# HG changeset patch # User Paul Boddie # Date 1237585511 -3600 # Node ID 893516dc2a2cd4cd71d17911690512862d2d1e56 # Parent bff315d0bd3ca506de6b7e5fe4699e8ab2279725 Added size limits on uploaded files. Added a comment about the recent fsync controversy and renaming. diff -r bff315d0bd3c -r 893516dc2a2c WebStack/Helpers/Request.py --- a/WebStack/Helpers/Request.py Fri Feb 13 22:56:01 2009 +0100 +++ b/WebStack/Helpers/Request.py Fri Mar 20 22:45:11 2009 +0100 @@ -3,7 +3,7 @@ """ Request helper classes. -Copyright (C) 2004, 2005, 2006 Paul Boddie +Copyright (C) 2004, 2005, 2006, 2007, 2008 Paul Boddie This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -215,6 +215,12 @@ self.name = name self.value = value +class FileTooLargeError(Exception): + + "An exception indicating that an uploaded file was too large." + + pass + class FileContent: """ @@ -232,17 +238,22 @@ uploaded file * headers - a dictionary containing the headers associated with the uploaded file + * limit - a limit, if previously specified, on the size of uploaded + content """ - def __init__(self, stream, headers=None): + def __init__(self, stream, headers=None, limit=None): """ Initialise the object with a 'stream' through which the file can be - read, along with optional 'headers' describing the content. + read, along with optional 'headers' describing the content. An optional + 'limit' can be specified to state the maximum number of bytes that may + be read before the content is considered too large. """ self.stream = stream self.headers = headers or HeaderDict() + self.limit = limit self.cache = None def __getattr__(self, name): @@ -258,9 +269,9 @@ return self.cache if self.reset(): - return self.stream.read() + return self._read() else: - self.cache = self.stream.read() + self.cache = self._read() return self.cache elif name == "filename": @@ -273,6 +284,22 @@ else: raise AttributeError, name + def _read(self): + + """ + Read from the stream up to any limit, raising an exception if the + limit is exceeded. + """ + + if self.limit is not None: + s = self.stream.read(self.limit) + if self.stream.read(1): + raise FileTooLargeError + else: + return s + else: + return self.stream.read() + def reset(self): "Reset the stream providing the data, returning whether this succeeded." diff -r bff315d0bd3c -r 893516dc2a2c WebStack/Repositories/Directory.py --- a/WebStack/Repositories/Directory.py Fri Feb 13 22:56:01 2009 +0100 +++ b/WebStack/Repositories/Directory.py Fri Mar 20 22:45:11 2009 +0100 @@ -233,6 +233,7 @@ path = self.full_path(key) edit_path = self.edit_path(key) + # NOTE: Add fsync-related stuff here due to ext4 and other filesystems? os.rename(edit_path, path) def __delitem__(self, key):