I'm trying to implement django-filebrowser into my latest app. I have grappelli installed also. The urls work fine for getting into filebrowser /admin/filebrowser/browse is what I have it set at.
The problem I am having is when it comes to trying to either add a folder or upload a file.
New Folder:
When I'm adding a folder an error is thrown stating:
Please correct the following errors.
Permission denied.
Now the permissions for the folder are fine. I don't understand why it won't allow me to upload files here.
drwxr-xr-x 2 naytive naytive 4096 Jan 18 08:32 uploads/
Upload File:
Normally when uploading a file, the filebrowser upload screen appears with a timer to upload success, however when I try to upload a file it just refreshes the page with url ending
?_save=Upload
It is getting to the point where I will just remove the module because it isn't doing as it is set up to be.
Any ideas?
EDIT: I think the uploading files side of things is caused by the original file permissions also. If we fix this error then perhaps the upload will work too.
If you use it on a server with apache, then you must give apache right to write in this folder (chown).
I had something similar. I gave permission to www-data user to the folder i wanted to upload to and it worked.
Related
I have a static folder set in django to a network path
STATICFILES_DIRS = [
"//SERVER/Shared1/FOLDER_210121/",
]
and I have 2 pages that have links to this static subfolders
link1: http://server2:8044/static/folder1/COINS_LIVE_OU164/user1310200781810167.tif
link2: http://server2:8044/static/folder2/COINS_LIVE_OU164/user2310200781810167.tif
however link1 works perfectly but link 2 gives me an error as file not found
but the file does exist, and from IIS I have set a virtual directory aliased as "static" with the root folder that contains the subfolder from where I get the files.
I can navigate from the virtual directory to both files, the virutal directory was created with the defaultAppPool user.
is there something else I could check?
(if I run the manage.py runserver command and I use localhost I can download both files, the issue is when using it from the IIS).
if I print the value of static in a label the path is ok, so I'm guessing permission, but where can I be missing the configuration?
Thank you.
Adding a bit more info:
the issue affects a subfolder inside the "static" folder, 1 can enter without probelms, the other can't.
I'm getting crazy. I deleted all, created again, and the issue still occurs.
I was able to solve my particualr problem, it was fixed by putting the static handler module mapping alone with the Django FastCGI (custom) module in the website IIS
I deployed the server with Ubuntu 18, Django, Gunicorn, Nginx
And I ran into this problem:
everything works great but,
When I upload large pictures files in Django, Nginx gives 403 Error Forbidden.
I updated the permissions to the folder with static files on 755. It works!
But when I upload other files, the rights do not work.
I added the user root and user www-data to the folder owner’s group, but nothing has changed.
I understand that Nginx has no permissions, but how can I implement the inheritance permissions of new files from the parent folder
or will you suggest another solution?
You need to add FILE_UPLOAD_PERMISSIONS=0o644 variable to you settings.py file.
This is the numeric mode (i.e. 0o644) to newly uploaded files to.
For more information, please read this doc.
Try use this
chown -R www-data:www-data 'your project folder'
I have read a few interesting articles and watched a few videos but I'm afraid I still have a few things I need help with understanding. I'm a very new dabbler to all this.
1) The example listed in the blog made sense and I tried to implement it but unfortunately my django project is in the home folder and the full wsgi path is /home/serverio/server.io_Tools/server.io/mysite/mysite/wsgi.py. And since www-date needs read and execute permission in order to the open the folders leading up to the last mysite directory, I tried creating a new group which has rwx permission on the static and media folders. This was ok for the static and media folder because I used django collectstatic to move those files into the /var/www folder, which is also has the group that www-data belongs as it's group. The blog did not speak much about situations like mine; where I have wsgi.py in my home folder as shown above. So I tried to make the group of the home folder the same group that www-data belongs(recursively) but the end result was that I could not open the folder from the ubuntu's (GUI) interface even though I also put my username into the same group that is used by www-data and I confirmed that I was also the owner of the directory when I did ls -l. So I abandoned this method and I put www-data in the same group that my userid(the username that was used to build the server) belongs and applied a chmod of 770 to the home folder recursively. With this change, apache was able to open my django app but I really think I may have created a security problem?
2) In the video link, Graham Dumpleton, advised to apply a chmod of 0+rx to the wsgi path which in my case is (/home/serverio/server.io_Tools/server.io/mysite/mysite/). I suspect that means that any web user will now be able to read the files on the computer because Gramham also said people should consider moving django project to a none home location. In this forum, I have seen people moving their project to /var/wwww and I have seen people comment that this is a risk. Gramham also spoke about moving wsgi file ONLY to a new location but I got lost during the explanation.
I suppose my questions are :
a) when a user is browsing a site, what permissions are they using; is it www-data or other (o)? and when we say o+rx are we giving these web users this permission through this command?. Is this enough permission for them to read the raw python code?
b) given my current situation, what's the simplest and effective way forward for me
Thanks forum.
I have a django app containing a model with a file upload field. the upload field takes the targeted file and uploads a copy to either an existing directory in the media root or, if the directory hasn't been created, it creates the directory and drops the file inside of it.
The app works beautifully in dev, utilizing the built-in django server, but when I move it to a production server (my OSX machine running an apache2 instance with mod_wsgi) I get "[Error 13] Permission denied" thrown from the mkdir function in django's storage.py whenever I try to upload a file. I strongly suspect there is permission syntax that needs to be added to my apache httpd.conf. I don't know why else the django server has no trouble with the code but apache gags. Does anyone know?
Permissions issues are described in mod_wsgi documentation at:
http://code.google.com/p/modwsgi/wiki/ApplicationIssues#Access_Rights_Of_Apache_User
I guess sometimes an error message is exactly what it says it is. In this case "[Error 13] Permission denied" was being thrown because apache didn't have write access to the directories the django app was attempting to upload to. I simply navigated to the the directories I set as file upload directories, and gave write permissions on them systemwide. This probably wasn't the most secure solution, but it was the most practical as, it works and I don't know how to explicitly set write permissions for apache2 without just opening the directory systemwide.
Also, I didn't post the question at serverfault because I didn't know whether it was a django config issue or an apache issue.
I'm using django with wsgi on apache2
I was trying to acess a css file in my site/static/css folder and since the permission was 644, the css file could not be accessed by apache2.
So I chmod 645 on the site/static/css folder and everything was fine. However, I am worried that granting execution rights to everyone to anything in the css folder could cause security problems. What is the correct way to tackle this problem, perhaps a way to grant certain permissions using the httpd.conf file?
Thanks!
You can use chown to cause the files to be owned by the same group as apache (www-data?) and then set the permission on the group instead everyone.