Mercurial > hg > soundsoftware-site
diff app/controllers/attachments_controller.rb @ 1338:25603efa57b5
Merge from live branch
| author | Chris Cannam |
|---|---|
| date | Thu, 20 Jun 2013 13:14:14 +0100 |
| parents | 2f6e71e31b55 |
| children | 4f746d8966dd |
line wrap: on
line diff
--- a/app/controllers/attachments_controller.rb Wed Jan 23 13:11:25 2013 +0000 +++ b/app/controllers/attachments_controller.rb Thu Jun 20 13:14:14 2013 +0100 @@ -1,5 +1,5 @@ # Redmine - project management software -# Copyright (C) 2006-2011 Jean-Philippe Lang +# Copyright (C) 2006-2012 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -16,16 +16,16 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. class AttachmentsController < ApplicationController + before_filter :find_project, :except => :upload + before_filter :file_readable, :read_authorize, :only => [:show, :download, :thumbnail] + before_filter :delete_authorize, :only => :destroy + before_filter :authorize_global, :only => :upload + before_filter :active_authorize, :only => :toggle_active include AttachmentsHelper helper :attachments - before_filter :find_project - before_filter :file_readable, :read_authorize, :except => :destroy - before_filter :delete_authorize, :only => :destroy - before_filter :active_authorize, :only => :toggle_active - - accept_api_auth :show, :download + accept_api_auth :show, :download, :upload def show respond_to do |format| @@ -58,26 +58,66 @@ @attachment.increment_download end - # images are sent inline - send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename), - :type => detect_content_type(@attachment), - :disposition => (@attachment.image? ? 'inline' : 'attachment') - + if stale?(:etag => @attachment.digest) + # images are sent inline + send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename), + :type => detect_content_type(@attachment), + :disposition => (@attachment.image? ? 'inline' : 'attachment') + end end - verify :method => :delete, :only => :destroy + def thumbnail + if @attachment.thumbnailable? && thumbnail = @attachment.thumbnail(:size => params[:size]) + if stale?(:etag => thumbnail) + send_file thumbnail, + :filename => filename_for_content_disposition(@attachment.filename), + :type => detect_content_type(@attachment), + :disposition => 'inline' + end + else + # No thumbnail for the attachment or thumbnail could not be created + render :nothing => true, :status => 404 + end + end + + def upload + # Make sure that API users get used to set this content type + # as it won't trigger Rails' automatic parsing of the request body for parameters + unless request.content_type == 'application/octet-stream' + render :nothing => true, :status => 406 + return + end + + @attachment = Attachment.new(:file => request.raw_post) + @attachment.author = User.current + @attachment.filename = params[:filename].presence || Redmine::Utils.random_hex(16) + + if @attachment.save + respond_to do |format| + format.api { render :action => 'upload', :status => :created } + end + else + respond_to do |format| + format.api { render_validation_errors(@attachment) } + end + end + end + def destroy + if @attachment.container.respond_to?(:init_journal) + @attachment.container.init_journal(User.current) + end # Make sure association callbacks are called @attachment.container.attachments.delete(@attachment) - redirect_to :back - rescue ::ActionController::RedirectBackError - redirect_to :controller => 'projects', :action => 'show', :id => @project + redirect_to_referer_or project_path(@project) end def toggle_active @attachment.active = !@attachment.active? @attachment.save! - render :layout => false + respond_to do |format| + format.js + end end private