init
Showing
1 changed file
with
27 additions
and
17 deletions
| 1 | from mimetypes import suffix_map | ||
| 1 | import os | 2 | import os |
| 2 | import io | 3 | import io |
| 3 | import time | 4 | import time |
| ... | @@ -1125,10 +1126,18 @@ class DocView(DocGenericView, DocHandler): | ... | @@ -1125,10 +1126,18 @@ class DocView(DocGenericView, DocHandler): |
| 1125 | random_int = random.randint(0, consts.TIME_NUM) | 1126 | random_int = random.randint(0, consts.TIME_NUM) |
| 1126 | metadata_version_id = str(int(time.time()) - random_int) | 1127 | metadata_version_id = str(int(time.time()) - random_int) |
| 1127 | 1128 | ||
| 1129 | # 现在不只接受pdf 图片也接收 | ||
| 1128 | pdf_file = request.FILES.get('pdf_file') | 1130 | pdf_file = request.FILES.get('pdf_file') |
| 1131 | file_suffux = '' | ||
| 1129 | if isinstance(pdf_file.name, str): | 1132 | if isinstance(pdf_file.name, str): |
| 1130 | if not pdf_file.name.endswith('pdf') and not pdf_file.name.endswith('PDF'): | 1133 | # if not pdf_file.name.endswith('pdf') and not pdf_file.name.endswith('PDF'): |
| 1131 | self.invalid_params(msg='invalid params: not a PDF file') | 1134 | # self.invalid_params(msg='invalid params: not a PDF file') |
| 1135 | if '.' in pdf_file.name: | ||
| 1136 | file_suffux = pdf_file.name.split('.')[-1] | ||
| 1137 | else: | ||
| 1138 | self.invalid_params(msg='invalid params: invalid file name') | ||
| 1139 | else: | ||
| 1140 | self.invalid_params(msg='invalid params: invalid file name') | ||
| 1132 | 1141 | ||
| 1133 | business_type = request.POST.get('business_type', '') | 1142 | business_type = request.POST.get('business_type', '') |
| 1134 | document_scheme = request.POST.get('document_scheme', '') | 1143 | document_scheme = request.POST.get('document_scheme', '') |
| ... | @@ -1138,24 +1147,25 @@ class DocView(DocGenericView, DocHandler): | ... | @@ -1138,24 +1147,25 @@ class DocView(DocGenericView, DocHandler): |
| 1138 | args = {'business_type':business_type,'document_scheme':document_scheme,'data_source':data_source,'document_name':document_name,'pdf_file':pdf_file,'fsm':fsm} | 1147 | args = {'business_type':business_type,'document_scheme':document_scheme,'data_source':data_source,'document_name':document_name,'pdf_file':pdf_file,'fsm':fsm} |
| 1139 | # business_type = random.choice(consts.BUSINESS_TYPE_LIST) | 1148 | # business_type = random.choice(consts.BUSINESS_TYPE_LIST) |
| 1140 | # business_type = consts.BUSINESS_TYPE_LIST[0] | 1149 | # business_type = consts.BUSINESS_TYPE_LIST[0] |
| 1141 | tmp_save_path = os.path.join(conf.DATA_DIR, business_type, '{0}.pdf'.format(metadata_version_id)) | 1150 | tmp_save_path = os.path.join(conf.DATA_DIR, business_type, '{0}.{1}}'.format(metadata_version_id, file_suffux)) |
| 1142 | file_write(pdf_file, tmp_save_path) | 1151 | file_write(pdf_file, tmp_save_path) |
| 1143 | 1152 | ||
| 1144 | try: | 1153 | if file_suffux.lower() == 'pdf': |
| 1145 | file = fitz.Document(tmp_save_path) | 1154 | try: |
| 1146 | except Exception as e: | 1155 | file = fitz.Document(tmp_save_path) |
| 1147 | os.remove(tmp_save_path) | 1156 | except Exception as e: |
| 1148 | raise self.invalid_params(msg='invalid params: not a PDF file') | ||
| 1149 | else: | ||
| 1150 | if not file.isPDF: | ||
| 1151 | file.close() | ||
| 1152 | os.remove(tmp_save_path) | 1157 | os.remove(tmp_save_path) |
| 1153 | raise self.invalid_params(msg='invalid params: not a PDF file') | 1158 | raise self.invalid_params(msg='invalid params: not a PDF file') |
| 1154 | # elif not self.xss_pass(file): | 1159 | else: |
| 1155 | # os.remove(tmp_save_path) | 1160 | if not file.isPDF: |
| 1156 | # raise self.invalid_params(msg='invalid params: PDF file XSS') | 1161 | file.close() |
| 1157 | 1162 | os.remove(tmp_save_path) | |
| 1158 | file.close() | 1163 | raise self.invalid_params(msg='invalid params: not a PDF file') |
| 1164 | # elif not self.xss_pass(file): | ||
| 1165 | # os.remove(tmp_save_path) | ||
| 1166 | # raise self.invalid_params(msg='invalid params: PDF file XSS') | ||
| 1167 | |||
| 1168 | file.close() | ||
| 1159 | # 1. 上传信息记录 | 1169 | # 1. 上传信息记录 |
| 1160 | application_id = '{0}{1}'.format(consts.FIXED_APPLICATION_ID_PREFIX, metadata_version_id) | 1170 | application_id = '{0}{1}'.format(consts.FIXED_APPLICATION_ID_PREFIX, metadata_version_id) |
| 1161 | upload_finish_time = timezone.now() | 1171 | upload_finish_time = timezone.now() |
| ... | @@ -1194,7 +1204,7 @@ class DocView(DocGenericView, DocHandler): | ... | @@ -1194,7 +1204,7 @@ class DocView(DocGenericView, DocHandler): |
| 1194 | 1204 | ||
| 1195 | # 3.pdf文件移动 | 1205 | # 3.pdf文件移动 |
| 1196 | save_dir_path = os.path.join(conf.DATA_DIR, business_type, consts.TMP_DIR_NAME, str(doc.id)) | 1206 | save_dir_path = os.path.join(conf.DATA_DIR, business_type, consts.TMP_DIR_NAME, str(doc.id)) |
| 1197 | save_file_path = os.path.join(save_dir_path, '{0}.pdf'.format(doc.id)) | 1207 | save_file_path = os.path.join(save_dir_path, '{0}.{1}'.format(doc.id, file_suffux)) |
| 1198 | os.makedirs(save_dir_path, exist_ok=True) | 1208 | os.makedirs(save_dir_path, exist_ok=True) |
| 1199 | # file_write(pdf_file, save_file_path) | 1209 | # file_write(pdf_file, save_file_path) |
| 1200 | shutil.move(tmp_save_path, save_file_path) | 1210 | shutil.move(tmp_save_path, save_file_path) | ... | ... |
-
Please register or sign in to post a comment