| 89 | @routes.route('/api/user/upload/profile_image', methods = ['POST']) |
| 90 | @General_permissions.grant_permission_for(['normal_user', 'super_admin']) |
| 91 | def user_upload_profile_image(): |
| 92 | file = request.files.get('file') |
| 93 | if not file: |
| 94 | return "No file", 400 |
| 95 | |
| 96 | extension = os.path.splitext(file.filename)[1].lower() |
| 97 | if extension in images_allowed_file_names: |
| 98 | file.filename = secure_filename( |
| 99 | file.filename) # http://flask.pocoo.org/docs/0.12/patterns/fileuploads/ |
| 100 | temp_dir = tempfile.mkdtemp() |
| 101 | file_name = f"{temp_dir}/{file.filename}" |
| 102 | file.save(file_name) |
| 103 | |
| 104 | with sessionMaker.session_scope() as session: |
| 105 | with open(file_name, "rb") as file: |
| 106 | content_type = f"image/{str(extension)}" |
| 107 | short_file_name = os.path.split(file_name)[1] |
| 108 | |
| 109 | user = session.query(User).filter(User.id == getUserID(session = session)).one() |
| 110 | |
| 111 | image = process_profile_image( |
| 112 | session = session, user = user, |
| 113 | file = file, file_name = short_file_name, |
| 114 | content_type = content_type, extension = extension) |
| 115 | |
| 116 | Event.new( |
| 117 | kind = "profile_image_update", |
| 118 | session = session, |
| 119 | member = user.member, |
| 120 | success = True |
| 121 | ) |
| 122 | |
| 123 | return jsonify(success = True, |
| 124 | user = user.serialize()), 200, {'ContentType': 'application/json'} |
| 125 | |
| 126 | return jsonify(success = False), 400, {'ContentType': 'application/json'} |