]> git.openstreetmap.org Git - osqa.git/blob - forum_modules/sximporter/views.py
fix breach in award points that allows user to award infinite points / extra fix
[osqa.git] / forum_modules / sximporter / views.py
1 from django.shortcuts import render_to_response
2 from django.template import RequestContext
3 from forum.http_responses import HttpResponseUnauthorized
4 from forum.models import User
5 import importer
6 from zipfile import ZipFile
7 import os
8
9 def sximporter(request):
10     if (not User.objects.exists()) or (request.user.is_authenticated() and request.user.is_superuser):
11         list = []
12         if request.method == "POST" and "dump" in request.FILES:
13             dump = ZipFile(request.FILES['dump'])
14             members = [f for f in dump.namelist() if f.endswith('.xml')]
15             extract_to = os.path.join(os.path.dirname(__file__), 'tmp')
16
17             if not os.path.exists(extract_to):
18                 os.makedirs(extract_to)
19
20             for m in members:
21                 f = open(os.path.join(extract_to, m), 'w')
22                 f.write(dump.read(m))
23                 f.close()
24
25             #dump.extractall(extract_to, members)
26             dump.close()
27
28             options = dict([(k, v) for k, v in request.POST.items()])
29             options['authenticated_user'] = (request.user.is_authenticated() and (request.user,) or (None,))[0]
30
31             importer.sximport(extract_to, options)
32
33         return render_to_response('modules/sximporter/page.html', {
34         'names': list
35         }, context_instance=RequestContext(request))
36     else:
37         return HttpResponseUnauthorized(request)
38