escape user-provided strings used in regular expressions
[wolnelektury.git] / src / picture / forms.py
1 # -*- coding: utf-8 -*-
2 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
3 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
4 #
5 from django import forms
6 from django.utils.translation import ugettext_lazy as _
7 from picture.models import Picture
8
9
10 class PictureImportForm(forms.Form):
11     picture_xml_file = forms.FileField(required=False)
12     picture_xml = forms.CharField(required=False)
13     picture_image_file = forms.FileField(required=False)
14     picture_image_data = forms.CharField(required=False)
15
16     def clean(self):
17         from base64 import b64decode
18         from django.core.files.base import ContentFile
19
20         if not self.cleaned_data['picture_xml_file']:
21             if self.cleaned_data['picture_xml']:
22                 self.cleaned_data['picture_xml_file'] = \
23                         ContentFile(self.cleaned_data['picture_xml'].encode('utf-8'))
24             else:
25                 raise forms.ValidationError(_("Please supply an XML."))
26
27         if not self.cleaned_data['picture_image_file']:
28             if self.cleaned_data['picture_image_data']:
29                 self.cleaned_data['picture_image_file'] = \
30                         ContentFile(b64decode(
31                                 self.cleaned_data['picture_image_data']))
32             else:
33                 raise forms.ValidationError(_("Please supply an image."))
34
35         return super(PictureImportForm, self).clean()
36
37     def save(self, commit=True, **kwargs):
38         return Picture.from_xml_file(
39             self.cleaned_data['picture_xml_file'], image_file=self.cleaned_data['picture_image_file'],
40             overwrite=True, **kwargs)