diff --git a/requirements.txt b/requirements.txt index 53152d2..edbecd6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -11,3 +11,4 @@ SQLAlchemy==2.0.36 uWSGI==2.0.27 Werkzeug==2.2.2 WTForms==2.2.1 +urllib3==2.2.3 diff --git a/src/admin.py b/src/admin.py index 1084fd8..91f94a8 100644 --- a/src/admin.py +++ b/src/admin.py @@ -9,6 +9,7 @@ from data import User, PR, add_pr, fix_date from forms import PRForm, ModifyPRForm from werkzeug.utils import secure_filename +from urllib.parse import quote admin_page = Blueprint("admin", __name__) @@ -40,8 +41,10 @@ def admin(): if form.validate_on_submit(): filename = form.file.data.filename - if not filename or not allowed_file(filename): - flash("File type not supported") + link = form.link.data + + if link and filename: + flash("Both file and link") return redirect("/admin") # Check if start date is after end date @@ -57,20 +60,43 @@ def admin(): flash(msg) return redirect("/admin") - org_filename = secure_filename(filename) - - # Generate random filename with correct extention - filename = str(uuid.uuid4()) + "." + \ - org_filename.rsplit('.', 1)[1].lower() - form.file.data.save(os.path.join( - app.config['UPLOAD_FOLDER'], filename)) - add_pr(file_name=filename, - desc=form.desc.data, - priority=form.priority.data, - start_date=form.start_date.data, - end_date=form.end_date.data, - user_id=current_user.id, - owner=current_user.username) + if link: + if not link.startswith("https://"): + flash("Link didn't start with https://") + return redirect("/admin") + + if link.startswith("https://tv.dtek.se"): + flash("No links to tv-mannnen D:") + return redirect("/admin") + + add_pr(file_name=link, + is_iframe=True, + desc=form.desc.data, + priority=form.priority.data, + start_date=form.start_date.data, + end_date=form.end_date.data, + user_id=current_user.id, + owner=current_user.username) + elif filename: + if (not filename or not allowed_file(filename)): + flash("File type not supported") + return redirect("/admin") + + org_filename = secure_filename(filename) + + # Generate random filename with correct extention + filename = str(uuid.uuid4()) + "." + \ + org_filename.rsplit('.', 1)[1].lower() + form.file.data.save(os.path.join( + app.config['UPLOAD_FOLDER'], filename)) + add_pr(file_name=filename, + is_iframe=False, + desc=form.desc.data, + priority=form.priority.data, + start_date=form.start_date.data, + end_date=form.end_date.data, + user_id=current_user.id, + owner=current_user.username) return redirect("/admin") else: # Change the default start and end dates @@ -107,7 +133,8 @@ def delete(): return redirect("/admin") try: - os.remove(os.path.join(config.UPLOAD_FOLDER, pr.file_name)) + if not pr.is_iframe: + os.remove(os.path.join(config.UPLOAD_FOLDER, pr.file_name)) except: flash("PR wasn't found on disk but the database entry has been removed") diff --git a/src/data.py b/src/data.py index 16ef811..8d8de0b 100644 --- a/src/data.py +++ b/src/data.py @@ -19,6 +19,7 @@ def check_password(self, password): class PR(db.Model): id = db.Column(db.Integer, primary_key=True) desc = db.Column(db.String()) + is_iframe = db.Column(db.Boolean()) file_name = db.Column(db.String()) start_date = db.Column(db.DateTime, index=True, default=datetime.utcnow) end_date = db.Column(db.DateTime, index=True) @@ -53,10 +54,10 @@ def fix_date(start_date, end_date, priority): return start, end -def add_pr(file_name, desc, priority, start_date, end_date, user_id, owner): +def add_pr(file_name, is_iframe, desc, priority, start_date, end_date, user_id, owner): # Fix date start, end = fix_date(start_date, end_date, priority) - pr = PR(desc=desc, file_name=file_name, priority=priority, + pr = PR(desc=desc, is_iframe=is_iframe, file_name=file_name, priority=priority, start_date=start, end_date=end, user_id=user_id, owner=owner) db.session.add(pr) db.session.commit() diff --git a/src/forms.py b/src/forms.py index 8a1ce01..5355cdd 100644 --- a/src/forms.py +++ b/src/forms.py @@ -35,8 +35,10 @@ def validate_username(self, username): raise ValidationError('Username already taken') class PRForm(FlaskForm): - file = FileField(label="File:", - validators=[DataRequired()]) + file = FileField(label="File:") + + link = StringField(label="Link:", + render_kw={"placeholder": "https://google.com"}) desc = StringField("Description:", validators=[DataRequired(), Length(min=1, max=128)], diff --git a/src/migrations/02-iframe-support.py b/src/migrations/02-iframe-support.py new file mode 100644 index 0000000..7bd4faf --- /dev/null +++ b/src/migrations/02-iframe-support.py @@ -0,0 +1,8 @@ +from tv import app, db +from sqlalchemy import text + +def upgrade(): + with app.app_context(): + + db.session.execute(text(f"ALTER TABLE pr ADD COLUMN is_iframe BOOLEAN DEFAULT FALSE")) + db.session.commit() diff --git a/src/templates/admin.html b/src/templates/admin.html index 1fecb16..cdc46e1 100644 --- a/src/templates/admin.html +++ b/src/templates/admin.html @@ -26,7 +26,7 @@ {% for pr in pr_list %} - {{ pr.desc }} + {{ pr.desc }} {{ pr.start_date.strftime('%Y-%m-%d, %H:%M') }} {{ pr.end_date.strftime('%Y-%m-%d, %H:%M') }} {{ pr.priority }} @@ -71,12 +71,26 @@

File

{{ form.file }} + {% for error in form.file.errors %} [{{ error }}] {% endfor %}
- + +
+
+ {{ form.link.label }} +
+
+ {{ form.link }} + {% for error in form.link.errors %} + [{{ error }}] + {% endfor %} +
+
@@ -131,4 +145,24 @@

File

+ {% endblock %} diff --git a/src/templates/pr.html b/src/templates/pr.html index 5041c42..d6c3689 100644 --- a/src/templates/pr.html +++ b/src/templates/pr.html @@ -36,6 +36,15 @@ width: 100%; height: 100%; } + + iframe { + display: block; + width: 100%; + border: none; + overflow-y: auto; + overflow-x: hidden; + pointer-events: none; + }