refactor(usermanager): image from form extraction

2022-11-16 23:40:07 +01:00 · 2022-11-16 23:40:07 +01:00 · 997327338e
commit 997327338e
parent 76deba94f8
1 changed files with 50 additions and 21 deletions
--- a/lumi2/usermanager.py
+++ b/lumi2/usermanager.py
@ -22,9 +22,31 @@ def index():
    return render_template('usermanager/index.html')


-@bp.route("/user/<string:username>", methods=("GET", "POST"))
-def user_detail(username: str):
-    """Detail view for a specific User."""
+class InvalidImageException(Exception):
+    """Raised when an image's filename or contents are invalid."""
+    pass
+
+
+def _get_image_from_uploaded_file(file) -> Image.Image:
+    """Extracts a JPEG image from a file submitted via POST request.
+
+    The file's file extension and content is checked for validity as a JPEG image.
+
+    Parameters
+    ----------
+    file
+        A file object taken from a POST request.
+
+    Returns
+    -------
+    PIL.Image.Image
+        A valid JPEG Image object.
+
+    Raises
+    ------
+    InvalidImageException
+        When the file's file extension or contents are not valid for a JPEG image.
+    """

    def _file_extension_is_valid(filename: str):
        allowed_extensions = ["jpg", "jpeg"]
@ -34,6 +56,24 @@ def user_detail(username: str):
            return False
        return True

+    if not _file_extension_is_valid(file.filename):
+        raise InvalidImageException("Invalid file extension.")
+
+    with TemporaryDirectory() as tempdir:
+        path_to_file = Path(tempdir) / "upload.jpg"
+        file.save(path_to_file)
+        try:
+            return Image.open(path_to_file, formats=['JPEG'])
+        except UnidentifiedImageError:
+            raise InvalidImageException(
+                "Image is either not a JPEG, or its contents are corrupted."
+            )
+
+
+@bp.route("/user/<string:username>", methods=("GET", "POST"))
+def user_detail(username: str):
+    """Detail view for a specific User."""
+
    try:
        conn = ldap.get_connection()
    except Exception:
@ -77,32 +117,21 @@ def user_detail(username: str):
        if request.form['password']:
            user.password_hash = User.generate_password_hash(request.form['password'])

-        picture_updated = False
+        new_picture = None
        if 'picture' in request.files:
            file = request.files['picture']
            if len(file.filename):
-                if _file_extension_is_valid(file.filename):
-                    with TemporaryDirectory() as tempdir:
-                        path_to_file = Path(tempdir) / "upload.jpg"
-                        file.save(path_to_file)
-                        try:
-                            picture = Image.open(path_to_file, formats=['JPEG'])
-                            user.picture = picture
-                            picture_updated = True
-                        except UnidentifiedImageError:
-                            flash(
-                                "There was a problem with the provided picture " \
-                                "(it may be corrupted)."
-                            )
-                            form_is_valid = False
-                else:
-                    flash("Invalid file extension for picture.")
+                try:
+                    new_picture = _get_image_from_uploaded_file(file)
+                    user.picture = new_picture
+                except InvalidImageException as e:
+                    flash(f"Invalid picture: {e}")
                    form_is_valid = False

        if form_is_valid:
            ldap.update_user(conn, user)
            flash("User information was updated!")           
-            if picture_updated:
+            if new_picture is not None:
                ldap.get_user(conn, user.username)._generate_static_images(force=True)

    conn.unbind()