upload files to private location in django

Question

Everything I found so far in the django documentation on FileFields and managing uploaded files seems to assume that you want the uploaded file to end up in a location under MEDIA_ROOT that can be served from a URL under MEDIA-URL there are mechanisms to provide authorization for access to the files but not it seems for them to just not be in the MEDIA_URL path.

What I want to do is to be able to upload files (actually excel spreadsheets) to a location that my application internals can access using xlrd to add data to my database via models.

I do not want the files to be downloadable at some URL.

I'd like to be able to use either FileField or some add-on package to upload files to a distinct part of the directory tree - say UPLOAD_ROOT which is not under MEDIA_ROOT so it can never be served, but is accessible to my models and other 'python` code.

Answer 1

The default FileSystemStorage insists on saving below the MEDIA_ROOT, but you can use a different storage for your private files:

# in your models.py, or in a separate storage.py
upload_storage = FileSystemStorage(location=UPLOAD_ROOT, base_url='/does/not/matter/')

# models.py
class YourModel(models.Model):
    file = models.FileField(upload_to="some/relative/path", storage=upload_storage)

Then use the usual Django facilities for file handling... forms, the admin etc. should all work.