From c035e88aa2a4b6c640ab899d6e82f4f9468be542 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20Espino?= Date: Thu, 31 Jul 2014 17:09:05 +0200 Subject: [PATCH] Better image format check --- taiga/users/api.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/taiga/users/api.py b/taiga/users/api.py index 4bf7dd91..5bb5d80d 100644 --- a/taiga/users/api.py +++ b/taiga/users/api.py @@ -24,6 +24,7 @@ from django.contrib.auth.hashers import make_password from django.utils.translation import ugettext_lazy as _ from easy_thumbnails.exceptions import InvalidImageFormatError +from easy_thumbnails.source_generators import pil_image from rest_framework.response import Response @@ -176,12 +177,13 @@ class UsersViewSet(ModelCrudViewSet): if not avatar: raise exc.WrongArguments(_("Incomplete arguments")) + try: + pil_image(avatar) + except Exception: + raise exc.WrongArguments(_("Invalid image format")) + request.user.photo = avatar request.user.save(update_fields=["photo"]) - try: - user_data = serializers.UserSerializer(request.user).data - except InvalidImageFormatError: - raise exc.WrongArguments(_("Invalid image format")) user_data = serializers.UserSerializer(request.user).data return Response(user_data, status=status.HTTP_200_OK)