White/blacklisting mimetypes in attachments and check file size

[molgrum]

I have working (non-elegant) code working for doing a white/blacklist of mimetypes. Also checks max_file_size parameter!

[molgrum]

The non-elegant part is the javascript code that does an alert() instead of adding HTML.

[molgrum]

Just FYI, you should apply both patches in the order they were submitted. Sorry for the inconvenience but I'm fresh at GIT!

[molgrum]

To add multi-line parameters into mediagoblin.ini (which you probably want to do when listing many mimetypes), read this: ​http://www.voidspace.org.uk/python/configobj.html#config-files

[Christopher Allan Webber]

The general idea here looks good; I agree that we should provide a good way to blacklist/whitelist based on mimetype. Nonetheless, this needs some work:

• A lot of divergences from ​PEP-8, please read up!
• UNSAFE_MIMETYPES / SAFE_MIMETYPES defined, then immediately has its value replaced unconditionally. So why not just define it once each?
• not sure what bMimeAllowed means or does?
• The body of the conditionals for whitelist/blacklist appears identical, so maybe you could group the conditional check to something like:

   if (whitelist_check_here() OR blacklist_check_here()):
       body

• tests are needed, I think

I think I need to wrap my head around the JS changes a bit more, but that's on me, not you.

Doing a check in JS before we hit the server is a great idea to reduce waiting on a big upload that doesn't go through!

[Loic Dachary]

bin/py.test --boxed --cov-report=term-missing --cov=mediagoblin mediagoblin/tests

shows that the test are not broken (which is good ;-) but also shows that the tests do not cover the modified files:

mediagoblin/edit/views.py 217 87 60% 59, 79, 96, 107-111, 116-214, 232-233, 243, 256, 258-260, 291-300, 313-333, 360-365, 375-419, 432, 461, 478, 493, 538-539