dave 2019-07-04 18:41:57 -07:00
@ -51,8 +51,8 @@ Arguments are as follows:
* `--cache ./cache` - use this directory as a cache for things like thumbnails
* `--port 8080` - listen on http on port 8080
Depending on your setup, the `photousers` command can be used to create a user account. Login information is necessary
to see images marked as private or upload images.
Next, the `photousers` command can be used to create a user account. Login information is necessary to see images marked
as private or upload images.
* `photousers create -u dave -p mypassword`
@ -107,12 +107,13 @@ This would ingest all the files listed in `shas.txt` that aren't already in the
- Stateless aka docker support
- Photo storage
- ~~Photo storage~~ done
- ~~Abstract the storage api~~ done
- ~~Standardize on API ingest~~ done
- Display and retrieval of images from the abstracted image store
- ~~Display and retrieval of images from the abstracted image store~~ done
- ~~Thumbnail gen~~ done
- Database support
- Get the web UI code ( using the same db access method as the api
- ~~Get the web UI code ( using the same db access method as the api~~
- Support any connection URI sqlalchemy is happy with
- Tune certain databases if their uri is detected (sqlite and threads lol)
- ~~Cache~~ done
@ -127,3 +128,4 @@ Roadmap
- Longer term ideas:
- "fast ingest" method that touches the db/storage directly. This would scale better than the API ingest.
- Dynamic svg placeholder for images we can't open

@ -1,27 +1,32 @@
import os
import cherrypy
import math
import logging
import cherrypy
from urllib.parse import urlparse
from datetime import datetime, timedelta
from photoapp.library import PhotoLibrary
from photoapp.thumb import ThumbGenerator
from photoapp.types import Photo, PhotoSet, Tag, TagItem, PhotoStatus, User
from jinja2 import Environment, FileSystemLoader, select_autoescape
from sqlalchemy import desc
from sqlalchemy import func, and_, or_
from photoapp.common import pwhash
from photoapp.api import PhotosApi, LibraryManager, FilesystemAdapter
from photoapp.dbutils import SAEnginePlugin, SATool
import math
from urllib.parse import urlparse
from photoapp.utils import mime2ext, auth, require_auth, photo_auth_filter, slugify
from photoapp.dbutils import db
from photoapp.dbutils import SAEnginePlugin, SATool, db, get_db_engine
from photoapp.utils import mime2ext, auth, require_auth, photoset_auth_filter, slugify
from jinja2 import Environment, FileSystemLoader, select_autoescape
from sqlalchemy import desc, func, and_, or_
APPROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), "../"))
def validate_password(realm, username, password):
if db.query(User).filter( == username, User.password == pwhash(password)).first():
return True
return False
class PhotosWeb(object):
def __init__(self, library, template_dir):
def __init__(self, library, thumbtool, template_dir):
self.library = library
self.thumbtool = thumbtool
self.tpl = Environment(loader=FileSystemLoader(template_dir),
autoescape=select_autoescape(['html', 'xml']))
@ -79,8 +84,8 @@ class PhotosWeb(object):
/feed - main photo feed - show photos sorted by date, newest first
page, pgsize = int(page), int(pgsize)
total_sets = photo_auth_filter(db.query(func.count([0]
images = photo_auth_filter(db.query(PhotoSet)).order_by( \
total_sets = photoset_auth_filter(db.query(func.count([0]
images = photoset_auth_filter(db.query(PhotoSet)).order_by( \
offset(pgsize * page).limit(pgsize).all()
yield self.render("feed.html", images=[i for i in images], page=page, pgsize=int(pgsize), total_sets=total_sets)
@ -89,11 +94,11 @@ class PhotosWeb(object):
/stats - show server statistics
images = photo_auth_filter(db.query(func.count(PhotoSet.uuid),
images = photoset_auth_filter(db.query(func.count(PhotoSet.uuid),
func.strftime('%m','month'))). \
group_by('year', 'month').order_by(desc('year'), desc('month')).all()
tsize = photo_auth_filter(db.query(func.sum(Photo.size)).join(PhotoSet)).scalar() # pragma: manual auth
tsize = photoset_auth_filter(db.query(func.sum(Photo.size)).join(PhotoSet)).scalar() # pragma: manual auth
yield self.render("monthly.html", images=images, tsize=tsize)
@ -103,7 +108,7 @@ class PhotosWeb(object):
the given tag.
TODO using so many coordinates is slow in the browser. dedupe them somehow.
query = photo_auth_filter(db.query(PhotoSet)).filter( != 0, PhotoSet.lon != 0)
query = photoset_auth_filter(db.query(PhotoSet)).filter( != 0, PhotoSet.lon != 0)
if a:
query = query.join(TagItem).join(Tag).filter(Tag.uuid == a)
if i:
@ -167,6 +172,7 @@ class PhotosWeb(object):
/login - enable super features by logging into the app
cherrypy.session['authed'] = cherrypy.request.login
print("Authed as", cherrypy.session['authed'])
dest = "/feed" if "Referer" not in cherrypy.request.headers \
else urlparse(cherrypy.request.headers["Referer"]).path
raise cherrypy.HTTPRedirect(dest, 302)
@ -201,15 +207,15 @@ class DateView(object):
pgsize = 100
dt = datetime.strptime(date, "%Y-%m-%d")
dt_end = dt + timedelta(days=1)
total_sets = photo_auth_filter(db.query(func.count( \
total_sets = photoset_auth_filter(db.query(func.count( \
filter(and_( >= dt, < dt_end)).first()[0]
images = photo_auth_filter(db.query(PhotoSet)).filter(and_( >= dt,
images = photoset_auth_filter(db.query(PhotoSet)).filter(and_( >= dt, < dt_end)).order_by( \
offset(page * pgsize).limit(pgsize).all()
yield self.master.render("date.html", page=page, pgsize=pgsize, total_sets=total_sets,
images=[i for i in images], date=dt)
images = photo_auth_filter(db.query(PhotoSet, func.strftime('%Y-%m-%d',
images = photoset_auth_filter(db.query(PhotoSet, func.strftime('%Y-%m-%d','gdate'),
@ -230,7 +236,7 @@ class ThumbnailView(object):
def index(self, item_type, thumb_size, uuid):
uuid = uuid.split(".")[0]
query = photo_auth_filter(db.query(Photo).join(PhotoSet))
query = photoset_auth_filter(db.query(Photo).join(PhotoSet))
query = query.filter(Photo.set.has(uuid=uuid)) if item_type == "set" \
else query.filter(Photo.uuid == uuid) if item_type == "one" \
@ -252,7 +258,7 @@ class ThumbnailView(object):
if not thumb_from:
raise cherrypy.HTTPError(404)
# TODO some lock around calls to this based on uuid
thumb_path = self.master.library.make_thumb(thumb_from, thumb_size)
thumb_path = self.master.thumbtool.make_thumb(thumb_from, thumb_size)
if thumb_path:
return cherrypy.lib.static.serve_file(thumb_path, "image/jpeg")
@ -271,7 +277,7 @@ class DownloadView(object):
def index(self, item_type, uuid, preview=False):
uuid = uuid.split(".")[0]
query = None if item_type == "set" \
else photo_auth_filter(db.query(Photo)).filter(Photo.uuid == uuid) if item_type == "one" \
else photoset_auth_filter(db.query(Photo).join(PhotoSet)).filter(Photo.uuid == uuid) if item_type == "one" \
else None # TODO set download query
item = query.first()
@ -280,7 +286,7 @@ class DownloadView(object):
extra = {}
if not preview:
extra.update(disposition="attachement", name=os.path.basename(item.path))
return cherrypy.lib.static.serve_file(os.path.abspath(os.path.join(self.master.library.path, item.path)),
return cherrypy.lib.static.serve_fileobj(, 'rb'),
content_type=item.format, **extra)
@ -295,7 +301,8 @@ class PhotoView(object):
def index(self, uuid):
# uuid = uuid.split(".")[0]
photo = photo_auth_filter(db.query(PhotoSet)).filter(or_(PhotoSet.uuid == uuid, PhotoSet.slug == uuid)).first()
photo = photoset_auth_filter(db.query(PhotoSet)).filter(or_(PhotoSet.uuid == uuid,
PhotoSet.slug == uuid)).first()
if not photo:
raise cherrypy.HTTPError(404)
yield self.master.render("photo.html", image=photo)
@ -326,7 +333,7 @@ class PhotoView(object):
def edit(self, uuid):
photo = photo_auth_filter(db.query(PhotoSet)).filter(PhotoSet.uuid == uuid).first()
photo = photoset_auth_filter(db.query(PhotoSet)).filter(PhotoSet.uuid == uuid).first()
yield self.master.render("photo_edit.html", image=photo)
@ -343,17 +350,17 @@ class TagView(object):
page = int(page)
pgsize = 100
if uuid == "untagged":
numphotos = photo_auth_filter(db.query(func.count( \
numphotos = photoset_auth_filter(db.query(func.count( \
photos = photo_auth_filter(db.query(PhotoSet)).filter(\
photos = photoset_auth_filter(db.query(PhotoSet)).filter(\
offset(page * pgsize). \
yield self.master.render("untagged.html", images=photos, total_items=numphotos, pgsize=pgsize, page=page)
tag = db.query(Tag).filter(or_(Tag.uuid == uuid, Tag.slug == uuid)).first()
numphotos = photo_auth_filter(db.query(func.count( \
numphotos = photoset_auth_filter(db.query(func.count( \
filter( ==
photos = photo_auth_filter(db.query(PhotoSet)).join(TagItem).join(Tag). \
photos = photoset_auth_filter(db.query(PhotoSet)).join(TagItem).join(Tag). \
filter( == \
order_by( \
offset(page * pgsize). \
@ -423,17 +430,21 @@ def main():
logging.basicConfig(level=logging.INFO if args.debug else logging.WARNING,
format="%(asctime)-15s %(levelname)-8s %(filename)s:%(lineno)d %(message)s")
library = PhotoLibrary(args.database, args.library, args.cache)
# Get database connection
engine = get_db_engine(args.database)
# Setup database in web framework = SATool()
SAEnginePlugin(cherrypy.engine, engine).subscribe()
# Create various internal tools
library_storage = FilesystemAdapter(args.library)
library_manager = LibraryManager(library_storage)
thumbnail_tool = ThumbGenerator(library_manager, args.cache)
# Setup and mount web ui
tpl_dir = os.path.join(APPROOT, "templates") if not args.debug else "templates"
web = PhotosWeb(library, tpl_dir)
def validate_password(realm, username, password):
if db.query(User).filter( == username, User.password == pwhash(password)).first():
return True
return False
web = PhotosWeb(library_manager, thumbnail_tool, tpl_dir)
cherrypy.tree.mount(web, '/', {'/': {'tools.trailing_slash.on': False,
'tools.db.on': True,
'error_page.403': web.error,
@ -445,12 +456,7 @@ def main():
'tools.auth_basic.realm': 'photolib',
'tools.auth_basic.checkpassword': validate_password}}) = SATool()
SAEnginePlugin(cherrypy.engine, library.engine).subscribe()
library_storage = FilesystemAdapter(args.library)
library_manager = LibraryManager(library_storage)
# Setup and mount API
api = PhotosApi(library_manager)
cherrypy.tree.mount(api, '/api', {'/': {'tools.trailing_slash.on': False,
'tools.auth_basic.on': True,
@ -458,6 +464,7 @@ def main():
'tools.auth_basic.checkpassword': validate_password,
'tools.db.on': True}})
# General config options
'tools.sessions.on': True,
'tools.sessions.locking': 'explicit',
@ -471,6 +478,7 @@ def main():
'engine.autoreload.on': args.debug
# Setup signal handling and run it.
def signal_handler(signum, stack):
logging.critical('Got sig {}, exiting...'.format(signum))

@ -2,11 +2,28 @@ import sqlalchemy
import cherrypy
from cherrypy.process import plugins
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.pool import StaticPool, AssertionPool, NullPool
from sqlalchemy.orm import sessionmaker
Base = declarative_base()
def get_db_engine(uri):
# TODO handle more uris
engine = sqlalchemy.create_engine('sqlite:///{}'.format(uri),
connect_args={'check_same_thread': False}, poolclass=NullPool, pool_pre_ping=True)
return engine
def get_db_session(uri):
engine = get_db_engine(uri)
session = sessionmaker()
return session
class DbAlias(object):
This provides a shorter alias for the cherrypy.request.db object, which is a database session created bound to the

@ -1,6 +1,5 @@
import argparse
import traceback
from photoapp.library import PhotoLibrary
from photoapp.image import get_jpg_info, get_hash, get_mtime, special_magic
from itertools import chain
from photoapp.types import Photo, PhotoSet, known_extensions, regular_images, files_raw, files_video, map_extension

@ -2,66 +2,19 @@ import os
import sys
import traceback
from time import time
from sqlalchemy import create_engine
from sqlalchemy.pool import StaticPool, AssertionPool, NullPool # NOQA
from sqlalchemy.orm import sessionmaker
from photoapp.types import Base, Photo, PhotoSet # NOQA need to be loaded for orm setup
from sqlalchemy.exc import IntegrityError
from collections import defaultdict
from multiprocessing import Process
from PIL import Image, ImageOps
import tempfile
from shutil import copyfileobj
class PhotoLibrary(object):
def __init__(self, db_path, lib_path, cache_path):
self.path = lib_path
class ThumbGenerator(object):
def __init__(self, library, cache_path):
self.library = library
self.cache_path = cache_path
# TODO configure from env var
# TODO use the right pool and connection args depending on the url
self.engine = create_engine('sqlite:///{}'.format(db_path),
connect_args={'check_same_thread': False}, poolclass=NullPool, pool_pre_ping=True)
self.session = sessionmaker()
self._failed_thumbs_cache = defaultdict(dict)
def add_photoset(self, photoset):
Commit a populated photoset object to the library. The paths in the photoset's file list entries will be updated
as the file is moved to the library path.
# Create target directory
path = os.path.join(self.path, self.get_datedir_path(
os.makedirs(path, exist_ok=True)
moves = [] # Track files moved. If the sql transaction files, we'll undo these
for file in photoset.files:
dest = os.path.join(path, os.path.basename(file.path))
# Check if the name is already in use, rename new file if needed
dupe_rename = 1
while os.path.exists(dest):
fname = os.path.basename(file.path).split(".")
fname[-2] += "_{}".format(dupe_rename)
dest = os.path.join(path, '.'.join(fname))
dupe_rename += 1
os.rename(file.path, dest)
moves.append((file.path, dest))
file.path = dest.lstrip(self.path)
s = self.session()
except IntegrityError:
# Commit failed, undo the moves
for move in moves:
os.rename(move[1], move[0])
def get_datedir_path(self, date):
Return a path like 2018/3/31 given a datetime object representing the same date
@ -97,7 +50,13 @@ class PhotoLibrary(object):
thumb_width = min(thumb_width, i_width if i_width > 0 else 999999999) # TODO do we even have photo.width if PIL can't read the image?
thumb_height = min(thumb_height, i_height if i_height > 0 else 999999999) # TODO this seems bad
p = Process(target=self.gen_thumb, args=(os.path.join(self.path, photo.path), dest, thumb_width, thumb_height, photo.orientation))
# TODO have the subprocess download the file
with tempfile.TemporaryDirectory() as tmpdir:
fpath = os.path.join(tmpdir, "image")
with, 'rb') as fsrc, open(fpath, 'wb') as fdest:
copyfileobj(fsrc, fdest)
p = Process(target=self.gen_thumb, args=(fpath, dest, thumb_width, thumb_height, photo.orientation))
if p.exitcode != 0:
@ -117,7 +76,7 @@ class PhotoLibrary(object):
thumb =, (width, height), Image.ANTIALIAS), 'JPEG')
print("Generated {} in {}s".format(dest_img, round(time() - start, 4)))
except Exception:
if os.path.exists(dest_img):

@ -1,24 +1,22 @@
import argparse
from photoapp.library import PhotoLibrary
from photoapp.types import User
from photoapp.common import pwhash
from photoapp.dbutils import get_db_session
from tabulate import tabulate
def create_user(library, username, password):
s = library.session()
def create_user(s, username, password):
s.add(User(name=username, password=pwhash(password)))
def list_users(library):
s = library.session()
for user in s.query(User).order_by(
def list_users(s):
print(tabulate([[,] for user in s.query(User).order_by(],
headers=["id", "username"]))
def delete_user(library, username):
s = library.session()
def delete_user(s, username):
u = s.query(User).filter( == username).first()
@ -27,6 +25,8 @@ def delete_user(library, username):
def main():
parser = argparse.ArgumentParser(description="User manipulation tool")
parser.add_argument("-d", "--database", help="database uri")
p_mode = parser.add_subparsers(dest='action', help='action to take')
p_create = p_mode.add_parser('create', help='create user')
@ -40,14 +40,14 @@ def main():
args = parser.parse_args()
library = PhotoLibrary("photos.db", "./library/", "./cache/")
session = get_db_session(args.database)()
if args.action == "create":
create_user(library, args.username, args.password)
create_user(session, args.username, args.password)
elif args.action == "list":
elif args.action == "delete":
delete_user(library, args.username)
delete_user(session, args.username)

@ -63,7 +63,7 @@ def require_auth(func):
return wrapped
def photo_auth_filter(query):
def photoset_auth_filter(query):
Sqlalchemy helper: filter the given PhotoSet query to items that match the authorized user's PhotoStatus access
level. Currently, authed users can access ALL photos, and unauthed users can access only PhotoStatus.public

@ -17,12 +17,12 @@ setup(name='photoapp',
"console_scripts": [
"photoappd = photoapp.daemon:main",
"photoimport = photoapp.ingest:main",
"photovalidate = photoapp.validate:main",
"photoinfo = photoapp.image:main",
"photooffset = photoapp.dateoffset:main",
"photousers = photoapp.users:main",
"photocli = photoapp.cli:main",
# "photoimport = photoapp.ingest:main", # broken for now
# "photovalidate = photoapp.validate:main",
#"photooffset = photoapp.dateoffset:main",