-
Notifications
You must be signed in to change notification settings - Fork 6
Workflows, Routes, and Views
TODO
For now, admin views will assume the Django built-in admin interface.
Views not yet final (i.e. "authentication.views.index" or some other scheme depending on how we want to organize the app). will figure it out by end of day, May 2. (Mike)
| url | view | url state | description |
|---|---|---|---|
^/$ |
"index" | Landing page | |
^/upload/$ |
"upload" | GET | Show "check a file by uploading it" form |
^/upload/$ |
"upload" | POST | Check file being uploaded |
^/search/$ |
"search" | Search known files (GET parameters) | |
^/file/<id>/$ |
"file_detail" | Info on given file (redirected here via /upload/ or linked to via /search/ result) |
|
^/file/<id>/download/$ |
"file_download" | downloads the contents of the given file document.doc_file
|
|
^/file/<id>/download/signature/$ |
"file_signature" | gpg signature for given file (downloads the contents of document.gpgsig
|
|
^/admin/$ |
Not Logged In | Login page | |
^/admin/.* |
Not Logged In | Redirect to /admin/
|
|
^/admin/$ |
Logged In | List of documents in the system, other basic account management | |
^/admin/add/$ |
Logged In | Add a document | |
^/admin/<id>/$ |
Logged In | Edit/replace/delete a document |
Just a simple view that calls render for the template for this index page.
Page will have information on what this site is about; at this point, assume that we will have HTML forms for both search and upload.
Just renders template for this page. Has information on how to upload, what the file-checking system actually does to your uploaded file.
Given an uploaded file (uploaded_file):
- call
os.path.basenameon the resultant file to get the filename without directories. - Generate the SHA256 and SHA512 hashes of the file.
- Check database if we have existing
Documentobjects that match filename OR sha256 OR sha512. - Given a matching file (
known_file) or files in database, runknown_file.validate(uploaded_file)(function name not yet final), which will run a GnuPG signature check between thegpgsigofknownfile, but checking signature validation againstuploaded_file. - Return some sort of "verified"/"not verified but matches name or hash"/"unknown file" status
If there are no GET parameters, show the search box and some information about searching. (We're going to be searching filenames and hashes. Maybe other fields.)
If there are GET parameters, we'll return a list of matching results. (probably use Document.objects.icontains in lieu of a "real" fulltext search engine).