crewmate/crewmate

View on GitHub
app/controllers/uploads_controller.rb

Summary

Maintainability
A
3 hrs
Test Coverage
# -*- encoding : utf-8 -*-
class UploadsController < ApplicationController
  before_filter :find_upload, :only => [:destroy,:update,:thumbnail,:show]
  skip_before_filter :load_project, :only => [:download]
  before_filter :set_page_title

  rescue_from CanCan::AccessDenied do |exception|
    respond_to do |f|
      error_message = "You are not allowed to do that!"
      f.js             { render :text => "alert('#{error_message}')" }
      f.any(:html, :m) { render :text => "alert('#{error_message}')" }
    end
  end

  def download
    head(:not_found) and return if (upload = Upload.find_by_id(params[:id])).nil?
    head(:forbidden) and return unless upload.downloadable?(current_user)

    if !!Teambox.config.amazon_s3
      unless upload.asset.exists?(params[:style]) && params[:filename].to_s == upload.asset_file_name
        head(:bad_request)
        raise "Unable to download file"
      end
      redirect_to upload.s3_url(params[:style])
    else
      path = upload.asset.path(params[:style])
      unless File.exist?(path) && params[:filename].to_s == upload.asset_file_name
        head(:bad_request)
        raise "Unable to download file"
      end

      mime_type = File.mime_type?(upload.asset_file_name)

      mime_type = 'application/octet-stream' if mime_type == 'unknown/unknown'

      send_file_options = { :type => mime_type }

      response.headers['Cache-Control'] = 'private, max-age=31557600'

      send_file(path, send_file_options)
    end
  end

  def index
    @uploads = @current_project.uploads.order('updated_at DESC')
    @upload ||= @current_project.uploads.new
  end

  def show
    redirect_to @upload.url
  end

  def new
    authorize! :upload_files, @current_project
    @upload = @current_project.uploads.new
    @upload.user = current_user
  end

  def create
    authorize! :upload_files, @current_project
    authorize! :update, @page if @page
    @upload = @current_project.uploads.new params[:upload]
    @upload.user = current_user
    @page = @upload.page
    calculate_position(@upload) if @page

    @upload.save

    respond_to do |wants|
      wants.any(:html, :m) {
        if @upload.new_record?
          flash.now[:error] = "There was an error uploading the file"
          render :new
        elsif @upload.page
          if iframe?
            code = render_to_string 'create.js.rjs', :layout => false
            render :template => 'shared/iframe_rjs', :layout => false, :locals => { :code => code }
          else
            redirect_to [@current_project, @upload.page]
          end
        else
          redirect_to [@current_project, :uploads]
        end
      }
    end
  end

  def update
    authorize! :update, @upload
    @upload.update_attributes(params[:upload])

    respond_to do |format|
      format.js   { render :layout => false }
      format.any(:html, :m)  { redirect_to project_uploads_path(@current_project) }
    end
  end

  def destroy
    authorize! :destroy, @upload
    @slot_id = @upload.page_slot.try(:id)
    @upload.try(:destroy)

    respond_to do |f|
      f.js   { render :layout => false }
      f.any(:html, :m) do
        flash[:success] = t('deleted.upload', :name => @upload.to_s)
        redirect_to project_uploads_path(@current_project)
      end
    end
  end

  private

    def find_upload
      if params[:id].to_s.match /^\d+$/
        @upload = @current_project.uploads.find(params[:id])
      else
        @upload = @current_project.uploads.find_by_asset_file_name(params[:id])
      end
    end

end