bigdir/app/controllers/attachments_controller.rb

295 lines
9.2 KiB
Ruby
Raw Permalink Normal View History

2013-08-01 10:33:49 +08:00
# Redmine - project management software
# Copyright (C) 2006-2013 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AttachmentsController < ApplicationController
2014-03-06 16:47:28 +08:00
before_filter :find_project, :only => [:show, :download, :thumbnail, :destroy, :delete_homework]#, :except => [:upload, :autocomplete]
before_filter :file_readable, :read_authorize, :only => [:show, :thumbnail]#Modified by young
2013-08-01 10:33:49 +08:00
before_filter :delete_authorize, :only => :destroy
before_filter :authorize_global, :only => :upload
2014-04-10 16:23:40 +08:00
2014-04-21 20:00:50 +08:00
before_filter :login_without_softapplication, only: [:download]
2013-08-01 10:33:49 +08:00
accept_api_auth :show, :download, :upload
def show
respond_to do |format|
format.html {
if @attachment.is_diff?
@diff = File.new(@attachment.diskfile, "rb").read
@diff_type = params[:type] || User.current.pref[:diff_type] || 'inline'
@diff_type = 'inline' unless %w(inline sbs).include?(@diff_type)
# Save diff type as user preference
if User.current.logged? && @diff_type != User.current.pref[:diff_type]
User.current.pref[:diff_type] = @diff_type
User.current.preference.save
end
render :action => 'diff'
elsif @attachment.is_text? && @attachment.filesize <= Setting.file_max_size_displayed.to_i.kilobyte
@content = File.new(@attachment.diskfile, "rb").read
render :action => 'file'
else
download
end
}
format.api
end
end
def download
2014-01-18 10:57:09 +08:00
if true || @attachment.container.is_a?(Version) || @attachment.container.is_a?(Project)
2013-08-01 10:33:49 +08:00
@attachment.increment_download
end
if stale?(:etag => @attachment.digest)
# images are sent inline
send_file @attachment.diskfile, :filename => filename_for_content_disposition(@attachment.filename),
:type => detect_content_type(@attachment),
:disposition => (@attachment.image? ? 'inline' : 'attachment')
end
2014-06-17 18:38:13 +08:00
rescue => e
2014-07-05 11:00:01 +08:00
redirect_to "http://" + (Setting.host_name.to_s) +"/file_not_found.html"
2013-08-01 10:33:49 +08:00
end
#更新资源文件类型
def updateType
@attachment = Attachment.find(params[:attachmentid])
if @attachment != nil
@attachment.attachtype = params[:newtype]
@attachment.save
render :text =>'success'
else
render :text=>'error'
end
end
2013-08-01 10:33:49 +08:00
def thumbnail
if @attachment.thumbnailable? && thumbnail = @attachment.thumbnail(:size => params[:size])
if stale?(:etag => thumbnail)
send_file thumbnail,
:filename => filename_for_content_disposition(@attachment.filename),
:type => detect_content_type(@attachment),
:disposition => 'inline'
end
else
# No thumbnail for the attachment or thumbnail could not be created
render :nothing => true, :status => 404
end
end
def upload
# Make sure that API users get used to set this content type
# as it won't trigger Rails' automatic parsing of the request body for parameters
unless request.content_type == 'application/octet-stream'
render :nothing => true, :status => 406
return
end
@attachment = Attachment.new(:file => request.raw_post)
@attachment.author = User.current
@attachment.filename = params[:filename].presence || Redmine::Utils.random_hex(16)
saved = @attachment.save
respond_to do |format|
format.js
format.api {
if saved
render :action => 'upload', :status => :created
else
render_validation_errors(@attachment)
end
}
end
end
def destroy
if @attachment.container.respond_to?(:init_journal)
@attachment.container.init_journal(User.current)
end
if @attachment.container
# Make sure association callbacks are called
2014-06-26 17:47:27 +08:00
@attachment.container.attachments.delete(@attachment)
2013-08-01 10:33:49 +08:00
else
@attachment.destroy
end
respond_to do |format|
# modify by nwb
if @attachment.container_type == 'Course'
if @course.nil?
format.html { redirect_to_referer_or forum_memo_path(@attachment.container.forum, @attachment.container) }
else
format.html { redirect_to_referer_or course_path(@course) }
end
else
if @project.nil?
format.html { redirect_to_referer_or forum_memo_path(@attachment.container.forum, @attachment.container) }
else
format.html { redirect_to_referer_or project_path(@project) }
end
end
2013-08-01 10:33:49 +08:00
format.js
end
end
def delete_homework
@bid = @attachment.container.bid
# Make sure association callbacks are called
container = @attachment.container
@attachment.container.attachments.delete(@attachment)
#if container.attachments.empty?
#container.delete
#end
respond_to do |format|
format.html { redirect_to_referer_or respond_path(@bid) }
format.js
end
end
2013-08-01 10:33:49 +08:00
2014-03-05 11:17:16 +08:00
def autocomplete
2014-07-02 14:58:52 +08:00
# modify by nwb
if params[:project_id]
@project = Project.find_by_id(params[:project_id])
elsif params[:course_id]
@course = Course.find_by_id(params[:course_id])
end
2014-03-05 11:17:16 +08:00
respond_to do |format|
format.js
end
end
2014-03-06 16:47:28 +08:00
def add_exist_file_to_project
classname = params[:class_name]
class_id = params[:class_id]
attachments = params[:attachment][:attach]
obj = Object.const_get(classname).find_by_id(class_id)
attachments.collect do |attach_id|
ori = Attachment.find_by_id(attach_id)
next if ori.blank?
attach_copied_obj = ori.copy
2014-04-14 14:51:12 +08:00
attach_copied_obj.tag_list.add(ori.tag_list) # tag关联
2014-03-06 16:47:28 +08:00
attach_copied_obj.container = obj
attach_copied_obj.created_on = Time.now
2014-03-07 16:49:45 +08:00
attach_copied_obj.author_id = User.current.id
2014-03-06 16:47:28 +08:00
@obj = obj
@save_flag = attach_copied_obj.save
@save_message = attach_copied_obj.errors.full_messages
end
respond_to do |format|
format.js
end
rescue NoMethodError
@save_flag = false
@save_message = [] << l(:error_attachment_empty)
respond_to do |format|
format.js
end
end
def add_exist_file_to_course
class_id = params[:class_id]
attachments = params[:attachment][:attach]
obj = Course.find_by_id(class_id)
attachments.collect do |attach_id|
ori = Attachment.find_by_id(attach_id)
next if ori.blank?
attach_copied_obj = ori.copy
attach_copied_obj.tag_list.add(ori.tag_list) # tag关联
attach_copied_obj.container = obj
attach_copied_obj.created_on = Time.now
attach_copied_obj.author_id = User.current.id
@obj = obj
@save_flag = attach_copied_obj.save
@save_message = attach_copied_obj.errors.full_messages
end
respond_to do |format|
format.js
end
rescue NoMethodError
@save_flag = false
@save_message = [] << l(:error_attachment_empty)
respond_to do |format|
format.js
end
end
2013-08-01 10:33:49 +08:00
private
def find_project
@attachment = Attachment.find(params[:id])
# Show 404 if the filename in the url is wrong
# modify by nwb
2013-08-01 10:33:49 +08:00
raise ActiveRecord::RecordNotFound if params[:filename] && params[:filename] != @attachment.filename
if @attachment.container_type == 'Course'
@course = @attachment.course
else
unless @attachment.container_type == 'Bid' || @attachment.container_type == 'HomeworkAttach' || @attachment.container_type == 'Memo' || @attachment.container_type == 'Softapplication'
@project = @attachment.project
end
2013-09-13 21:52:24 +08:00
end
2013-08-01 10:33:49 +08:00
rescue ActiveRecord::RecordNotFound
render_404
end
# Checks that the file exists and is readable
def file_readable
if @attachment.readable?
true
else
logger.error "Cannot send attachment, #{@attachment.diskfile} does not exist or is unreadable."
render_404
end
end
def read_authorize
2014-05-23 09:18:17 +08:00
if @attachment.container_type == "HomeworkAttach" || @attachment.container_type == 'Bid'
2014-05-21 14:44:53 +08:00
true
#User.current.allowed_to?(:view_homework_attaches, @attachment.project) ? true : deny_access
else
@attachment.visible? ? true : deny_access
end
2013-08-01 10:33:49 +08:00
end
def delete_authorize
@attachment.deletable? ? true : deny_access
end
def detect_content_type(attachment)
content_type = attachment.content_type
if content_type.blank?
content_type = Redmine::MimeType.of(attachment.filename)
end
content_type.to_s
end
2014-04-21 20:00:50 +08:00
def login_without_softapplication
2014-04-21 20:05:26 +08:00
referer = request.headers['Referer']
2014-04-21 20:00:50 +08:00
require_login unless referer =~ /softapplication/
2014-04-21 20:05:26 +08:00
end
2014-05-17 14:07:57 +08:00
def renderTag
@attachmentNew = Attachment.find(params[:attchmentId])
respond_to do |format|
format.js
end
end
2013-08-01 10:33:49 +08:00
end