summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
Diffstat (limited to 'synapse')
-rwxr-xr-xsynapse/app/homeserver.py2
-rw-r--r--synapse/http/server.py44
2 files changed, 33 insertions, 13 deletions
diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index e5bd13a6eb..f7c1da9201 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -56,7 +56,7 @@ class SynapseHomeServer(HomeServer):
         return File("webclient")  # TODO configurable?
 
     def build_resource_for_content_repo(self):
-        return FileUploadResource("uploads")
+        return FileUploadResource("uploads", self.auth)
 
     def build_db_pool(self):
         """ Set up all the dbs. Since all the *.sql have IF NOT EXISTS, so we
diff --git a/synapse/http/server.py b/synapse/http/server.py
index f86151e51c..7d6e225e74 100644
--- a/synapse/http/server.py
+++ b/synapse/http/server.py
@@ -180,28 +180,48 @@ class RootRedirect(resource.Resource):
 class FileUploadResource(resource.Resource):
     isLeaf = True
 
-    def __init__(self, directory):
+    def __init__(self, directory, auth, file_map_func=None):
         resource.Resource.__init__(self)
         self.directory = directory
+        self.auth = auth
+        if not file_map_func:
+            file_map_func = self.map_request_to_name
+        self.get_name_for_request = file_map_func
+
+    @defer.inlineCallbacks
+    def map_request_to_name(self, request):
+        # auth the user
+        auth_user = yield self.auth.get_user_by_req(request)
+        logger.info("User %s is uploading a file.", auth_user)
+        defer.returnValue("boo2.png")
 
     def render(self, request):
         self._async_render(request)
         return server.NOT_DONE_YET
 
-    # @defer.inlineCallbacks
+    @defer.inlineCallbacks
     def _async_render(self, request):
-        request.setResponseCode(200)
-        request.setHeader(b"Content-Type", b"application/json")
+        try:
+            fname = yield self.get_name_for_request(request)
 
-        request.setHeader("Access-Control-Allow-Origin", "*")
-        request.setHeader("Access-Control-Allow-Methods",
-                          "GET, POST, PUT, DELETE, OPTIONS")
-        request.setHeader("Access-Control-Allow-Headers",
-                          "Origin, X-Requested-With, Content-Type, Accept")
+            with open(fname, "wb") as f:
+                f.write(request.content.read())
+
+            respond_with_json_bytes(request, 200,
+                                    json.dumps({"url": "not_implemented2"}),
+                                    send_cors=True)
 
-        request.write(json.dumps({"url": "not_implemented"}))
-        request.finish()
-        defer.succeed("not implemented")
+        except CodeMessageException as e:
+            logger.exception(e)
+            respond_with_json_bytes(request, e.code,
+                                    json.dumps(cs_exception(e)))
+        except Exception as e:
+            logger.error("Failed to store file: %s" % e)
+            respond_with_json_bytes(
+                request,
+                500,
+                json.dumps({"error": "Internal server error"}),
+                send_cors=True)
 
 
 def respond_with_json_bytes(request, code, json_bytes, send_cors=False):