I need to create a form that submits files and at the same time, stores the user who did it, the name of the file, its hash, the time. Other things like his IP address, his web client would be interesting as well.
I see two ways:
1) some sort of method tracing (a decorator maybe) that informs me what calls
have been done to some controller
2) include in the uploading form, insertions to the database that also keep
track of what has been done (the solution I'm trying)
While I want to keep files metadata stored on the database, I want them to be
stored on the file system. So how can I create a form that uploads the file and
stores all this metadata on the database (including getting the filename, its
hash,...)?
On Mar 30, 2012, at 12:11 AM, Derek wrote:
> Are you getting any error messages? What do you mean by "this is not yet
> working".
>
> On Thursday, March 29, 2012 8:10:38 AM UTC-7, blackthorne wrote:
> Hello,
>
> I am working on a "secure" documentation system that should support file
> uploads but also to give the ability to trace user actions like
> download/upload of files. This should be integrated in the portal itself so
> that the administrator doesn't need to parse web log files and trace users
> and IP's. Example:
>
> user Malkovich submitted a file: report.docx with hash: 102310239123123 at
> 2012.03.27 10:12:45 (GMT)
> user BigFatCat downloaded the file: report.docx (id: 1201010121) at
> 2012.03.27 12:11:05 (GMT)
> ...
>
> So, I just said what I have and I want, so now let me tell have I done about
> this:
>
> in the model:
>
> ...
> db.define_table('attachment',
> Field('name', requires=IS_NOT_EMPTY()),
> Field('filename'),
> Field('description'),
> Field('doc_type', requires=IS_IN_SET(['text','report','image','other']),
> default='other'),
> Field('hash', 'string'),
> Field('file','upload'),
> format='%(name)s')
>
> db.define_table('logs',
> Field('message','string', requires=IS_NOT_EMPTY()),
> Field('full_description','text'),
> Field('action', 'string',
> requires=IS_IN_SET(['create','remove','download','upload',
> 'edit','other']),default='download'),
> Field('attachments', 'list:reference attachment', notnull=False),
> Field('user', 'list:reference auth_user'),
> Field('happened_on','datetime', default=datetime.datetime.now()))
> ...
>
> in the controller:
>
> def hash(file):
> return hashlib.md5(open(file).read()).hexdigest()
>
> @auth.requires_login()
> def insert_file():
> form = SQLFORM(db.attachment, upload=URL('download'), fields=['name',
> 'description', 'file'])
> if request.vars.file!=None:
> form.vars.filename = request.vars.file.filename # not sure about this
> one...
> form.vars.hash = hash(file)
> if form.process().accepted:
> db.logs.insert(message='file submitted',
> full_description=forn.vars.hash, action='upload', attachments='',
> user=auth.user.id, happened_on=request.now)
> response.flash = 'form accepted'
> elif form.errors:
> response.flash = 'something went wrong, try harder'
> record = db.attachment(request.args(0)) or redirect(URL('index'))
> return dict(form=form)
> ...
>
> This is not yet working but don't think I am on the right track? Tips?
>
> Thank you
signature.asc
Description: Message signed with OpenPGP using GPGMail
