Restrict upload dialogs for plugins and language packs to supported extensions

2016-10-17 11:33:23 +02:00 · 2016-10-17 11:33:23 +02:00 · 4724153637
commit 4724153637
parent 93196993d1
3 changed files with 7 additions and 4 deletions
--- a/src/octoprint/plugins/pluginmanager/init.py
+++ b/src/octoprint/plugins/pluginmanager/init.py
@ -32,6 +32,8 @@ class PluginManagerPlugin(octoprint.plugin.SimpleApiPlugin,
                          octoprint.plugin.StartupPlugin,
                          octoprint.plugin.BlueprintPlugin):

+	ARCHIVE_EXTENSIONS = (".zip", ".tar.gz", ".tgz", ".tar")
+
 	def __init__(self):
 		self._pending_enable = set()
 		self._pending_disable = set()
@ -116,7 +118,8 @@ class PluginManagerPlugin(octoprint.plugin.SimpleApiPlugin,
 		plugins = sorted(self._get_plugins(), key=lambda x: x["name"].lower())
 		return dict(
 			all=plugins,
-			thirdparty=filter(lambda p: not p["bundled"], plugins)
+			thirdparty=filter(lambda p: not p["bundled"], plugins),
+			archive_extensions=self.__class__.ARCHIVE_EXTENSIONS
 		)

 	def get_template_types(self, template_sorting, template_rules, *args, **kwargs):
@ -141,7 +144,7 @@ class PluginManagerPlugin(octoprint.plugin.SimpleApiPlugin,
 		upload_path = flask.request.values[input_upload_path]
 		upload_name = flask.request.values[input_upload_name]

-		exts = filter(lambda x: upload_name.lower().endswith(x), (".zip", ".tar.gz", ".tgz", ".tar"))
+		exts = filter(lambda x: upload_name.lower().endswith(x), self.__class__.ARCHIVE_EXTENSIONS)
 		if not len(exts):
 			return flask.make_response("File doesn't have a valid extension for a plugin archive", 400)

--- a/src/octoprint/plugins/pluginmanager/templates/pluginmanager_settings.jinja2
+++ b/src/octoprint/plugins/pluginmanager/templates/pluginmanager_settings.jinja2
@ -173,7 +173,7 @@
                <div class="input-prepend span9">
                    <span class="btn fileinput-button">
                        <span>{{ _('Browse...') }}</span>
-                        <input id="settings_plugin_pluginmanager_repositorydialog_upload" type="file" name="file" data-url="{{ url_for("plugin.pluginmanager.upload_archive") }}">
+                        <input id="settings_plugin_pluginmanager_repositorydialog_upload" type="file" name="file" accept="{{ ",".join(plugin_pluginmanager_archive_extensions) }}" data-url="{{ url_for("plugin.pluginmanager.upload_archive") }}">
                    </span>
                    <span class="add-on add-on-limited text-left" data-bind="text: uploadFilename, attr: {title: uploadFilename}"></span>
                </div>
--- a/src/octoprint/templates/dialogs/settings/appearance.jinja2
+++ b/src/octoprint/templates/dialogs/settings/appearance.jinja2
@ -88,7 +88,7 @@
                <div class="input-prepend span9">
                    <span class="btn fileinput-button">
                        <span>{{ _('Browse...') }}</span>
-                        <input id="settings_appearance_managelanguagesdialog_upload" type="file" name="file" data-url="{{ url_for("api.uploadLanguagePack") }}">
+                        <input id="settings_appearance_managelanguagesdialog_upload" type="file" name="file" accept=".zip,.tar.gz,.tgz,.tar" data-url="{{ url_for("api.uploadLanguagePack") }}">
                    </span>
                    <span class="add-on add-on-limited text-left" data-bind="text: translationUploadFilename, attr: {title: translationUploadFilename}"></span>
                </div>