scinote-web/app/controllers/assets_controller.rb

185 lines
5.2 KiB
Ruby
Raw Normal View History

2016-02-12 23:52:43 +08:00
class AssetsController < ApplicationController
2016-09-29 21:30:55 +08:00
include WopiUtil
2017-03-13 20:20:49 +08:00
# include ActionView::Helpers
include ActionView::Helpers::AssetTagHelper
include ActionView::Helpers::TextHelper
2017-03-13 20:20:49 +08:00
include ActionView::Helpers::UrlHelper
include ActionView::Context
include InputSanitizeHelper
include FileIconsHelper
2016-09-29 21:30:55 +08:00
2016-12-08 22:24:14 +08:00
before_action :load_vars
before_action :check_read_permission, except: :file_present
2016-12-21 23:52:15 +08:00
before_action :check_edit_permission, only: :edit
2016-02-12 23:52:43 +08:00
2016-07-21 19:11:15 +08:00
def file_present
respond_to do |format|
format.json do
if @asset.file.processing?
render json: {}, status: 404
else
2016-07-21 19:11:15 +08:00
# Only if file is present,
# check_read_permission
check_read_permission
# If check_read_permission already rendered error,
# stop execution
return if performed?
2016-07-21 19:11:15 +08:00
# If check permission passes, return :ok
render json: {
'asset-id' => @asset.id,
'image-tag-url' => @asset.url(:medium),
2018-03-30 17:50:28 +08:00
'preview-url' => asset_file_preview_path(@asset),
'filename' => truncate(@asset.file_file_name,
length:
Constants::FILENAME_TRUNCATION_LENGTH),
'download-url' => download_asset_path(@asset),
2018-03-30 17:50:28 +08:00
'type' => asset_data_type(@asset)
}, status: 200
2016-07-21 19:11:15 +08:00
end
end
2016-07-21 19:11:15 +08:00
end
end
2018-03-30 17:50:28 +08:00
def file_preview
response_json = {
'type' => (@asset.is_image? ? 'image' : 'file'),
'filename' => truncate(@asset.file_file_name,
length:
Constants::FILENAME_TRUNCATION_LENGTH),
'download-url' => download_asset_path(@asset)
}
if @asset.is_image?
response_json['large-preview-url'] = @asset.url(:large)
else
response_json['preview-icon'] = render_to_string(
partial: 'shared/file_preview_icon.html.erb',
locals: { asset: @asset }
)
end
if wopi_file?(@asset)
can_edit =
if @assoc.class == Step
can_manage_protocol_in_module?(@protocol) ||
can_manage_protocol_in_repository?(@protocol)
elsif @assoc.class == Result
can_manage_module?(@my_module)
elsif @assoc.class == RepositoryCell
# TBD
end
response_json['wopi-controls'] = render_to_string(
partial: 'shared/file_wopi_controlls.html.erb',
locals: { asset: @asset, can_edit: can_edit }
)
end
respond_to do |format|
format.json do
2018-03-30 17:50:28 +08:00
render json: response_json
end
2016-02-12 23:52:43 +08:00
end
end
def download
2016-07-21 19:11:15 +08:00
if !@asset.file_present
render_404 and return
elsif @asset.file.is_stored_on_s3?
redirect_to @asset.presigned_url(download: true), status: 307
2016-02-12 23:52:43 +08:00
else
send_file @asset.file.path, filename: URI.unescape(@asset.file_file_name),
2016-02-12 23:52:43 +08:00
type: @asset.file_content_type
end
end
def edit
2016-10-05 00:00:08 +08:00
@action_url = append_wd_params(@asset
.get_action_url(current_user, 'edit', false))
2016-09-29 18:19:29 +08:00
@favicon_url = @asset.favicon_url('edit')
tkn = current_user.get_wopi_token
@token = tkn.token
@ttl = (tkn.ttl * 1000).to_s
2016-09-29 21:30:55 +08:00
create_wopi_file_activity(current_user, true)
2016-10-04 02:02:13 +08:00
render layout: false
end
def view
2016-10-05 00:00:08 +08:00
@action_url = append_wd_params(@asset
.get_action_url(current_user, 'view', false))
2016-09-29 18:19:29 +08:00
@favicon_url = @asset.favicon_url('view')
tkn = current_user.get_wopi_token
@token = tkn.token
@ttl = (tkn.ttl * 1000).to_s
2016-10-04 02:02:13 +08:00
render layout: false
end
2016-02-12 23:52:43 +08:00
private
def load_vars
@asset = Asset.find_by_id(params[:id])
return render_404 unless @asset
2016-02-12 23:52:43 +08:00
step_assoc = @asset.step
result_assoc = @asset.result
2018-03-10 00:04:54 +08:00
repository_cell_assoc = @asset.repository_cell
@assoc = step_assoc unless step_assoc.nil?
@assoc = result_assoc unless result_assoc.nil?
2018-03-10 00:04:54 +08:00
@assoc = repository_cell_assoc unless repository_cell_assoc.nil?
2016-02-12 23:52:43 +08:00
2016-07-21 19:11:15 +08:00
if @assoc.class == Step
@protocol = @asset.step.protocol
2018-03-10 00:04:54 +08:00
elsif @assoc.class == Result
2016-07-21 19:11:15 +08:00
@my_module = @assoc.my_module
2018-03-10 00:04:54 +08:00
else
# TBD
2016-07-21 19:11:15 +08:00
end
2016-02-12 23:52:43 +08:00
end
def check_read_permission
if @assoc.class == Step
render_403 && return unless can_read_protocol_in_module?(@protocol) ||
can_read_protocol_in_repository?(@protocol)
2016-02-12 23:52:43 +08:00
elsif @assoc.class == Result
render_403 and return unless can_read_experiment?(@my_module.experiment)
2018-03-10 00:04:54 +08:00
elsif @assoc.class == RepositoryCell
# TBD
2016-02-12 23:52:43 +08:00
end
end
def check_edit_permission
if @assoc.class == Step
render_403 && return unless can_manage_protocol_in_module?(@protocol) ||
can_manage_protocol_in_repository?(@protocol)
elsif @assoc.class == Result
render_403 and return unless can_manage_module?(@my_module)
2018-03-10 00:04:54 +08:00
elsif @assoc.class == RepositoryCell
# TBD
end
end
2016-10-05 00:00:08 +08:00
def append_wd_params(url)
wd_params = ''
params.keys.select { |i| i[/^wd.*/] }.each do |wd|
next if wd == 'wdPreviousSession' || wd == 'wdPreviousCorrelation'
wd_params += "&#{wd}=#{params[wd]}"
end
url + wd_params
end
def asset_params
params.permit(
:file
)
end
2017-03-13 20:20:49 +08:00
def asset_data_type(asset)
return 'wopi' if wopi_file?(asset)
return 'image' if asset.is_image?
'file'
end
2016-07-21 19:11:15 +08:00
end