +11,4 @@ SQLAlchemy==2.0.36 uWSGI==2.0.27 Werkzeug==2.2.2 WTForms==2.2.1 +urllib3==2.2.3 diff --git a/src/admin.py b/src/admin.py index 1084fd8..17de9ac 100644 --- a/src/admin.py +++ b/src/admin.py @@ -9,6 +9,7 @@ from data import User, PR, add_pr, fix_date from forms import PRForm, ModifyPRForm from werkzeug.utils import secure_filename +from urllib.parse import quote admin_page = Blueprint("admin", __name__) @@ -40,10 +41,24 @@ def admin(): if form.validate_on_submit(): filename = form.file.data.filename - if not filename or not allowed_file(filename): + link = quote(form.link.data, safe='/:?&') + + if not link and (not filename or not allowed_file(filename)): flash("File type not supported") return redirect("/admin") + if link and filename: + flash("Both file and link") + return redirect("/admin") + + if not link.startswith("https://"): + flash("Link didn't start with https://") + return redirect("/admin") + + if link.startswith("https://tv.dtek.se"): + flash("No links to tv-mannnen D:") + return redirect("/admin") + # Check if start date is after end date if (form.start_date.data > form.end_date.data): flash("Start date is after end date.") @@ -58,19 +73,30 @@ def admin(): return redirect("/admin") org_filename = secure_filename(filename) - - # Generate random filename with correct extention - filename = str(uuid.uuid4()) + "." + \ - org_filename.rsplit('.', 1)[1].lower() - form.file.data.save(os.path.join( - app.config['UPLOAD_FOLDER'], filename)) - add_pr(file_name=filename, - desc=form.desc.data, - priority=form.priority.data, - start_date=form.start_date.data, - end_date=form.end_date.data, - user_id=current_user.id, - owner=current_user.username) + + if link: + add_pr(file_name=link, + is_iframe=True, + desc=form.desc.data, + priority=form.priority.data, + start_date=form.start_date.data, + end_date=form.end_date.data, + user_id=current_user.id, + owner=current_user.username) + elif filename: + # Generate random filename with correct extention + filename = str(uuid.uuid4()) + "." + \ + org_filename.rsplit('.', 1)[1].lower() + form.file.data.save(os.path.join( + app.config['UPLOAD_FOLDER'], filename)) + add_pr(file_name=filename, + is_iframe=False, + desc=form.desc.data, + priority=form.priority.data, + start_date=form.start_date.data, + end_date=form.end_date.data, + user_id=current_user.id, + owner=current_user.username) return redirect("/admin") else: # Change the default start and end dates diff --git a/src/data.py b/src/data.py index 16ef811..8d8de0b 100644 --- a/src/data.py +++ b/src/data.py @@ -19,6 +19,7 @@ def check_password(self, password): class PR(db.Model): id = db.Column(db.Integer, primary_key=True) desc = db.Column(db.String()) + is_iframe = db.Column(db.Boolean()) file_name = db.Column(db.String()) start_date = db.Column(db.DateTime, index=True, default=datetime.utcnow) end_date = db.Column(db.DateTime, index=True) @@ -53,10 +54,10 @@ def fix_date(start_date, end_date, priority): return start, end -def add_pr(file_name, desc, priority, start_date, end_date, user_id, owner): +def add_pr(file_name, is_iframe, desc, priority, start_date, end_date, user_id, owner): # Fix date start, end = fix_date(start_date, end_date, priority) - pr = PR(desc=desc, file_name=file_name, priority=priority, + pr = PR(desc=desc, is_iframe=is_iframe, file_name=file_name, priority=priority, start_date=start, end_date=end, user_id=user_id, owner=owner) db.session.add(pr) db.session.commit() diff --git a/src/forms.py b/src/forms.py index 8a1ce01..5355cdd 100644 --- a/src/forms.py +++ b/src/forms.py @@ -35,8 +35,10 @@ def validate_username(self, username): raise ValidationError('Username already taken') class PRForm(FlaskForm): - file = FileField(label="File:", - validators=[DataRequired()]) + file = FileField(label="File:") + + link = StringField(label="Link:", + render_kw={"placeholder": "https://google.com"}) desc = StringField("Description:", validators=[DataRequired(), Length(min=1, max=128)], diff --git a/src/migrations/02-iframe-support.py b/src/migrations/02-iframe-support.py new file mode 100644 index 0000000..7bd4faf --- /dev/null +++ b/src/migrations/02-iframe-support.py @@ -0,0 +1,8 @@ +from tv import app, db +from sqlalchemy import text + +def upgrade(): + with app.app_context(): + + db.session.execute(text(f"ALTER TABLE pr ADD COLUMN is_iframe BOOLEAN DEFAULT FALSE")) + db.session.commit() diff --git a/src/templates/admin.html b/src/templates/admin.html index 1fecb16..cbfb689 100644 --- a/src/templates/admin.html +++ b/src/templates/admin.html @@ -76,7 +76,18 @@

File

{% endfor %} - + +
+
+ {{ form.link.label }} +
+
+ {{ form.link }} + {% for error in form.link.errors %} + [{{ error }}] + {% endfor %} +
+
diff --git a/src/templates/pr.html b/src/templates/pr.html index 5041c42..d6c3689 100644 --- a/src/templates/pr.html +++ b/src/templates/pr.html @@ -36,6 +36,15 @@ width: 100%; height: 100%; } + + iframe { + display: block; + width: 100%; + border: none; + overflow-y: auto; + overflow-x: hidden; + pointer-events: none; + }