Sanity checks, updated quickstart.

doc/quickstart.rst

@@ -194,11 +194,34 @@ class and implementing database-related methods.
 
 Please refer to :mod:`flask.ext.adminex.ext.sqlamodel` documentation on how to customize behavior of model-based administrative views.
 
+File Admin
+----------
+
+Flask-AdminEx comes with another handy battery - file admin. It gives you ability to manage files on your server (upload, delete, rename, etc).
+
+Here is simple example::
+
+    from flask.ext.adminex.ext.fileadmin import FileAdmin
+
+    import os.path as op
+
+    # Flask setup here
+
+    admin = Admin()
+
+    path = op.join(op.dirname(__file__), 'static')
+    admin.add_view(path, '/static/', name='Static Files')
+    admin.setup_app(app)
+
+You can disable uploads, disable file or directory deletion, restrict file uploads to certain types and so on.
+Check :mod:`flask.ext.adminex.ext.fileadmin` documentation on how to do it.
+
 Examples
 --------
 
-Flask-AdminEx comes with three samples:
+Flask-AdminEx comes with four samples:
 
 - `Simple administrative interface <https://github.com/MrJoes/Flask-AdminEx/tree/master/examples/simple>`_ with custom administrative views
 - `SQLAlchemy model example <https://github.com/MrJoes/Flask-AdminEx/tree/master/examples/sqla>`_
 - `Flask-Login integration example <https://github.com/MrJoes/Flask-AdminEx/tree/master/examples/auth>`_
+- `File management interface <https://github.com/MrJoes/Flask-AdminEx/tree/master/examples/file>`_

flask_adminex/ext/fileadmin.py

@@ -297,6 +297,10 @@ class FileAdmin(BaseView):
         # Get path and verify if it is valid
         base_path, directory, path = self._normalize_path(path)
 
+        if not self.can_upload:
+            flash('File uploading is disabled.', 'error')
+            return redirect(self._get_dir_url('.index', path))
+
         form = UploadForm(request.form, self)
         if form.validate_on_submit():
             filename = op.join(directory,
@@ -326,6 +330,10 @@ class FileAdmin(BaseView):
 
         dir_url = self._get_dir_url('.index', path)
 
+        if not self.can_mkdir:
+            flash('Directory creation is disabled.', 'error')
+            return redirect(dir_url)
+
         form = NameForm(request.form)
 
         if form.validate_on_submit():
@@ -354,6 +362,10 @@ class FileAdmin(BaseView):
 
         return_url = self._get_dir_url('.index', op.dirname(path))
 
+        if not self.can_delete:
+            flash('Deletion is disabled.')
+            return redirect(return_url)
+
         if op.isdir(full_path):
             if not self.can_delete_dirs:
                 return redirect(return_url)
@@ -386,6 +398,10 @@ class FileAdmin(BaseView):
 
         return_url = self._get_dir_url('.index', op.dirname(path))
 
+        if not self.can_rename:
+            flash('Renaming is disabled.')
+            return redirect(return_url)
+
         if not op.exists(full_path):
             flash('Path does not exist.')
             return redirect(return_url)

flask_adminex/templates/admin/file/list.html

@@ -35,7 +35,7 @@
                 </a>
                 {% endif %}
                 {%- if admin_view.can_delete and path -%}
-                    {% if is_dir %}
+                    {% if is_dir and admin_view.can_delete_dirs %}
                         {% if name != '..' %}
                         <form class="icon" method="POST" action="{{ url_for('.delete') }}">
                             <input type="hidden" name="path" value="{{ path }}"></input>