From 6946abae1330e614b8cf19ef7e1e8b1aba6b165d Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Tue, 16 Mar 2021 16:42:33 +1100
Subject: [PATCH 01/14] CSS fix for modal error info dialog

---
 InvenTree/templates/modals.html | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/InvenTree/templates/modals.html b/InvenTree/templates/modals.html
index 11166751f8..dea7a8bbfa 100644
--- a/InvenTree/templates/modals.html
+++ b/InvenTree/templates/modals.html
@@ -78,7 +78,9 @@
               </button>
               <h3 id='modal-title'>Alert Information</h3>
             </div>
-            <div class='modal-form-content'>
+            <div class='modal-form-content-wrapper'>
+              <div class='modal-form-content'>
+              </div>
             </div>
             <div class='modal-footer'>
                 <button type='button' class='btn btn-default' data-dismiss='modal'>{% trans "Close" %}</button>

From 3900f9b1b64181acb898bfb94b8cb8cea505d354 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 08:28:12 +1100
Subject: [PATCH 02/14] Add form for submitting image URL

---
 InvenTree/part/forms.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/InvenTree/part/forms.py b/InvenTree/part/forms.py
index 85a851e235..7962ec3252 100644
--- a/InvenTree/part/forms.py
+++ b/InvenTree/part/forms.py
@@ -37,6 +37,24 @@ class PartModelChoiceField(forms.ModelChoiceField):
         return label
 
 
+class PartImageDownloadForm(HelperForm):
+    """
+    Form for downloading an image from a URL
+    """
+
+    url = forms.URLField(
+        label=_('URL'),
+        help_text=_('Image URL'),
+        required=True,
+    )
+
+    class Meta:
+        model = Part
+        fields = [
+            'url',
+        ]
+
+
 class PartImageForm(HelperForm):
     """ Form for uploading a Part image """
 

From 5b7d35e6f7f3b0b96aee4fbd56b89c7ae6699b7a Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 08:28:28 +1100
Subject: [PATCH 03/14] add View

---
 InvenTree/part/urls.py  |  1 +
 InvenTree/part/views.py | 76 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 77 insertions(+)

diff --git a/InvenTree/part/urls.py b/InvenTree/part/urls.py
index e21c6295e3..f275edede2 100644
--- a/InvenTree/part/urls.py
+++ b/InvenTree/part/urls.py
@@ -75,6 +75,7 @@ part_detail_urls = [
     # Normal thumbnail with form
     url(r'^thumbnail/?', views.PartImageUpload.as_view(), name='part-image-upload'),
     url(r'^thumb-select/?', views.PartImageSelect.as_view(), name='part-image-select'),
+    url(r'^thumb-download/', views.PartImageDownloadFromURL.as_view(), name='part-image-download'),
 
     # Any other URLs go to the part detail page
     url(r'^.*$', views.PartDetail.as_view(), name='part-detail'),
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index b4400bcb6d..ec182920d5 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -5,6 +5,7 @@ Django views for interacting with Part app
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
 
+from django.core.files import File
 from django.core.exceptions import ValidationError
 from django.db import transaction
 from django.db.utils import IntegrityError
@@ -19,6 +20,9 @@ from django.conf import settings
 
 from moneyed import CURRENCIES
 
+from urllib.parse import urlsplit
+from tempfile import TemporaryFile
+import requests
 import os
 
 from rapidfuzz import fuzz
@@ -47,6 +51,7 @@ from InvenTree.views import QRCodeView
 from InvenTree.views import InvenTreeRoleMixin
 
 from InvenTree.helpers import DownloadFile, str2bool
+from InvenTree.helpers import TestIfImageURL, TestIfImage
 
 
 class PartIndex(InvenTreeRoleMixin, ListView):
@@ -831,6 +836,77 @@ class PartQRCode(QRCodeView):
             return None
 
 
+class PartImageDownloadFromURL(AjaxUpdateView):
+    """
+    View for downloading an image from a provided URL
+    """
+
+    model = Part
+
+    form_class = part_forms.PartImageDownloadForm
+    ajax_form_title = _('Download Image')
+
+    def validate(self, part, form):
+        """
+        Validate that the image data are correct.
+
+        - Try to download the image!
+        """
+
+        # First ensure that the normal validation routines pass
+        if not form.is_valid():
+            return
+
+        # We can now extract a valid URL from the form data
+        url = form.cleaned_data.get('url', None)
+
+        response = requests.get(url, stream=True)
+
+        # Check that the URL "looks" like an image URL
+        if not TestIfImageURL(url):
+            form.add_error('url', _('Supplied URL is not one of the supported image formats'))
+            return
+
+        # Check for valid response code
+        if not response.status_code == 200:
+            form.add_error('url', f"{_('Invalid response')}: {response.status_code}")
+            return
+
+        # Validate that the returned object is a valid image file
+        if not TestIfImage(response.raw):
+            form.add_error('url', _('Supplied URL is not a valid image file'))
+            return
+
+        # Save the image object
+        self.image_response = response
+
+    def save(self, part, form, **kwargs):
+        """
+        Save the downloaded image to the part
+        """
+        
+        response = getattr(self, 'image_response', None)
+
+        if not response:
+            return
+
+        with TemporaryFile() as tf:
+
+            #for chunk in response.iter_content(chunk_size=2048):
+            #    tf.write(chunk)
+
+            img_data = response.raw.read()
+            tf.write(img_data)
+
+            print("Saved to temp file:", tf.name)
+
+            tf.seek(0)
+
+            part.image.save(
+                os.path.basename(urlsplit(response.url).path),
+                File(tf),
+            )
+
 class PartImageUpload(AjaxUpdateView):
     """ View for uploading a new Part image """
 

From 45edb7e8025011cdd5ba5a459eb89b4f281b0ff3 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 08:28:38 +1100
Subject: [PATCH 04/14] Add button

---
 InvenTree/part/templates/part/part_base.html  | 8 +++++++-
 InvenTree/part/templates/part/part_thumb.html | 5 ++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index ebcbdef03a..58922e377c 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -294,6 +294,13 @@
             }
         });
     }
+    
+    {% if roles.part.change %}
+    $("#part-image-url").click(function() {
+        launchModalForm(
+            '{% url "part-image-download" part.id %}',
+        );
+    });
 
     $("#part-image-select").click(function() {
         launchModalForm("{% url 'part-image-select' part.id %}",
@@ -303,7 +310,6 @@
                         });
     });
 
-    {% if roles.part.change %}
     $("#part-edit").click(function() {
         launchModalForm(
             "{% url 'part-edit' part.id %}",
diff --git a/InvenTree/part/templates/part/part_thumb.html b/InvenTree/part/templates/part/part_thumb.html
index e0314b1c7e..5cef673bd7 100644
--- a/InvenTree/part/templates/part/part_thumb.html
+++ b/InvenTree/part/templates/part/part_thumb.html
@@ -11,10 +11,13 @@
               src="{% static 'img/blank_image.png' %}"
               {% endif %}/>
       </div>
+      {% if roles.part.change %}
       <div class='btn-row part-thumb-overlay'>
           <div class='btn-group'>
               <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Select from existing images' %}" id='part-image-select'><span class='fas fa-th'></span></button>
-              <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Upload new image' %}" id='part-image-upload'><span class='fas fa-file-image'></span></button>
+              <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Download image from URL' %}" id='part-image-url'><span class='fas fa-cloud-download-alt'></span></button>
+              <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Upload new image' %}" id='part-image-upload'><span class='fas fa-file-upload'></span></button>
           </div>
       </div>
+      {% endif %}
     </div>
\ No newline at end of file

From 15678f789cb10f8b16331e75efed0287c14a14e3 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 08:40:30 +1100
Subject: [PATCH 05/14] Add global setting to enable download of files / images
 from remote URL

---
 InvenTree/common/models.py                         | 7 +++++++
 InvenTree/part/templates/part/part_base.html       | 4 ++++
 InvenTree/part/templates/part/part_thumb.html      | 7 ++++++-
 InvenTree/templates/InvenTree/settings/global.html | 1 +
 4 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/InvenTree/common/models.py b/InvenTree/common/models.py
index 06c06bde05..73acb5113d 100644
--- a/InvenTree/common/models.py
+++ b/InvenTree/common/models.py
@@ -78,6 +78,13 @@ class InvenTreeSetting(models.Model):
             'choices': djmoney.settings.CURRENCY_CHOICES,
         },
 
+        'INVENTREE_DOWNLOAD_FROM_URL': {
+            'name': _('Download from URL'),
+            'description': _('Allow download of remote images and files from external URL'),
+            'validator': bool,
+            'default': False,
+        },
+
         'BARCODE_ENABLE': {
             'name': _('Barcode Support'),
             'description': _('Enable barcode scanner support'),
diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index 58922e377c..6031ec69f8 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -296,11 +296,15 @@
     }
     
     {% if roles.part.change %}
+    
+    {% settings_value "INVENTREE_DOWNLOAD_FROM_URL" as allow_download %}
+    {% if allow_download %}
     $("#part-image-url").click(function() {
         launchModalForm(
             '{% url "part-image-download" part.id %}',
         );
     });
+    {% endif %}
 
     $("#part-image-select").click(function() {
         launchModalForm("{% url 'part-image-select' part.id %}",
diff --git a/InvenTree/part/templates/part/part_thumb.html b/InvenTree/part/templates/part/part_thumb.html
index 5cef673bd7..9e1de6fc26 100644
--- a/InvenTree/part/templates/part/part_thumb.html
+++ b/InvenTree/part/templates/part/part_thumb.html
@@ -1,5 +1,8 @@
 {% load static %}
 {% load i18n %}
+{% load inventree_extras %}
+
+{% settings_value "INVENTREE_DOWNLOAD_FROM_URL" as allow_download %}
 
 <div class="media">
     <div class="media-left part-thumb-container">
@@ -15,8 +18,10 @@
       <div class='btn-row part-thumb-overlay'>
           <div class='btn-group'>
               <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Select from existing images' %}" id='part-image-select'><span class='fas fa-th'></span></button>
-              <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Download image from URL' %}" id='part-image-url'><span class='fas fa-cloud-download-alt'></span></button>
               <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Upload new image' %}" id='part-image-upload'><span class='fas fa-file-upload'></span></button>
+              {% if allow_download %}
+              <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Download image from URL' %}" id='part-image-url'><span class='fas fa-cloud-download-alt'></span></button>
+              {% endif %}
           </div>
       </div>
       {% endif %}
diff --git a/InvenTree/templates/InvenTree/settings/global.html b/InvenTree/templates/InvenTree/settings/global.html
index d63593d866..c234bd1379 100644
--- a/InvenTree/templates/InvenTree/settings/global.html
+++ b/InvenTree/templates/InvenTree/settings/global.html
@@ -19,6 +19,7 @@
         {% include "InvenTree/settings/setting.html" with key="INVENTREE_BASE_URL" icon="fa-globe" %}
         {% include "InvenTree/settings/setting.html" with key="INVENTREE_COMPANY_NAME" icon="fa-building" %}
         {% include "InvenTree/settings/setting.html" with key="INVENTREE_DEFAULT_CURRENCY" icon="fa-dollar-sign" %}
+        {% include "InvenTree/settings/setting.html" with key="INVENTREE_DOWNLOAD_FROM_URL" icon="fa-cloud-download-alt" %}
     </tbody>
 </table>
 

From 5f19f534fce860be79e88a382ccfe4b7d2412759 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 09:47:57 +1100
Subject: [PATCH 06/14] Catch error if invalid image is uploaded

---
 InvenTree/part/apps.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/InvenTree/part/apps.py b/InvenTree/part/apps.py
index b1089cd57c..d08e7680fe 100644
--- a/InvenTree/part/apps.py
+++ b/InvenTree/part/apps.py
@@ -7,6 +7,7 @@ from django.db.utils import OperationalError, ProgrammingError
 from django.apps import AppConfig
 from django.conf import settings
 
+from PIL import UnidentifiedImageError
 
 logger = logging.getLogger(__name__)
 
@@ -44,9 +45,11 @@ class PartConfig(AppConfig):
                         try:
                             part.image.render_variations(replace=False)
                         except FileNotFoundError:
-                            logger.warning("Image file missing")
+                            logger.warning(f"Image file '{part.image}' missing")
                             part.image = None
                             part.save()
+                        except UnidentifiedImageError:
+                            logger.warning(f"Image file '{part.image}' is invalid")
         except (OperationalError, ProgrammingError):
             # Exception if the database has not been migrated yet
             pass

From 47a11435703ff9d36d4af6a73cee2c946d8c05ce Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 11:55:51 +1100
Subject: [PATCH 07/14] Catch error when generating company thumbnail images

---
 InvenTree/company/apps.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/InvenTree/company/apps.py b/InvenTree/company/apps.py
index 2777425ab4..3fa3197183 100644
--- a/InvenTree/company/apps.py
+++ b/InvenTree/company/apps.py
@@ -7,6 +7,7 @@ from django.apps import AppConfig
 from django.db.utils import OperationalError, ProgrammingError
 from django.conf import settings
 
+from PIL import UnidentifiedImageError
 
 logger = logging.getLogger(__name__)
 
@@ -38,9 +39,11 @@ class CompanyConfig(AppConfig):
                         try:
                             company.image.render_variations(replace=False)
                         except FileNotFoundError:
-                            logger.warning("Image file missing")
+                            logger.warning(f"Image file '{company.image}' missing")
                             company.image = None
                             company.save()
+                        except UnidentifiedImageError:
+                            logger.warning(f"Image file '{company.image}' is invalid")
         except (OperationalError, ProgrammingError):
             # Getting here probably meant the database was in test mode
             pass

From 9a710ca28f53cea35525e5ea1a5399016222bf2e Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 23:02:32 +1100
Subject: [PATCH 08/14] Fix image download code

---
 InvenTree/part/templates/part/part_base.html |  3 ++
 InvenTree/part/views.py                      | 51 +++++++++++---------
 2 files changed, 30 insertions(+), 24 deletions(-)

diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index 6031ec69f8..fdc5624741 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -302,6 +302,9 @@
     $("#part-image-url").click(function() {
         launchModalForm(
             '{% url "part-image-download" part.id %}',
+            {
+                reload: true,
+            }
         );
     });
     {% endif %}
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index ec182920d5..7fe9f80216 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -5,7 +5,7 @@ Django views for interacting with Part app
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
 
-from django.core.files import File
+from django.core.files.base import ContentFile
 from django.core.exceptions import ValidationError
 from django.db import transaction
 from django.db.utils import IntegrityError
@@ -20,10 +20,13 @@ from django.conf import settings
 
 from moneyed import CURRENCIES
 
+from PIL import Image
+
 from urllib.parse import urlsplit
 from tempfile import TemporaryFile
 import requests
 import os
+import io
 
 from rapidfuzz import fuzz
 from decimal import Decimal, InvalidOperation
@@ -860,52 +863,52 @@ class PartImageDownloadFromURL(AjaxUpdateView):
         # We can now extract a valid URL from the form data
         url = form.cleaned_data.get('url', None)
 
-        response = requests.get(url, stream=True)
-
         # Check that the URL "looks" like an image URL
         if not TestIfImageURL(url):
             form.add_error('url', _('Supplied URL is not one of the supported image formats'))
             return
 
+        # Download the file
+        response = requests.get(url, stream=True)
+
+        self.response = response
+
         # Check for valid response code
         if not response.status_code == 200:
             form.add_error('url', f"{_('Invalid response')}: {response.status_code}")
             return
 
-        # Validate that the returned object is a valid image file
-        if not TestIfImage(response.raw):
-            form.add_error('url', _('Supplied URL is not a valid image file'))
-            return
+        response.raw.decode_content = True
 
-        # Save the image object
-        self.image_response = response
+        try:
+            self.image = Image.open(response.raw).convert('RGB')
+            self.image.verify()
+        except:
+            form.add_error('url', _("Supplied URL is not a valid image file"))
+            return
 
     def save(self, part, form, **kwargs):
         """
         Save the downloaded image to the part
         """
-        
-        response = getattr(self, 'image_response', None)
 
-        if not response:
-            return
+        fmt = self.image.format
 
-        with TemporaryFile() as tf:
+        if not fmt:
+            fmt = 'PNG'
 
-            #for chunk in response.iter_content(chunk_size=2048):
-            #    tf.write(chunk)
+        buffer = io.BytesIO()
 
-            img_data = response.raw.read()
-            tf.write(img_data)
+        self.image.save(buffer, format=fmt)
 
-            print("Saved to temp file:", tf.name)
+        # Construct a simplified name for the image
+        filename = f"part_{part.pk}_image.{fmt.lower()}"
 
-            tf.seek(0)
+        part.image.save(
+            filename,
+            ContentFile(buffer.getvalue()),
+        )
 
-            part.image.save(
-                os.path.basename(urlsplit(response.url).path),
-                File(tf),
-            )
 
 class PartImageUpload(AjaxUpdateView):
     """ View for uploading a new Part image """

From be30933bfae10390f34cbbb1fca88735b84c0b72 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 23:06:56 +1100
Subject: [PATCH 09/14] Add custom form template

---
 .../part/templates/part/image_download.html      | 16 ++++++++++++++++
 InvenTree/part/views.py                          |  1 +
 2 files changed, 17 insertions(+)
 create mode 100644 InvenTree/part/templates/part/image_download.html

diff --git a/InvenTree/part/templates/part/image_download.html b/InvenTree/part/templates/part/image_download.html
new file mode 100644
index 0000000000..1191886711
--- /dev/null
+++ b/InvenTree/part/templates/part/image_download.html
@@ -0,0 +1,16 @@
+{% extends "modal_form.html" %}
+
+{% load inventree_extras %}
+{% load i18n %}
+
+{% block pre_form_content %}
+<div class='alert alert-block alert-info'>
+    {% trans "Specify URL for downloading image" %}:
+
+    <ul>
+        <li>{% trans "Must be a valid image URL" %}</li>
+        <li>{% trans "Remote server must be accessible" %}</li>
+        <li>{% trans "Remote image must not exceed maximum allowable file size" %}</li>
+    </ul>
+</div>
+{% endblock %}
\ No newline at end of file
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 7fe9f80216..a5b40124a6 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -846,6 +846,7 @@ class PartImageDownloadFromURL(AjaxUpdateView):
 
     model = Part
 
+    ajax_template_name = 'part/image_download.html'
     form_class = part_forms.PartImageDownloadForm
     ajax_form_title = _('Download Image')
 

From 8b310d8e47542746ceda50f01555834b25f622c1 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 23:11:38 +1100
Subject: [PATCH 10/14] Check length of response

---
 InvenTree/part/views.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index a5b40124a6..3e20a08714 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -872,6 +872,22 @@ class PartImageDownloadFromURL(AjaxUpdateView):
         # Download the file
         response = requests.get(url, stream=True)
 
+        # Look at response header, reject if too large
+        content_length = response.headers.get('Content-Length', '0')
+
+        try:
+            content_length = int(content_length)
+        except (ValueError):
+            # If we cannot extract meaningful length, just assume it's "small enough"
+            content_length = 0
+
+        # TODO: Factor this out into a configurable setting
+        MAX_IMG_LENGTH = 10 * 1024 * 1024
+
+        if content_length > MAX_IMG_LENGTH:
+            form.add_error('url', _('Image size exceeds maximum allowable size for download'))
+            return
+
         self.response = response
 
         # Check for valid response code

From db4762986754b9d1064f86dd4f38e6b2a8532f9c Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 23:15:48 +1100
Subject: [PATCH 11/14] Cleanup

---
 InvenTree/part/views.py | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 3e20a08714..3bee3eefa2 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -22,8 +22,6 @@ from moneyed import CURRENCIES
 
 from PIL import Image
 
-from urllib.parse import urlsplit
-from tempfile import TemporaryFile
 import requests
 import os
 import io
@@ -54,7 +52,6 @@ from InvenTree.views import QRCodeView
 from InvenTree.views import InvenTreeRoleMixin
 
 from InvenTree.helpers import DownloadFile, str2bool
-from InvenTree.helpers import TestIfImageURL, TestIfImage
 
 
 class PartIndex(InvenTreeRoleMixin, ListView):
@@ -864,11 +861,6 @@ class PartImageDownloadFromURL(AjaxUpdateView):
         # We can now extract a valid URL from the form data
         url = form.cleaned_data.get('url', None)
 
-        # Check that the URL "looks" like an image URL
-        if not TestIfImageURL(url):
-            form.add_error('url', _('Supplied URL is not one of the supported image formats'))
-            return
-
         # Download the file
         response = requests.get(url, stream=True)
 

From e3a5a56371ab78a0f2a267a6ceefe5771b438b01 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 23:44:47 +1100
Subject: [PATCH 12/14] Add "modal image" display for part thumbnails

---
 InvenTree/InvenTree/static/css/inventree.css | 47 ++++++++++++++++++++
 InvenTree/part/templates/part/part_base.html |  6 +++
 InvenTree/templates/js/modals.js             | 39 ++++++++++++++++
 InvenTree/templates/modals.html              |  7 +++
 4 files changed, 99 insertions(+)

diff --git a/InvenTree/InvenTree/static/css/inventree.css b/InvenTree/InvenTree/static/css/inventree.css
index 3650aa5ddf..153931f974 100644
--- a/InvenTree/InvenTree/static/css/inventree.css
+++ b/InvenTree/InvenTree/static/css/inventree.css
@@ -626,6 +626,53 @@
     z-index: 11000;
 }
 
+.modal-close {
+    position: absolute;
+    top: 15px;
+    right: 35px;
+    color: #f1f1f1;
+    font-size: 40px;
+    font-weight: bold;
+    transition: 0.25s;
+}
+
+.modal-close:hover,
+.modal-close:focus {
+    color: #bbb;
+    text-decoration: none;
+    cursor: pointer;
+}
+
+.modal-image-content {
+    margin: auto;
+    display: block;
+    width: 80%;
+    max-width: 700px;
+    text-align: center;
+    color: #ccc;
+    padding: 10px 0;
+}
+
+@media only screen and (max-width: 700px){
+    .modal-image-content {
+      width: 100%;
+    }
+}
+
+.modal-image {
+    display: none;
+    position: fixed;
+    z-index: 10000;
+    padding-top: 100px;
+    left: 0;
+    top: 0;
+    width: 100%;
+    height: 100%;
+    overflow: auto;
+    background-color: rgb(0,0,0); /* Fallback color */
+    background-color: rgba(0,0,0,0.85); /* Black w/ opacity */
+}
+
 .js-modal-form .checkbox {
     margin-left: 0px;
 }
diff --git a/InvenTree/part/templates/part/part_base.html b/InvenTree/part/templates/part/part_base.html
index fdc5624741..96c9636c88 100644
--- a/InvenTree/part/templates/part/part_base.html
+++ b/InvenTree/part/templates/part/part_base.html
@@ -206,6 +206,12 @@
         toggleId: '#part-menu-toggle',
     });
 
+    {% if part.image %}
+    $('#part-thumb').click(function() {
+        showModalImage('{{ part.image.url }}');
+    });
+    {% endif %}
+
     enableDragAndDrop(
         '#part-thumb',
         "{% url 'part-image-upload' part.id %}",
diff --git a/InvenTree/templates/js/modals.js b/InvenTree/templates/js/modals.js
index 12639749f6..2c246d2a36 100644
--- a/InvenTree/templates/js/modals.js
+++ b/InvenTree/templates/js/modals.js
@@ -909,3 +909,42 @@ function launchModalForm(url, options = {}) {
     // Send the AJAX request
     $.ajax(ajax_data);
 }
+
+
+function hideModalImage() {
+
+    var modal = $('#modal-image-dialog');
+
+    modal.animate({
+        opacity: 0.0,
+    }, 250, function() {
+        modal.hide();
+    });
+
+}
+
+
+function showModalImage(image_url) {
+    // Display full-screen modal image
+
+    console.log('showing modal image: ' + image_url);
+
+    var modal = $('#modal-image-dialog');
+
+    // Set image content
+    $('#modal-image').attr('src', image_url);
+
+    modal.show();
+
+    modal.animate({
+        opacity: 1.0,
+    }, 250);
+
+    $('#modal-image-close').click(function() {
+        hideModalImage();
+    });
+
+    modal.click(function() {
+        hideModalImage();
+    });
+}
\ No newline at end of file
diff --git a/InvenTree/templates/modals.html b/InvenTree/templates/modals.html
index dea7a8bbfa..9850f482c5 100644
--- a/InvenTree/templates/modals.html
+++ b/InvenTree/templates/modals.html
@@ -1,5 +1,12 @@
 {% load i18n %}
 
+<div class='modal fade modal-image' role='dialog' id='modal-image-dialog'>
+  <span class='modal-close' id='modal-image-close'>&times;</span>
+
+  <img class='modal-image-content' id='modal-image'>
+
+</div>
+
 <div class='modal fade modal-fixed-footer modal-primary' tabindex='-1' role='dialog' id='modal-form'>
     <div class='modal-dialog'>
         <div class='modal-content'>

From 4e7243b999ad86f3c65c88804a84057b7524e3af Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Wed, 17 Mar 2021 23:55:21 +1100
Subject: [PATCH 13/14] Add modal image overlay for company

---
 .../company/templates/company/company_base.html   | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/InvenTree/company/templates/company/company_base.html b/InvenTree/company/templates/company/company_base.html
index 3035eeaa15..eb4ced9965 100644
--- a/InvenTree/company/templates/company/company_base.html
+++ b/InvenTree/company/templates/company/company_base.html
@@ -8,13 +8,18 @@ InvenTree | {% trans "Company" %} - {{ company.name }}
 {% endblock %}
 
 {% block thumbnail %}
-<div class='dropzone' id='company-thumb'>
+<div class='dropzone part-thumb-container' id='company-thumb'>
     <img class="part-thumb"
     {% if company.image %}
     src="{{ company.image.url }}"
     {% else %}
     src="{% static 'img/blank_image.png' %}"
     {% endif %}/>
+    <div class='btn-row part-thumb-overlay'>
+        <div class='btn-group'>
+            <button type='button' class='btn btn-default btn-glyph' title='{% trans "Upload new image" %}' id='company-image-upload'><span class='fas fa-file-upload'></span></button>
+        </div>
+    </div>
 </div>
 {% endblock %}
 
@@ -135,7 +140,13 @@ InvenTree | {% trans "Company" %} - {{ company.name }}
         }
     );
 
-    $("#company-thumb").click(function() {
+    {% if company.image %}
+    $('#company-thumb').click(function() {
+        showModalImage('{{ company.image.url }}');
+    });
+    {% endif %}
+
+    $("#company-image-upload").click(function() {
         launchModalForm(
             "{% url 'company-image' company.id %}",
             {

From 9c91ba4692bc1dfc81a5a48a79d557c7410c3656 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Thu, 18 Mar 2021 09:20:24 +1100
Subject: [PATCH 14/14] Add image download functionality for company

---
 InvenTree/company/forms.py                    | 18 ++++
 .../templates/company/company_base.html       | 25 +++++-
 InvenTree/company/urls.py                     |  1 +
 InvenTree/company/views.py                    | 84 +++++++++++++++++++
 InvenTree/part/templates/part/part_thumb.html |  2 +-
 InvenTree/part/views.py                       |  4 +-
 .../part => templates}/image_download.html    |  0
 7 files changed, 129 insertions(+), 5 deletions(-)
 rename InvenTree/{part/templates/part => templates}/image_download.html (100%)

diff --git a/InvenTree/company/forms.py b/InvenTree/company/forms.py
index 0ad95c3e8c..67ac402ba7 100644
--- a/InvenTree/company/forms.py
+++ b/InvenTree/company/forms.py
@@ -66,6 +66,24 @@ class CompanyImageForm(HelperForm):
         ]
 
 
+class CompanyImageDownloadForm(HelperForm):
+    """
+    Form for downloading an image from a URL
+    """
+
+    url = django.forms.URLField(
+        label=_('URL'),
+        help_text=_('Image URL'),
+        required=True
+    )
+
+    class Meta:
+        model = Company
+        fields = [
+            'url',
+        ]
+
+
 class EditSupplierPartForm(HelperForm):
     """ Form for editing a SupplierPart object """
 
diff --git a/InvenTree/company/templates/company/company_base.html b/InvenTree/company/templates/company/company_base.html
index eb4ced9965..9331e5d895 100644
--- a/InvenTree/company/templates/company/company_base.html
+++ b/InvenTree/company/templates/company/company_base.html
@@ -2,14 +2,19 @@
 
 {% load static %}
 {% load i18n %}
+{% load inventree_extras %}
+
 
 {% block page_title %}
 InvenTree | {% trans "Company" %} - {{ company.name }}
 {% endblock %}
 
+
 {% block thumbnail %}
+{% settings_value "INVENTREE_DOWNLOAD_FROM_URL" as allow_download %}
+
 <div class='dropzone part-thumb-container' id='company-thumb'>
-    <img class="part-thumb"
+    <img class="part-thumb" id='company-image'
     {% if company.image %}
     src="{{ company.image.url }}"
     {% else %}
@@ -18,6 +23,9 @@ InvenTree | {% trans "Company" %} - {{ company.name }}
     <div class='btn-row part-thumb-overlay'>
         <div class='btn-group'>
             <button type='button' class='btn btn-default btn-glyph' title='{% trans "Upload new image" %}' id='company-image-upload'><span class='fas fa-file-upload'></span></button>
+            {% if allow_download %}
+            <button type='button' class='btn btn-default btn-glyph' title="{% trans 'Download image from URL' %}" id='company-image-url'><span class='fas fa-cloud-download-alt'></span></button>
+            {% endif %}
         </div>
     </div>
 </div>
@@ -141,7 +149,7 @@ InvenTree | {% trans "Company" %} - {{ company.name }}
     );
 
     {% if company.image %}
-    $('#company-thumb').click(function() {
+    $('#company-image').click(function() {
         showModalImage('{{ company.image.url }}');
     });
     {% endif %}
@@ -155,4 +163,17 @@ InvenTree | {% trans "Company" %} - {{ company.name }}
         );
     });
 
+    {% settings_value "INVENTREE_DOWNLOAD_FROM_URL" as allow_download %}
+
+    {% if allow_download %}
+    $('#company-image-url').click(function() {
+        launchModalForm(
+            '{% url "company-image-download" company.id %}',
+            {
+                reload: true,
+            }
+        )
+    });
+    {% endif %}
+
 {% endblock %}
\ No newline at end of file
diff --git a/InvenTree/company/urls.py b/InvenTree/company/urls.py
index f5fbeede47..b5ad06019b 100644
--- a/InvenTree/company/urls.py
+++ b/InvenTree/company/urls.py
@@ -21,6 +21,7 @@ company_detail_urls = [
     url(r'^notes/', views.CompanyNotes.as_view(), name='company-notes'),
 
     url(r'^thumbnail/', views.CompanyImage.as_view(), name='company-image'),
+    url(r'^thumb-download/', views.CompanyImageDownloadFromURL.as_view(), name='company-image-download'),
 
     # Any other URL
     url(r'^.*$', views.CompanyDetail.as_view(), name='company-detail'),
diff --git a/InvenTree/company/views.py b/InvenTree/company/views.py
index 59e9b23904..42457d6101 100644
--- a/InvenTree/company/views.py
+++ b/InvenTree/company/views.py
@@ -11,9 +11,14 @@ from django.views.generic import DetailView, ListView, UpdateView
 
 from django.urls import reverse
 from django.forms import HiddenInput
+from django.core.files.base import ContentFile
 
 from moneyed import CURRENCIES
 
+from PIL import Image
+import requests
+import io
+
 from InvenTree.views import AjaxCreateView, AjaxUpdateView, AjaxDeleteView
 from InvenTree.helpers import str2bool
 from InvenTree.views import InvenTreeRoleMixin
@@ -28,6 +33,7 @@ from .forms import EditCompanyForm
 from .forms import CompanyImageForm
 from .forms import EditSupplierPartForm
 from .forms import EditPriceBreakForm
+from .forms import CompanyImageDownloadForm
 
 import common.models
 import common.settings
@@ -150,6 +156,84 @@ class CompanyDetail(DetailView):
         return ctx
 
 
+class CompanyImageDownloadFromURL(AjaxUpdateView):
+    """
+    View for downloading an image from a provided URL
+    """
+
+    model = Company
+    ajax_template_name = 'image_download.html'
+    form_class = CompanyImageDownloadForm
+    ajax_form_title = _('Download Image')
+
+    def validate(self, company, form):
+        """
+        Validate that the image data are correct
+        """
+        # First ensure that the normal validation routines pass
+        if not form.is_valid():
+            return
+
+        # We can now extract a valid URL from the form data
+        url = form.cleaned_data.get('url', None)
+
+        # Download the file
+        response = requests.get(url, stream=True)
+
+        # Look at response header, reject if too large
+        content_length = response.headers.get('Content-Length', '0')
+
+        try:
+            content_length = int(content_length)
+        except (ValueError):
+            # If we cannot extract meaningful length, just assume it's "small enough"
+            content_length = 0
+
+        # TODO: Factor this out into a configurable setting
+        MAX_IMG_LENGTH = 10 * 1024 * 1024
+
+        if content_length > MAX_IMG_LENGTH:
+            form.add_error('url', _('Image size exceeds maximum allowable size for download'))
+            return
+
+        self.response = response
+
+        # Check for valid response code
+        if not response.status_code == 200:
+            form.add_error('url', f"{_('Invalid response')}: {response.status_code}")
+            return
+
+        response.raw.decode_content = True
+
+        try:
+            self.image = Image.open(response.raw).convert()
+            self.image.verify()
+        except:
+            form.add_error('url', _("Supplied URL is not a valid image file"))
+            return
+
+    def save(self, company, form, **kwargs):
+        """
+        Save the downloaded image to the company
+        """
+        fmt = self.image.format
+
+        if not fmt:
+            fmt = 'PNG'
+
+        buffer = io.BytesIO()
+
+        self.image.save(buffer, format=fmt)
+
+        # Construct a simplified name for the image
+        filename = f"company_{company.pk}_image.{fmt.lower()}"
+
+        company.image.save(
+            filename,
+            ContentFile(buffer.getvalue()),
+        )
+
+
 class CompanyImage(AjaxUpdateView):
     """ View for uploading an image for the Company """
     model = Company
diff --git a/InvenTree/part/templates/part/part_thumb.html b/InvenTree/part/templates/part/part_thumb.html
index 9e1de6fc26..dd192843dc 100644
--- a/InvenTree/part/templates/part/part_thumb.html
+++ b/InvenTree/part/templates/part/part_thumb.html
@@ -7,7 +7,7 @@
 <div class="media">
     <div class="media-left part-thumb-container">
       <div class='dropzone' id='part-thumb'>
-          <img class="part-thumb"
+          <img class="part-thumb" id='part-image'
               {% if part.image %}
               src="{{ part.image.url }}"
               {% else %}
diff --git a/InvenTree/part/views.py b/InvenTree/part/views.py
index 3bee3eefa2..29d00a2523 100644
--- a/InvenTree/part/views.py
+++ b/InvenTree/part/views.py
@@ -843,7 +843,7 @@ class PartImageDownloadFromURL(AjaxUpdateView):
 
     model = Part
 
-    ajax_template_name = 'part/image_download.html'
+    ajax_template_name = 'image_download.html'
     form_class = part_forms.PartImageDownloadForm
     ajax_form_title = _('Download Image')
 
@@ -890,7 +890,7 @@ class PartImageDownloadFromURL(AjaxUpdateView):
         response.raw.decode_content = True
 
         try:
-            self.image = Image.open(response.raw).convert('RGB')
+            self.image = Image.open(response.raw).convert()
             self.image.verify()
         except:
             form.add_error('url', _("Supplied URL is not a valid image file"))
diff --git a/InvenTree/part/templates/part/image_download.html b/InvenTree/templates/image_download.html
similarity index 100%
rename from InvenTree/part/templates/part/image_download.html
rename to InvenTree/templates/image_download.html