feat: add fily type and max user media uplod limits

files/methods.py

@@ -401,6 +401,32 @@ def clean_comment(raw_comment):
     return cleaned_comment
 
 
+def user_allowed_to_upload(request):
+    """Any custom logic for whether a user is allowed
+    to upload content lives here
+    """
+
+    if request.user.is_anonymous:
+        return False
+    if is_mediacms_editor(request.user):
+        return True
+
+    # Check if user has reached the maximum number of uploads
+    if hasattr(settings, 'NUMBER_OF_MEDIA_USER_CAN_UPLOAD'):
+        if models.Media.objects.filter(user=request.user).count() >= settings.NUMBER_OF_MEDIA_USER_CAN_UPLOAD:
+            return False
+
+    if settings.CAN_ADD_MEDIA == "all":
+        return True
+    elif settings.CAN_ADD_MEDIA == "email_verified":
+        if request.user.email_is_verified:
+            return True
+    elif settings.CAN_ADD_MEDIA == "advancedUser":
+        if request.user.advancedUser:
+            return True
+    return False
+
+
 def kill_ffmpeg_process(filepath):
     """Kill ffmpeg process that is processing a specific file
 
@@ -606,3 +632,7 @@ def copy_media(media_id):
         None
     """
     pass
+
+
+def is_media_allowed_type(media):
+    return media.media_type in settings.ALLOWED_MEDIA_UPLOAD_TYPES

files/models/media.py

@@ -336,6 +336,15 @@ class Media(models.Model):
         video duration, encode
         """
         self.set_media_type()
+        from ..methods import is_media_allowed_type
+
+        if not is_media_allowed_type(self):
+            helpers.rm_file(self.media_file.path)
+            if self.state == "public":
+                self.state = "unlisted"
+                self.save(update_fields=["state"])
+            return False
+
         if self.media_type == "video":
             self.set_thumbnail(force=True)
             if settings.DO_NOT_TRANSCODE_VIDEO:

files/views/media.py

@@ -159,6 +159,7 @@ class MediaList(APIView):
     )
     def post(self, request, format=None):
         # Add new media
+
         serializer = MediaSerializer(data=request.data, context={"request": request})
         if serializer.is_valid():
             media_file = request.data["media_file"]

files/views/pages.py

@@ -8,8 +8,8 @@ from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
 from django.shortcuts import render
 from django.views.decorators.csrf import csrf_exempt
 
-from cms.permissions import user_allowed_to_upload
 from cms.version import VERSION
+from files.methods import user_allowed_to_upload
 from users.models import User
 
 from .. import helpers
@@ -26,6 +26,7 @@ from ..methods import (
     create_video_trim_request,
     get_user_or_session,
     handle_video_chapters,
+    is_media_allowed_type,
     is_mediacms_editor,
 )
 from ..models import Category, Media, Playlist, Subtitle, Tag, VideoTrimRequest
@@ -238,6 +239,10 @@ def edit_media(request):
 
     if not (request.user.has_contributor_access_to_media(media) or is_mediacms_editor(request.user)):
         return HttpResponseRedirect("/")
+
+    if not is_media_allowed_type(media):
+        return HttpResponseRedirect(media.get_absolute_url())
+
     if request.method == "POST":
         form = MediaMetadataForm(request.user, request.POST, request.FILES, instance=media)
         if form.is_valid():
@@ -577,6 +582,7 @@ def view_media(request):
         if video_msg and media.user == request.user:
             messages.add_message(request, messages.INFO, video_msg)
 
+    context["is_media_allowed_type"] = is_media_allowed_type(media)
     return render(request, "cms/media.html", context)