from django.contrib import messages
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import login_required
+from django.core.exceptions import SuspiciousOperation
from django.core.urlresolvers import reverse
from django.db.models import Q
from django.http import HttpResponse, QueryDict
from django_openid_auth.views import make_consumer
from openid.extensions import ax
-from filex.forms import HostPathNameForm, RenameForm, ArchiveForm
+from filex.forms import HostPathNameForm, RenameForm, ArchiveForm, HostPathForm
from qcg.forms import FiltersForm, ColumnsForm, JobDescriptionForm, EnvFormSet
from qcg.utils import paginator_context
from qcg.service import update_user_data, submit_job
{'new_dir_form': HostPathNameForm(), 'rename_form': RenameForm(), 'archive_form': ArchiveForm()})
+@login_required
def gridftp_upload(request):
- # TODO GET data validation
+ form = HostPathForm(request.GET)
+
+ if not form.is_valid():
+ raise SuspiciousOperation('Invalid parameters for `gridftp_upload`!')
+
return render(request, 'qcg/gridftp_upload.html',
- {'url': reverse('filex:upload') + '?' + request.GET.urlencode(safe='/'),
- 'host': request.GET.get('host'), 'path': request.GET.get('path')})
+ {'url': reverse('filex:upload') + '?' + urlencode(form.cleaned_data),
+ 'host': form.cleaned_data['host'], 'path': form.cleaned_data['path'],
+ 'sep': '/' if form.cleaned_data['path'].startswith('~') else ''})