Mercurial > hg > soundsoftware-site
comparison app/controllers/attachments_controller.rb @ 1115:433d4f72a19b redmine-2.2
Update to Redmine SVN revision 11137 on 2.2-stable branch
| author | Chris Cannam |
|---|---|
| date | Mon, 07 Jan 2013 12:01:42 +0000 |
| parents | cbb26bc654de |
| children | bb32da3bea34 622f24f53b42 |
comparison
equal
deleted
inserted
replaced
| 929:5f33065ddc4b | 1115:433d4f72a19b |
|---|---|
| 1 # Redmine - project management software | 1 # Redmine - project management software |
| 2 # Copyright (C) 2006-2011 Jean-Philippe Lang | 2 # Copyright (C) 2006-2012 Jean-Philippe Lang |
| 3 # | 3 # |
| 4 # This program is free software; you can redistribute it and/or | 4 # This program is free software; you can redistribute it and/or |
| 5 # modify it under the terms of the GNU General Public License | 5 # modify it under the terms of the GNU General Public License |
| 6 # as published by the Free Software Foundation; either version 2 | 6 # as published by the Free Software Foundation; either version 2 |
| 7 # of the License, or (at your option) any later version. | 7 # of the License, or (at your option) any later version. |
| 14 # You should have received a copy of the GNU General Public License | 14 # You should have received a copy of the GNU General Public License |
| 15 # along with this program; if not, write to the Free Software | 15 # along with this program; if not, write to the Free Software |
| 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | 17 |
| 18 class AttachmentsController < ApplicationController | 18 class AttachmentsController < ApplicationController |
| 19 before_filter :find_project | 19 before_filter :find_project, :except => :upload |
| 20 before_filter :file_readable, :read_authorize, :except => :destroy | 20 before_filter :file_readable, :read_authorize, :only => [:show, :download, :thumbnail] |
| 21 before_filter :delete_authorize, :only => :destroy | 21 before_filter :delete_authorize, :only => :destroy |
| 22 before_filter :authorize_global, :only => :upload | |
| 22 | 23 |
| 23 accept_api_auth :show, :download | 24 accept_api_auth :show, :download, :upload |
| 24 | 25 |
| 25 def show | 26 def show |
| 26 respond_to do |format| | 27 respond_to do |format| |
| 27 format.html { | 28 format.html { |
| 28 if @attachment.is_diff? | 29 if @attachment.is_diff? |
| 49 def download | 50 def download |
| 50 if @attachment.container.is_a?(Version) || @attachment.container.is_a?(Project) | 51 if @attachment.container.is_a?(Version) || @attachment.container.is_a?(Project) |
| 51 @attachment.increment_download | 52 @attachment.increment_download |
| 52 end | 53 end |
| 53 | 54 |
| 54 # images are sent inline | 55 if stale?(:etag => @attachment.digest) |
| 55 send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename), | 56 # images are sent inline |
| 56 :type => detect_content_type(@attachment), | 57 send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename), |
| 57 :disposition => (@attachment.image? ? 'inline' : 'attachment') | 58 :type => detect_content_type(@attachment), |
| 58 | 59 :disposition => (@attachment.image? ? 'inline' : 'attachment') |
| 60 end | |
| 59 end | 61 end |
| 60 | 62 |
| 61 verify :method => :delete, :only => :destroy | 63 def thumbnail |
| 64 if @attachment.thumbnailable? && thumbnail = @attachment.thumbnail(:size => params[:size]) | |
| 65 if stale?(:etag => thumbnail) | |
| 66 send_file thumbnail, | |
| 67 :filename => filename_for_content_disposition(@attachment.filename), | |
| 68 :type => detect_content_type(@attachment), | |
| 69 :disposition => 'inline' | |
| 70 end | |
| 71 else | |
| 72 # No thumbnail for the attachment or thumbnail could not be created | |
| 73 render :nothing => true, :status => 404 | |
| 74 end | |
| 75 end | |
| 76 | |
| 77 def upload | |
| 78 # Make sure that API users get used to set this content type | |
| 79 # as it won't trigger Rails' automatic parsing of the request body for parameters | |
| 80 unless request.content_type == 'application/octet-stream' | |
| 81 render :nothing => true, :status => 406 | |
| 82 return | |
| 83 end | |
| 84 | |
| 85 @attachment = Attachment.new(:file => request.raw_post) | |
| 86 @attachment.author = User.current | |
| 87 @attachment.filename = params[:filename].presence || Redmine::Utils.random_hex(16) | |
| 88 | |
| 89 if @attachment.save | |
| 90 respond_to do |format| | |
| 91 format.api { render :action => 'upload', :status => :created } | |
| 92 end | |
| 93 else | |
| 94 respond_to do |format| | |
| 95 format.api { render_validation_errors(@attachment) } | |
| 96 end | |
| 97 end | |
| 98 end | |
| 99 | |
| 62 def destroy | 100 def destroy |
| 101 if @attachment.container.respond_to?(:init_journal) | |
| 102 @attachment.container.init_journal(User.current) | |
| 103 end | |
| 63 # Make sure association callbacks are called | 104 # Make sure association callbacks are called |
| 64 @attachment.container.attachments.delete(@attachment) | 105 @attachment.container.attachments.delete(@attachment) |
| 65 redirect_to :back | 106 redirect_to_referer_or project_path(@project) |
| 66 rescue ::ActionController::RedirectBackError | |
| 67 redirect_to :controller => 'projects', :action => 'show', :id => @project | |
| 68 end | 107 end |
| 69 | 108 |
| 70 private | 109 private |
| 71 def find_project | 110 def find_project |
| 72 @attachment = Attachment.find(params[:id]) | 111 @attachment = Attachment.find(params[:id]) |