Ticket #2070: 6652_isValidImage_using_tmpfilename.diff

django/http/multipartparser.py

@@ +1 @@
+"""
+MultiPart parsing for file uploads.
+If both a progress id is sent (either through ``X-Progress-ID``
+header or ``progress_id`` GET) and ``FILE_UPLOAD_DIR`` is set
+in the settings, then the file progress will be tracked using
+``request.file_progress``.
+
+To use this feature, consider creating a middleware with an appropriate
+``process_request``::
+
+    class FileProgressTrack(object):
+        def __get__(self, request, HttpRequest):
+            progress_id = request.META['UPLOAD_PROGRESS_ID']
+            status = # get progress from progress_id here
+
+            return status
+
+        def __set__(self, request, new_value):
+            progress_id = request.META['UPLOAD_PROGRESS_ID']
+
+            # set the progress using progress_id here.
+
+    # example middleware
+    class FileProgressExample(object):
+        def process_request(self, request):
+            request.__class__.file_progress = FileProgressTrack()
+
+
+
+"""
+
+__all__ = ['MultiPartParserError','MultiPartParser']
+
+
+from django.utils.datastructures import MultiValueDict
+from django.http.utils import str_to_unicode
+from django.conf import settings
+import os
+
+try:
+    from cStringIO import StringIO
+except ImportError:
+    from StringIO import StringIO
+
+
+class MultiPartParserError(Exception):
+    def __init__(self, message):
+        self.message = message
+    def __str__(self):
+        return repr(self.message)
+
+class MultiPartParser(object):
+    """
+    A rfc2388 multipart/form-data parser.
+    
+    parse() reads the input stream in chunk_size chunks and returns a
+    tuple of (POST MultiValueDict, FILES MultiValueDict). If
+    file_upload_dir is defined files will be streamed to temporary
+    files in the specified directory.
+
+    The FILES dictionary will have 'filename', 'content-type',
+    'content' and 'content-length' entries. For streamed files it will
+    also have 'tmpfilename' and 'tmpfile'. The 'content' entry will
+    only be read from disk when referenced for streamed files.
+
+    If the X-Progress-ID is sent (in one of many formats), then
+    object.file_progress will be given a dictionary of the progress.
+    """
+    def __init__(self, headers, input, request, file_upload_dir=None, streaming_min_post_size=None, chunk_size=1024*64):
+        try:
+            content_length = int(headers['Content-Length'])
+        except:
+            raise MultiPartParserError('Invalid Content-Length: %s' % headers.get('Content-Length'))
+
+        content_type = headers.get('Content-Type')
+
+        if not content_type or not content_type.startswith('multipart/'):
+            raise MultiPartParserError('Invalid Content-Type: %s' % content_type)
+            
+        ctype, opts = self.parse_header(content_type)
+        boundary = opts.get('boundary')
+        from cgi import valid_boundary
+        if not boundary or not valid_boundary(boundary):
+            raise MultiPartParserError('Invalid boundary in multipart form: %s' % boundary)
+
+        progress_id = request.META['UPLOAD_PROGRESS_ID']
+
+        self._track_progress = file_upload_dir and progress_id # whether or not to track progress
+        self._boundary = '--' + boundary
+        self._input = input
+        self._size = content_length
+        self._received = 0
+        self._file_upload_dir = file_upload_dir
+        self._chunk_size = chunk_size
+        self._state = 'PREAMBLE'
+        self._partial = ''
+        self._post = MultiValueDict()
+        self._files = MultiValueDict()
+        self._request = request
+        self._encoding = request.encoding or settings.DEFAULT_CHARSET
+
+        if streaming_min_post_size is not None and content_length < streaming_min_post_size:
+            self._file_upload_dir = None # disable file streaming for small request
+        elif self._track_progress:
+            request.file_progress = {'state': 'starting'}
+
+        try:
+            # Use mx fast string search if available.
+            from mx.TextTools import FS
+            self._fs = FS(self._boundary)
+        except ImportError:
+            self._fs = None
+
+    def parse(self):
+        try:
+            self._parse()
+        finally:
+            if self._track_progress:
+                self._request.file_progress = {'state': 'done'}
+        return self._post, self._files
+
+    def _parse(self):
+        size = self._size
+
+        try:
+            while size > 0:
+                n = self._read(self._input, min(self._chunk_size, size))
+                if not n:
+                    break
+                size -= n
+        except:
+            # consume any remaining data so we dont generate a "Connection Reset" error
+            size = self._size - self._received
+            while size > 0:
+                data = self._input.read(min(self._chunk_size, size))
+                size -= len(data)
+            raise
+
+    def _find_boundary(self, data, start, stop):
+        """
+        Find the next boundary and return the end of current part
+        and start of next part.
+        """
+        if self._fs:
+            boundary = self._fs.find(data, start, stop)
+        else:
+            boundary = data.find(self._boundary, start, stop)
+        if boundary >= 0:
+            end = boundary
+            next = boundary + len(self._boundary)
+
+            # backup over CRLF
+            if end > 0 and data[end-1] == '\n': end -= 1
+            if end > 0 and data[end-1] == '\r': end -= 1
+            # skip over --CRLF
+            if next < stop and data[next] == '-': next += 1
+            if next < stop and data[next] == '-': next += 1
+            if next < stop and data[next] == '\r': next += 1
+            if next < stop and data[next] == '\n': next += 1
+
+            return True, end, next
+        else:
+            return False, stop, stop
+
+    class TemporaryFile(object):
+        "A temporary file that tries to delete itself when garbage collected."
+        def __init__(self, dir):
+            import tempfile
+            (fd, name) = tempfile.mkstemp(suffix='.upload', dir=dir)
+            self.file = os.fdopen(fd, 'w+b')
+            self.name = name
+
+        def __getattr__(self, name):
+            a = getattr(self.__dict__['file'], name)
+            if type(a) != type(0):
+                setattr(self, name, a)
+            return a
+
+        def __del__(self):
+            try:
+                os.unlink(self.name)
+            except OSError:
+                pass
+
+    class LazyContent(dict):
+        """
+        A lazy FILES dictionary entry that reads the contents from
+        tmpfile only when referenced.
+        """
+        def __init__(self, data):
+            dict.__init__(self, data)
+
+        def __getitem__(self, key):
+            if key == 'content' and not self.has_key(key):
+                self['tmpfile'].seek(0)
+                self['content'] = self['tmpfile'].read()
+            return dict.__getitem__(self, key)
+
+    def _read(self, input, size):
+        data = input.read(size)
+
+        if not data:
+            return 0
+
+        read_size = len(data)
+        self._received += read_size
+
+        if self._partial:
+            data = self._partial + data
+
+        start = 0
+        stop = len(data)
+
+        while start < stop:
+            boundary, end, next = self._find_boundary(data, start, stop)
+
+            if not boundary and read_size:
+                # make sure we dont treat a partial boundary (and its separators) as data
+                stop -= len(self._boundary) + 16
+                end = next = stop
+                if end <= start:
+                    break # need more data
+
+            if self._state == 'PREAMBLE':
+                # Preamble, just ignore it
+                self._state = 'HEADER'
+
+            elif self._state == 'HEADER':
+                # Beginning of header, look for end of header and parse it if found.
+
+                header_end = data.find('\r\n\r\n', start, stop)
+                if header_end == -1:
+                    break # need more data
+
+                header = data[start:header_end]
+
+                self._fieldname = None
+                self._filename = None
+                self._content_type = None
+
+                for line in header.split('\r\n'):
+                    ctype, opts = self.parse_header(line)
+                    if ctype == 'content-disposition: form-data':
+                        self._fieldname = opts.get('name')
+                        self._filename = opts.get('filename')
+                    elif ctype.startswith('content-type: '):
+                        self._content_type = ctype[14:]
+
+                if self._filename is not None:
+                    # cleanup filename from IE full paths:
+                    self._filename = self._filename[self._filename.rfind("\\")+1:].strip()
+
+                    if self._filename: # ignore files without filenames
+                        if self._file_upload_dir:
+                            try:
+                                self._file = self.TemporaryFile(dir=self._file_upload_dir)
+                            except (OSError, IOError), e:
+                                raise MultiPartParserError("Failed to create temporary file. Error was %s" % e)
+                        else:
+                            self._file = StringIO()
+                    else:
+                        self._file = None
+                    self._filesize = 0
+                    self._state = 'FILE'
+                else:
+                    self._field = StringIO()
+                    self._state = 'FIELD'
+                next = header_end + 4
+
+            elif self._state == 'FIELD':
+                # In a field, collect data until a boundary is found.
+
+                self._field.write(data[start:end])
+                if boundary:
+                    if self._fieldname:
+                        self._post.appendlist(self._fieldname, str_to_unicode(self._field.getvalue(), self._encoding))
+                    self._field.close()
+                    self._state = 'HEADER'
+
+            elif self._state == 'FILE':
+                # In a file, collect data until a boundary is found.
+
+                if self._file:
+                    try:
+                        self._file.write(data[start:end])
+                    except IOError, e:
+                        raise MultiPartParserError("Failed to write to temporary file.")
+                    self._filesize += end-start
+
+                    if self._track_progress:
+                        self._request.file_progress = {'received': self._received,
+                                                       'size':     self._size,
+                                                       'state':    'uploading'}
+
+                if boundary:
+                    if self._file:
+                        if self._file_upload_dir:
+                            self._file.seek(0)
+                            file = self.LazyContent({
+                                'filename': str_to_unicode(self._filename, self._encoding),
+                                'content-type':  self._content_type,
+                                # 'content': is read on demand
+                                'content-length': self._filesize,
+                                'tmpfilename': self._file.name,
+                                'tmpfile': self._file
+                            })
+                        else:
+                            file = {
+                                'filename': str_to_unicode(self._filename, self._encoding),
+                                'content-type':  self._content_type,
+                                'content': self._file.getvalue(),
+                                'content-length': self._filesize
+                            }
+                            self._file.close()
+
+                        self._files.appendlist(self._fieldname, file)
+
+                    self._state = 'HEADER'
+
+            start = next
+
+        self._partial = data[start:]
+
+        return read_size
+
+    def parse_header(self, line):
+        from cgi import parse_header
+        return parse_header(line)

django/http/__init__.py

@@ -1 +1 @@
-import os
+import re
-from Cookie import SimpleCookie
-from pprint import pformat
-from urllib import urlencode
-from urlparse import urljoin
+from django.http.utils import str_to_unicode
+from django.http.multipartparser import MultiPartParser, MultiPartParserError
-from django.utils.datastructures import MultiValueDict, FileDict
-from django.utils.encoding import smart_str, iri_to_uri, force_unicode
-
+upload_id_re = re.compile(r'^[a-fA-F0-9]{32}$') # file progress id Regular expression
+
-RESERVED_CHARS="!*'();:@&=+$,/?%#[]"
-
-try:
@@ -78 +83 @@
-
-    def is_secure(self):
-        return os.environ.get("HTTPS") == "on"
-
+
-    def _set_encoding(self, val):
-        """
-        Sets the encoding used for GET/POST accesses. If the GET or POST
@@ -96 +101 @@
-
-    encoding = property(_get_encoding, _set_encoding)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
-
+    def _del_file_progress(self):
+        pass
+
+    file_progress = property(_get_file_progress,
+                             _set_file_progress,
+                             _del_file_progress)
+
+    def _get_file_progress_from_args(self, headers, get, querystring):
+        """
+        This parses the request for a file progress_id value.
+        Note that there are two distinct ways of getting the progress
+        ID -- header and GET. One is used primarily to attach via JavaScript
+        to the end of an HTML form action while the other is used for AJAX
+        communication.
+
+        All progress IDs must be valid 32-digit hexadecimal numbers.
+        """
+        if 'X-Upload-ID' in headers:
+            progress_id = headers['X-Upload-ID']
+        elif 'progress_id' in get:
+            progress_id = get['progress_id']
+        else:
+            return None
+
+        if not upload_id_re.match(progress_id):
+            return None
+
+        return progress_id
+
+def parse_file_upload(headers, input, request):
+    from django.conf import settings
+
+    # Only stream files to disk if FILE_STREAMING_DIR is set
+    file_upload_dir = settings.FILE_UPLOAD_DIR
+    streaming_min_post_size = settings.STREAMING_MIN_POST_SIZE
+
+    try:
+        parser = MultiPartParser(headers, input, request, file_upload_dir, streaming_min_post_size)
+        return parser.parse()
+    except MultiPartParserError, e:
+        return MultiValueDict({ '_file_upload_error': [e.message] }), {}
+
+
-class QueryDict(MultiValueDict):
-    """
-    A specialized MultiValueDict that takes a query string when initialized.
@@ -399 +420 @@
-# A backwards compatible alias for HttpRequest.get_host.
-def get_host(request):
-    return request.get_host()
-
-# It's neither necessary nor appropriate to use
-# django.utils.encoding.smart_unicode for parsing URLs and form inputs. Thus,
-# this slightly more restricted function.
-def str_to_unicode(s, encoding):
-    """
-    Convert basestring objects to unicode, using the given encoding. Illegaly
-    encoded input characters are replaced with Unicode "unknown" codepoint
-    (\ufffd).
-
-    Returns any non-basestring objects without change.
-    """
-    if isinstance(s, str):
-        return unicode(s, encoding, 'replace')
-    else:
-        return s
-

django/http/utils.py

@@ +1 @@
+# It's neither necessary nor appropriate to use
+# django.utils.encoding.smart_unicode for parsing URLs and form inputs. Thus,
+# this slightly more restricted function.
+def str_to_unicode(s, encoding):
+    """
+    Convert basestring objects to unicode, using the given encoding. Illegaly
+    encoded input characters are replaced with Unicode "unknown" codepoint
+    (\ufffd).
+
+    Returns any non-basestring objects without change.
+    """
+    if isinstance(s, str):
+        return unicode(s, encoding, 'replace')
+    else:
+        return s
+

django/oldforms/__init__.py

@@ -680 +680 @@
-        self.validator_list = [self.isNonEmptyFile] + validator_list
-
-    def isNonEmptyFile(self, field_data, all_data):
-try
-content = field_data['content
-except TypeError
+if field_data.has_key('_file_upload_error')
+raise validators.CriticalValidationError, field_data['_file_upload_error
+if not field_data.has_key('filename')
-            raise validators.CriticalValidationError, ugettext("No file was submitted. Check the encoding type on the form.")
-content
+field_data['content-length']
-            raise validators.CriticalValidationError, ugettext("The submitted file is empty.")
-
-    def render(self, data):
-        return u'<input type="file" id="%s" class="v%s" name="%s" />' % \
-            (self.get_id(), self.__class__.__name__, self.field_name)
-
+    def prepare(self, new_data):
+        if new_data.has_key('_file_upload_error'):
+            # pretend we got something in the field to raise a validation error later
+            new_data[self.field_name] = { '_file_upload_error': new_data['_file_upload_error'] }
+
-    def html2python(data):
-        if data is None:
-            raise EmptyValue

django/db/models/base.py

@@ -12 +12 @@
-from django.dispatch import dispatcher
-from django.utils.datastructures import SortedDict
-from django.utils.functional import curry
+from django.utils.file import file_move_safe
-from django.utils.encoding import smart_str, force_unicode, smart_unicode
-from django.conf import settings
-from itertools import izip
@@ -379 +380 @@
-    def _get_FIELD_size(self, field):
-        return os.path.getsize(self._get_FIELD_filename(field))
-
-contents
+field
-        directory = field.get_directory_name()
-        try: # Create the date-based directory if it doesn't exist.
-            os.makedirs(os.path.join(settings.MEDIA_ROOT, directory))
-        except OSError: # Directory probably already exists.
-            pass
+
+        if filename is None:
+            filename = raw_field['filename']
+
-        filename = field.get_filename(filename)
-
-        # If the filename already exists, keep adding an underscore to the name of
@@ -401 +406 @@
-        setattr(self, field.attname, filename)
-
-        full_filename = self._get_FIELD_filename(field)
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-        # Save the width and/or height, if applicable.
-        if isinstance(field, ImageField) and (field.width_field or field.height_field):

django/db/models/fields/__init__.py

@@ -761 +761 @@
-        setattr(cls, 'get_%s_filename' % self.name, curry(cls._get_FIELD_filename, field=self))
-        setattr(cls, 'get_%s_url' % self.name, curry(cls._get_FIELD_url, field=self))
-        setattr(cls, 'get_%s_size' % self.name, curry(cls._get_FIELD_size, field=self))
-
+
+
-        dispatcher.connect(self.delete_file, signal=signals.post_delete, sender=cls)
-
-    def delete_file(self, instance):
@@ -784 +785 @@
-        if new_data.get(upload_field_name, False):
-            func = getattr(new_object, 'save_%s_file' % self.name)
-            if rel:
-["content"]
+
-            else:
-["content"]
+
-
-    def get_directory_name(self):
-        return os.path.normpath(force_unicode(datetime.datetime.now().strftime(smart_str(self.upload_to))))
@@ -798 +799 @@
-
-    def save_form_data(self, instance, data):
-        if data:
-content
+data
-
-    def formfield(self, **kwargs):
-        defaults = {'form_class': forms.FileField}

django/conf/global_settings.py

@@ -251 +251 @@
-from django import get_version
-URL_VALIDATOR_USER_AGENT = "Django/%s (http://www.djangoproject.com)" % get_version()
-
+# The directory to place streamed file uploads. The web server needs write
+# permissions on this directory.
+# If this is None, streaming uploads are disabled.
+FILE_UPLOAD_DIR = None
+
+# The minimum size of a POST before file uploads are streamed to disk.
+# Any less than this number, and the file is uploaded to memory.
+# Size is in bytes.
+STREAMING_MIN_POST_SIZE = 512 * (2**10)
+
-##############
-# MIDDLEWARE #
-##############

django/core/validators.py

@@ -177 +177 @@
-    from PIL import Image
-    from cStringIO import StringIO
-    try:
-content = field_data['content
+filename = field_data['filename
-    except TypeError:
-        raise ValidationError, _("No file was submitted. Check the encoding type on the form.")
-    try:
-        # load() is the only method that can spot a truncated JPEG,
-        #  but it cannot be called sanely after verify()
-StringIO(content
+field_data.get('tmpfilename') or StringIO(field_data.get('content','')
-        trial_image.load()
-        # verify() is the only method that can spot a corrupt PNG,
-        #  but it must be called immediately after the constructor
-StringIO(content
+field_data.get('tmpfilename') or StringIO(field_data.get('content','')
-        trial_image.verify()
-    except Exception: # Python Imaging Library doesn't recognize it as an image
-        raise ValidationError, _("Upload a valid image. The file you uploaded was either not an image or a corrupted image.")

django/core/handlers/wsgi.py

@@ -77 +77 @@
-        self.environ = environ
-        self.path = force_unicode(environ['PATH_INFO'])
-        self.META = environ
+        self.META['UPLOAD_PROGRESS_ID'] = self._get_file_progress_id()
-        self.method = environ['REQUEST_METHOD'].upper()
-
-    def __repr__(self):
@@ -114 +115 @@
-            if self.environ.get('CONTENT_TYPE', '').startswith('multipart'):
-                header_dict = dict([(k, v) for k, v in self.environ.items() if k.startswith('HTTP_')])
-                header_dict['Content-Type'] = self.environ.get('CONTENT_TYPE', '')
-
+
+
+
+
+
+
+
+
-            else:
-                self._post, self._files = http.QueryDict(self.raw_post_data, encoding=self._encoding), datastructures.MultiValueDict()
-        else:
@@ -172 +180 @@
-            buf.close()
-            return self._raw_post_data
-
+    def _get_file_progress_id(self):
+        """
+        Returns the Progress ID of the request,
+        usually provided if there is a file upload
+        going on.
+        Returns ``None`` if no progress ID is specified.
+        """
+        return self._get_file_progress_from_args(self.environ,
+                                                 self.GET,
+                                                 self.environ.get('QUERY_STRING', ''))
+
-    GET = property(_get_get, _set_get)
-    POST = property(_get_post, _set_post)
-    COOKIES = property(_get_cookies, _set_cookies)

django/core/handlers/modpython.py

@@ -51 +51 @@
-    def _load_post_and_files(self):
-        "Populates self._post and self._files"
-        if 'content-type' in self._req.headers_in and self._req.headers_in['content-type'].startswith('multipart'):
-
+
+
+
+
+
+
-        else:
-            self._post, self._files = http.QueryDict(self.raw_post_data, encoding=self._encoding), datastructures.MultiValueDict()
-
@@ -96 +101 @@
-                'AUTH_TYPE':         self._req.ap_auth_type,
-                'CONTENT_LENGTH':    self._req.clength, # This may be wrong
-                'CONTENT_TYPE':      self._req.content_type, # This may be wrong
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-            }
-            for key, value in self._req.headers_in.items():
-                key = 'HTTP_' + key.upper().replace('-', '_')
@@ -126 +132 @@
-    def _get_method(self):
-        return self.META['REQUEST_METHOD'].upper()
-
+    def _get_file_progress_id(self):
+        """
+        Returns the Progress ID of the request,
+        usually provided if there is a file upload
+        going on.
+        Returns ``None`` if no progress ID is specified.
+        """
+        return self._get_file_progress_from_args(self._req.headers_in,
+                                                 self.GET,
+                                                 self._req.args)
+
-    GET = property(_get_get, _set_get)
-    POST = property(_get_post, _set_post)
-    COOKIES = property(_get_cookies, _set_cookies)

django/newforms/fields.py

@@ -421 +421 @@
-
-class UploadedFile(StrAndUnicode):
-    "A wrapper for files uploaded in a FileField"
-content
+data
-        self.filename = filename
-content = content
+data = data 
-
-    def __unicode__(self):
-        """
@@ -475 +475 @@
-        try:
-            # load() is the only method that can spot a truncated JPEG,
-            #  but it cannot be called sanely after verify()
-StringIO(f.content
+f.data.get('tmpfilename') or StringIO(f.data['content']
-            trial_image.load()
-            # verify() is the only method that can spot a corrupt PNG,
-            #  but it must be called immediately after the constructor
-StringIO(f.content
+f.data.get('tmpfilename') or StringIO(f.data['content']
-            trial_image.verify()
-        except Exception: # Python Imaging Library doesn't recognize it as an image
-            raise ValidationError(self.error_messages['invalid_image'])

django/utils/file_locks.py

@@ +1 @@
+"""
+Locking portability by Jonathan Feignberg <jdf@pobox.com> in python cookbook
+
+Example Usage::
+
+    from django.utils import file_locks
+
+    f = open('./file', 'wb')
+
+    file_locks.lock(f, file_locks.LOCK_EX)
+    f.write('Django')
+    f.close()
+"""
+
+
+import os
+
+__all__ = ['LOCK_EX','LOCK_SH','LOCK_NB','lock','unlock']
+
+if os.name == 'nt':
+        import win32con
+        import win32file
+        import pywintypes
+        LOCK_EX = win32con.LOCKFILE_EXCLUSIVE_LOCK
+        LOCK_SH = 0
+        LOCK_NB = win32con.LOCKFILE_FAIL_IMMEDIATELY
+        __overlapped = pywintypes.OVERLAPPED()
+elif os.name == 'posix':
+        import fcntl
+        LOCK_EX = fcntl.LOCK_EX
+        LOCK_SH = fcntl.LOCK_SH
+        LOCK_NB = fcntl.LOCK_NB
+else:
+        raise RuntimeError("Locking only defined for nt and posix platforms")
+
+if os.name == 'nt':
+        def lock(file, flags):
+                hfile = win32file._get_osfhandle(file.fileno())
+                win32file.LockFileEx(hfile, flags, 0, -0x10000, __overlapped)
+
+        def unlock(file):
+                hfile = win32file._get_osfhandle(file.fileno())
+                win32file.UnlockFileEx(hfile, 0, -0x10000, __overlapped)
+
+elif os.name =='posix':
+        def lock(file, flags):
+                fcntl.flock(file.fileno(), flags)
+
+        def unlock(file):
+                fcntl.flock(file.fileno(), fcntl.LOCK_UN)

django/utils/file.py

@@ +1 @@
+import os
+
+__all__ = ['file_move_safe']
+
+try:
+    import shutil
+    file_move = shutil.move
+except ImportError:
+    file_move = os.rename
+
+def file_move_safe(old_file_name, new_file_name, chunk_size = 1024*64, allow_overwrite=False):
+    """
+    Moves a file from one location to another in the safest way possible.
+    
+    First, it tries using shutils.move, which is OS-dependent but doesn't
+    break with change of filesystems. Then it tries os.rename, which will
+    break if it encounters a change in filesystems. Lastly, it streams
+    it manually from one file to another in python.
+
+    Without ``allow_overwrite``, if the destination file exists, the
+    file will raise an IOError.
+    """
+
+    from django.utils import file_locks
+
+    if old_file_name == new_file_name:
+        # No file moving takes place.
+        return
+
+    if not allow_overwrite and os.path.exists(new_file_name):
+        raise IOError, "Django does not allow overwriting files."
+
+    try:
+        file_move(old_file_name, new_file_name)
+        return
+    except OSError: # moving to another filesystem
+        pass
+
+    new_file = open(new_file_name, 'wb')
+    # exclusive lock
+    file_locks.lock(new_file, file_locks.LOCK_EX)
+    old_file = open(old_file_name, 'rb')
+    current_chunk = None
+
+    while current_chunk != '':
+        current_chunk = old_file.read(chunk_size)
+        new_file.write(current_chunk)
+
+    new_file.close()
+    old_file.close()
+
+    os.remove(old_file_name)
+

tests/modeltests/test_client/views.py

@@ -47 +47 @@
-
-    return HttpResponse(t.render(c))
-
+def post_file_view(request):
+    "A view that expects a multipart post and returns a file in the context"
+    t = Template('File {{ file.filename }} received', name='POST Template')
+    c = Context({'file': request.FILES['file_file']})
+    return HttpResponse(t.render(c))
+
-def redirect_view(request):
-    "A view that redirects all requests to the GET view"
-    if request.GET:

tests/modeltests/test_client/models.py

@@ -4 +4 @@
-
-The test client is a class that can act like a simple
-browser for testing purposes.
-
+
-It allows the user to compose GET and POST requests, and
-obtain the response that the server gave to those requests.
-The server Response objects are annotated with the details
@@ -80 +80 @@
-        self.assertEqual(response.template.name, "Book template")
-        self.assertEqual(response.content, "Blink - Malcolm Gladwell")
-
+    def test_post_file_view(self):
+        "POST this python file to a view"
+        import os, tempfile
+