docs: Move upload handler

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/templates/docs/files/detail.html b/src/templates/docs/files/detail.html
index 9527cdae89012696d3bc02ef7d0f1299577f3b43..cd822a45c4f301a343189b16b3ecac89f9ea5acf 100644 (file)
--- a/src/templates/docs/files/detail.html
+++ b/src/templates/docs/files/detail.html
@@ -86,7 +86,7 @@
 
                        <h6>{{ _("Upload Newer Revision") }}</h6>
 
-                       <form method="POST" action="/actions/upload" enctype="multipart/form-data">
+                       <form method="POST" action="/docs/_upload" enctype="multipart/form-data">
                                {% raw xsrf_form_html() %}
 
                                <input type="hidden" name="path" value="{{ file.path }}">

diff --git a/src/templates/docs/files/index.html b/src/templates/docs/files/index.html
index bc6f99bb63615ec4502a87211dcd21eb7b994b8c..3ae638a25e90de929b8ea4686b92b38d264f676d 100644 (file)
--- a/src/templates/docs/files/index.html
+++ b/src/templates/docs/files/index.html
@@ -54,7 +54,7 @@
                <div class="card-body">
                        <h6 class="card-title">{{ _("Upload File") }}</h6>
 
-                       <form method="POST" action="/actions/upload" enctype="multipart/form-data">
+                       <form method="POST" action="/docs/_upload" enctype="multipart/form-data">
                                {% raw xsrf_form_html() %}
 
                                <input type="hidden" name="path" value="{{ path }}">

diff --git a/src/web/__init__.py b/src/web/__init__.py
index 81733e4e89afa481e13c159837f358194ffbef2f..9eb11c0a98a6151f255ae189529b9ea0557a42aa 100644 (file)
--- a/src/web/__init__.py
+++ b/src/web/__init__.py
@@ -146,6 +146,7 @@ class Application(tornado.web.Application):
                        (r"/docs/search", docs.SearchHandler),
                        (r"/docs/tree", docs.TreeHandler),
                        (r"/docs/watchlist", docs.WatchlistHandler),
+                       (r"/docs/_upload", docs.UploadHandler),
                        (r"/docs/([A-Za-z0-9\-_\/]+)?/_edit", docs.EditHandler),
                        (r"/docs/([A-Za-z0-9\-_\/]+)?/_render", docs.RenderHandler),
                        (r"/docs/([A-Za-z0-9\-_\/]+)?/_(watch|unwatch)", docs.WatchHandler),
@@ -352,7 +353,6 @@ class Application(tornado.web.Application):
 
                        # Actions
                        (r"/actions/restore", wiki.ActionRestoreHandler),
-                       (r"/actions/upload", wiki.ActionUploadHandler),
 
                        # Serve any static files
                        (r"/static/(.*)", tornado.web.StaticFileHandler, { "path" : self.settings.get("static_path") }),

diff --git a/src/web/docs.py b/src/web/docs.py
index e3f684753721d0af7f83a15ea031ed6bd30a5d45..9cf6ba76d216a755451f26a477938c3292bba696 100644 (file)
--- a/src/web/docs.py
+++ b/src/web/docs.py
@@ -229,6 +229,35 @@ class RenderHandler(base.BaseHandler):
                self.finish(html)
 
 
+class UploadHandler(base.BaseHandler):
+       @tornado.web.authenticated
+       @base.ratelimit(minutes=60, requests=24)
+       def post(self):
+               path = self.get_argument("path")
+
+               # Check permissions
+               if not self.backend.wiki.check_acl(path, self.current_user):
+                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
+
+               try:
+                       filename, data, mimetype = self.get_file("file")
+
+                       # Use filename from request if any
+                       filename = self.get_argument("filename", filename)
+
+                       # XXX check valid mimetypes
+
+                       with self.db.transaction():
+                               file = self.backend.wiki.upload(path, filename, data,
+                                       mimetype=mimetype, author=self.current_user,
+                                       address=self.get_remote_ip())
+
+               except TypeError as e:
+                       raise e
+
+               self.redirect("%s/_files" % path)
+
+
 class WatchHandler(base.BaseHandler):
        @tornado.web.authenticated
        @base.ratelimit(minutes=60, requests=180)

diff --git a/src/web/wiki.py b/src/web/wiki.py
index 8d6faad070b2223a91b12bb160fa6d1c06dfc988..2d94e7d260154edf96eb4f17800b17858ac669d5 100644 (file)
--- a/src/web/wiki.py
+++ b/src/web/wiki.py
@@ -5,35 +5,6 @@ import tornado.web
 from . import base
 from . import ui_modules
 
-class ActionUploadHandler(base.BaseHandler):
-       @tornado.web.authenticated
-       @base.ratelimit(minutes=60, requests=24)
-       def post(self):
-               path = self.get_argument("path")
-
-               # Check permissions
-               if not self.backend.wiki.check_acl(path, self.current_user):
-                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
-               try:
-                       filename, data, mimetype = self.get_file("file")
-
-                       # Use filename from request if any
-                       filename = self.get_argument("filename", filename)
-
-                       # XXX check valid mimetypes
-
-                       with self.db.transaction():
-                               file = self.backend.wiki.upload(path, filename, data,
-                                       mimetype=mimetype, author=self.current_user,
-                                       address=self.get_remote_ip())
-
-               except TypeError as e:
-                       raise e
-
-               self.redirect("%s/_files" % path)
-
-
 class ActionRestoreHandler(base.BaseHandler):
        @tornado.web.authenticated
        @base.ratelimit(minutes=60, requests=24)