Custom upload handler in generic view

[hbf]

Dear all,

In order to provide progress feedback of file uploads I needed to
install an upload handler for a specific view. This is documented for
"classical" views at

https://docs.djangoproject.com/en/dev/topics/http/file-uploads/#modifying-upload-handlers-on-the-fly

For generic views, however, I could not find any instructions and I
came up with the following, which I would like to share:

# BEGIN OF CLASS
from django.utils import importlib
from django.core.exceptions import ImproperlyConfigured
from django.views.decorators.csrf import csrf_protect

class UploadHandlerMixin(object):
'''
A mixin for Django generic views that installs a custom upload
handler in front of
the current chain of upload handlers.

You specify the handler to install by overriding the
'upload_handler' attribute of
the class, specifying the module and class name in the form
'path.to.module.class':

class MyView(UploadHandlerMixin, View):
upload_handler = 'path.to.module.MyUploadHandler'

If you do not override 'upload_handler', no additional upload
handler will be
installed.

If the CsrfViewMiddleware is installed (which is the default)
then you must use
your view as follows in your urls.py:

from django.views.decorators.csrf import csrf_exempt
url(r'^.../$', csrf_exempt(MyView.as_view()), ...),

Internally, the UploadHandlerMixin mixin will install the
upload handler and then
perform the CSRF check. (This is necessary because the CSRF
check inspects
request.POST, and afterwards upload handlers cannot be
changed, see documentation
link given below.)

The handler is installed as described in the Django
documentation "Modifying upload handlers
on the fly", see
https://docs.djangoproject.com/en/dev/topics/http/file-uploads/#modifying-upload-handlers-on-the-fly
'''

upload_handler = None

def dispatch(self, request, *args, **kwargs):
if not self.upload_handler is None:
request.upload_handlers.insert(0,
UploadHandlerMixin._instantiate_upload_handler(self.upload_handler,
request))
return _uploadhandler_dispatch(request, self, *args, **kwargs)

@staticmethod
def _instantiate_upload_handler(path, *args, **kwargs):
i = path.rfind('.')
module, attr = path[:i], path[i+1:]
try:
mod = importlib.import_module(module)
except ImportError, e:
raise ImproperlyConfigured('Error importing upload handler
module %s: "%s"' % (module, e))
except ValueError, e:
raise ImproperlyConfigured('Error importing upload handler
module. Is FILE_UPLOAD_HANDLERS a correctly defined list or tuple?')
try:
cls = getattr(mod, attr)
except AttributeError:
raise ImproperlyConfigured('Module "%s" does not define a
"%s" upload handler backend' % (module, attr))
return cls(*args, **kwargs)

@csrf_protect
def _uploadhandler_dispatch(request, view, *args, **kwargs):
return super(UploadHandlerMixin, view).dispatch(request, *args,
**kwargs)
# END OF CLASS

Not being a Django expert, I wanted to ask whether this is okay
security-wise? Any other feedback is of course welcome.

Best,
Kaspar

P.S. I opened a question at stackoverflow,

http://stackoverflow.com/questions/7901895/how-to-install-a-custom-upload-handler-in-a-django-generic-view

and will keep both this thread and the latter post updated.

[Andre Terra]

Are you using nginx by any chance? I use nginx and my setup is as follows:

A upload.py with the custom handler and a view to yield progress result as json [1], a template with some javascript [2] to fetch the json-formatted progress result, some lines in nginx.conf [3] to tell it to keep track of uploads (nginx must be compiled with HttpUploadProgressModule [4]) and a bit of patience to get it up and running.

I have compiled nginx for windows with that additional module. The instructions are pretty much gone at this point, but I can zip the binaries and send it your way should you need them.

You will also notice that I use a /projects/mysite/mysite layout for my django projects, which is consistent with the new layout in 1.4/trunk [5].

I almost forgot! I'm also using a custom JSONMixin which calls get_data() on ajax requests in any view that implements it and returns self.data (to be set by self.get_data) as json [6].

Best of luck!



Cheers,
AT

[1] http://dpaste.com/hold/641334/
[2] http://dpaste.com/hold/641337/
[3] http://dpaste.com/hold/641339/
[4] http://wiki.nginx.org/HttpUploadProgressModule
[5] https://docs.djangoproject.com/en/dev/intro/tutorial01/#creating-a-project
[6] http://dpaste.com/hold/641344/

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

[hbf]

Thanks for your reply and the detailed information.

Your solution looks great, and I guess that using a web server-based
solution (in contrast to a Django-based one) is much more efficient.
What I do not understand in your setup is why, if you have
HttpUploadProgressModule installed, you do need a custom upload
handler and AJAX view? IIUC HttpUploadProgressModule is providing this
for free, isn't it?

Unfortunately, my hoster is not using nginx but Apache. Maybe there is
a Django-compatible module for it out there;
https://github.com/drogus/apache-upload-progress-module/ seems to be
an option but I haven't tried it yet.

Best,
Kaspar

On Oct 26, 2:18 pm, Andre Terra <andrete...@gmail.com> wrote:
> Are you using nginx by any chance? I use nginx and my setup is as follows:
>
> A upload.py with the custom handler and a view to yield progress result as
> json [1], a template with some javascript [2] to fetch the json-formatted
> progress result, some lines in nginx.conf [3] to tell it to keep track of
> uploads (nginx must be compiled with HttpUploadProgressModule [4]) and a bit
> of patience to get it up and running.
>
> I have compiled nginx for windows with that additional module. The
> instructions are pretty much gone at this point, but I can zip the binaries
> and send it your way should you need them.
>
> You will also notice that I use a /projects/mysite/mysite layout for my
> django projects, which is consistent with the new layout in 1.4/trunk [5].
>
> I almost forgot! I'm also using a custom JSONMixin which calls get_data() on
> ajax requests in any view that implements it and returns self.data (to be
> set by self.get_data) as json [6].
>
> Best of luck!
>
> Cheers,
> AT
>
> [1]http://dpaste.com/hold/641334/
> [2]http://dpaste.com/hold/641337/
> [3]http://dpaste.com/hold/641339/
> [4]http://wiki.nginx.org/HttpUploadProgressModule

> [5]https://docs.djangoproject.com/en/dev/intro/tutorial01/#creating-a-pr...

> [6]http://dpaste.com/hold/641344/
>
>
>
>
>
>
>
> On Wed, Oct 26, 2011 at 9:21 AM, hbf <kaspar.fisc...@dreizak.com> wrote:
> > Dear all,
>
> > In order to provide progress feedback of file uploads I needed to
> > install an upload handler for a specific view. This is documented for
> > "classical" views at
>

> >https://docs.djangoproject.com/en/dev/topics/http/file-uploads/#modif...

> >https://docs.djangoproject.com/en/dev/topics/http/file-uploads/#modif...
> >    '''

> >http://stackoverflow.com/questions/7901895/how-to-install-a-custom-up...

[Andre Terra]

AFAIK, it's also doable with apache, with little modification from the code I provided. I just haven't had the chance to investigate the possibilities yet.

Before I say anything else, I must admit I completely forgot to provide a very important file for the upload progress thingy: the javascript file [1] which fetches information from the server!

As for your question, I honestly can't say I'm an authority on the matter, but from my understanding, the custom upload handler will do the talking between django and nginx. The way upload handlers work is pretty much beyond my knowledge, so for now I'm just going to accept the fact that it works :P


Cheers,
AT

[1] https://github.com/drogus/jquery-upload-progress/blob/master/jquery.uploadProgress.js