I have a Django web application that accesses and manipulates several server filesystems (e.g. /fs01, /fs02, etc.) on behalf of the user. I'd like to present thumbnails of images on those filesystems to the user, and thought sorl-thumbnail would be the way to do it.
It seems though that the images must be under MEDIA_ROOT for sorl-thumbnail to create thumbnails. My MEDIA_ROOT
is /Users/me/Dev/MyProject/myproj/media
, so this works:
path = "/Users/me/Dev/MyProject/myproj/media/pipe-img/magritte-pipe-large.jpg"
try:
im = get_thumbnail(path, '100x100', crop='center', quality=99)
except Exception, e:
exc_type, exc_obj, exc_tb = sys.exc_info()
print "Failed getting thumbnail: (%s) %s" % (exc_type, e)
print "im.url = %s" % im.url
It creates the thumbnail and prints the im.url, as I'd expect. But when I change path
to:
path = "/fs02/dir/ep340102/foo/2048x1024/magritte-pipe-large.jpg"
It fails with:
Failed getting thumbnail: (<class 'django.core.exceptions.SuspiciousOperation'>)
Attempted access to '/fs02/dir/ep340102/foo/2048x1024/magritte-pipe-large.jpg' denied.
Is there a way to solve this? Can I use sorl-thumbnail to create thumbnails as I'd like to under these other filesystems (e.g. /fs01, /fs02, /fs03, etc.)? Is there a better approach?
Update. Here's the full stack trace:
Environment:
Request Method: GET
Request URL: http://localhost:8000/pipe/file_selection/
Django Version: 1.4.1
Python Version: 2.7.2
Installed Applications:
('django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.admin',
'django.contrib.admindocs',
'django.contrib.humanize',
'django.contrib.messages',
'pipeproj.pipe',
'south',
'guardian',
'sorl.thumbnail')
Installed Middleware:
('django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware')
Traceback:
File "/Library/Python/2.7/site-packages/django/core/handlers/base.py" in get_response
111. response = callback(request, *callback_args, **callback_kwargs)
File "/Library/Python/2.7/site-packages/django/contrib/auth/decorators.py" in _wrapped_view
20. return view_func(request, *args, **kwargs)
File "/Users/dylan/Dev/Pipe/pipeproj/../pipeproj/pipe/views/data.py" in file_selection
184. im = get_thumbnail(path, '100x100', crop='center', quality=99)
File "/Library/Python/2.7/site-packages/sorl_thumbnail-11.12-py2.7.egg/sorl/thumbnail/shortcuts.py" in get_thumbnail
8. return default.backend.get_thumbnail(file_, geometry_string, **options)
File "/Library/Python/2.7/site-packages/sorl_thumbnail-11.12-py2.7.egg/sorl/thumbnail/base.py" in get_thumbnail
56. source_image = default.engine.get_image(source)
File "/Library/Python/2.7/site-packages/sorl_thumbnail-11.12-py2.7.egg/sorl/thumbnail/engines/pil_engine.py" in get_image
12. buf = StringIO(source.read())
File "/Library/Python/2.7/site-packages/sorl_thumbnail-11.12-py2.7.egg/sorl/thumbnail/images.py" in read
121. return self.storage.open(self.name).read()
File "/Library/Python/2.7/site-packages/django/core/files/storage.py" in open
33. return self._open(name, mode)
File "/Library/Python/2.7/site-packages/django/core/files/storage.py" in _open
156. return File(open(self.path(name), mode))
File "/Library/Python/2.7/site-packages/django/core/files/storage.py" in path
246. raise SuspiciousOperation("Attempted access to '%s' denied." % name)
Exception Type: SuspiciousOperation at /pipe/file_selection/
Exception Value: Attempted access to '/fs02/dir/ep340102/foo/2048x1024/bettina.jpg' denied.