所以这是我的urls.py
url(r'^file/(?P<filename>.*)$', 'notendur.views.file', name="file"),
这是我的views.py
@login_required
def file(request, filename):
file = get_object_or_404(Document, user=request.user, filename=filename)
return sendfile(request, file.docfile.path)
这是我的models.py
fs = FileSystemStorage(location=settings.UPLOAD_ROOT)
class Document(models.Model):
filename = models.CharField(max_length=255, blank=False, null=False, default="")
upload_path = models.CharField(max_length=255, blank=False, null=False, default="")
user = models.ForeignKey(User, null=False)
docfile = models.FileField(upload_to=_upload_path, storage=fs)
options = models.IntegerField(default=0)
def get_upload_path(self,filename):
return "uploads/"+str(self.user.id) + '/' + str(date.today()) + '/' + filename
所以我的问题是,即使文件的路径是正确的,我总是得到404错误。我怀疑它是因为我的get_object_or_404功能出了问题。
EDT __:
文件实际上在file/uploads/<primary_key>/<upload_date>/!很抱歉让它离开。什么样的正则表达式捕获了那种链接?
答案 0 :(得分:0)
您可以尝试使用查询集:
queryset = Document.objects.filter(user=request.user, filename=filename)
get_object_or_404(queryset)
您还可以尝试打印一些值以尝试识别问题:
print request.user
print filename
此外,您接受URL中的空字符串作为文件名(使用*)。为什么不使用&#34; +&#34;? :
url(r'^file/(?P<filename>.+)$', 'notendur.views.file', name="file"),
有关您需要的信息,请参阅参考列表:
# Regular references:
# . any char
# ^ start of string
# $ end of string
# * 0 or more of preceding
# + 1 or more of preceding
# ? 0 or 1 of preceding
# (?!..) matches when it doesnt match ..
# *? 0 or more, minimal match
# +? 1 or more, minimal match
# {m} exactly m of preceding
# {m,n} between m to n of preceding
# [..] eg. [abc],[a-z],[0-9a-z]
# [^..] matches if doesn't match [..]
# (..) groups what's inside
# (?=..) matches .. but doesn't consume it
# \d [0-9] (decimal digit)
# \D [^0-9] (non-digit)
# \w [a-zA-Z0-9_] (alphanumeric)
# \W [^a-zA-Z0-9_] (non-alphanumeric)
# \s [ \t\n\r\f\v] (whitespace)
# \S [^ \t\n\r\f\v] (non-whitespace)
答案 1 :(得分:0)
如果filename正确,则user似乎不匹配。该视图仅允许访问拥有该文件的用户;它是否正确?如果是这样,你应该真的回到403:
@login_required
def file(request, filename):
file = get_object_or_404(Document, filename=filename)
if file.user != request.user:
return HttpResponseForbidden()
return sendfile(request, file.docfile.path)
假设用户的ID为5,他们会尝试访问2014年6月30日上传的file/test_file。然后filename == 'test_file'和匹配的记录应包含以下字段:
filename: "test_file"
upload_path: "uploads/5/2014-06-30/test_file"
user: <User with id: 5>
docfile.path: "uploads/5/2014-06-30/test_file"
这是否与您在磁盘和/或数据库中看到的相匹配?