Mercurial > hg > soundsoftware-site

comparison app/controllers/attachments_controller.rb @ 1338:25603efa57b5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge from live branch
author Chris Cannam
date Thu, 20 Jun 2013 13:14:14 +0100
parents 2f6e71e31b55
children 4f746d8966dd
comparison
equal deleted inserted replaced
1209:1b1138f6f55e 1338:25603efa57b5
1 # Redmine - project management software 1 # Redmine - project management software
2 # Copyright (C) 2006-2011 Jean-Philippe Lang 2 # Copyright (C) 2006-2012 Jean-Philippe Lang
3 # 3 #
4 # This program is free software; you can redistribute it and/or 4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License 5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2 6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version. 7 # of the License, or (at your option) any later version.
14 # You should have received a copy of the GNU General Public License 14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software 15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 class AttachmentsController < ApplicationController 18 class AttachmentsController < ApplicationController
19 before_filter :find_project, :except => :upload
20 before_filter :file_readable, :read_authorize, :only => [:show, :download, :thumbnail]
21 before_filter :delete_authorize, :only => :destroy
22 before_filter :authorize_global, :only => :upload
23 before_filter :active_authorize, :only => :toggle_active
19 24
20 include AttachmentsHelper 25 include AttachmentsHelper
21 helper :attachments 26 helper :attachments
22 27
23 before_filter :find_project 28 accept_api_auth :show, :download, :upload
24 before_filter :file_readable, :read_authorize, :except => :destroy
25 before_filter :delete_authorize, :only => :destroy
26 before_filter :active_authorize, :only => :toggle_active
27
28 accept_api_auth :show, :download
29 29
30 def show 30 def show
31 respond_to do |format| 31 respond_to do |format|
32 format.html { 32 format.html {
33 if @attachment.is_diff? 33 if @attachment.is_diff?
56 # or Project. Not good for us, we want to tally all downloads [by humans] 56 # or Project. Not good for us, we want to tally all downloads [by humans]
57 if not user_is_search_bot? 57 if not user_is_search_bot?
58 @attachment.increment_download 58 @attachment.increment_download
59 end 59 end
60 60
61 # images are sent inline 61 if stale?(:etag => @attachment.digest)
62 send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename), 62 # images are sent inline
63 :type => detect_content_type(@attachment), 63 send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename),
64 :disposition => (@attachment.image? ? 'inline' : 'attachment') 64 :type => detect_content_type(@attachment),
65 65 :disposition => (@attachment.image? ? 'inline' : 'attachment')
66 end
66 end 67 end
67 68
68 verify :method => :delete, :only => :destroy 69 def thumbnail
70 if @attachment.thumbnailable? && thumbnail = @attachment.thumbnail(:size => params[:size])
71 if stale?(:etag => thumbnail)
72 send_file thumbnail,
73 :filename => filename_for_content_disposition(@attachment.filename),
74 :type => detect_content_type(@attachment),
75 :disposition => 'inline'
76 end
77 else
78 # No thumbnail for the attachment or thumbnail could not be created
79 render :nothing => true, :status => 404
80 end
81 end
82
83 def upload
84 # Make sure that API users get used to set this content type
85 # as it won't trigger Rails' automatic parsing of the request body for parameters
86 unless request.content_type == 'application/octet-stream'
87 render :nothing => true, :status => 406
88 return
89 end
90
91 @attachment = Attachment.new(:file => request.raw_post)
92 @attachment.author = User.current
93 @attachment.filename = params[:filename].presence || Redmine::Utils.random_hex(16)
94
95 if @attachment.save
96 respond_to do |format|
97 format.api { render :action => 'upload', :status => :created }
98 end
99 else
100 respond_to do |format|
101 format.api { render_validation_errors(@attachment) }
102 end
103 end
104 end
105
69 def destroy 106 def destroy
107 if @attachment.container.respond_to?(:init_journal)
108 @attachment.container.init_journal(User.current)
109 end
70 # Make sure association callbacks are called 110 # Make sure association callbacks are called
71 @attachment.container.attachments.delete(@attachment) 111 @attachment.container.attachments.delete(@attachment)
72 redirect_to :back 112 redirect_to_referer_or project_path(@project)
73 rescue ::ActionController::RedirectBackError
74 redirect_to :controller => 'projects', :action => 'show', :id => @project
75 end 113 end
76 114
77 def toggle_active 115 def toggle_active
78 @attachment.active = !@attachment.active? 116 @attachment.active = !@attachment.active?
79 @attachment.save! 117 @attachment.save!
80 render :layout => false 118 respond_to do |format|
119 format.js
120 end
81 end 121 end
82 122
83 private 123 private
84 def find_project 124 def find_project
85 @attachment = Attachment.find(params[:id]) 125 @attachment = Attachment.find(params[:id])