2016-02-12 23:52:43 +08:00
|
|
|
class AssetsController < ApplicationController
|
2016-12-09 20:59:49 +08:00
|
|
|
include ActionView::Helpers::TextHelper
|
2016-12-08 22:24:14 +08:00
|
|
|
before_action :load_vars
|
|
|
|
|
before_action :check_read_permission, except: :file_present
|
2016-02-12 23:52:43 +08:00
|
|
|
|
2016-07-21 19:11:15 +08:00
|
|
|
def file_present
|
|
|
|
|
respond_to do |format|
|
2016-12-09 20:59:49 +08:00
|
|
|
format.json do
|
|
|
|
|
if @asset.file.processing?
|
|
|
|
|
render json: {}, status: 404
|
|
|
|
|
else
|
2016-07-21 19:11:15 +08:00
|
|
|
# Only if file is present,
|
|
|
|
|
# check_read_permission
|
|
|
|
|
check_read_permission
|
|
|
|
|
|
|
|
|
|
# If check_read_permission already rendered error,
|
|
|
|
|
# stop execution
|
2016-12-09 20:59:49 +08:00
|
|
|
return if performed?
|
2016-07-21 19:11:15 +08:00
|
|
|
|
|
|
|
|
# If check permission passes, return :ok
|
2016-12-09 20:59:49 +08:00
|
|
|
render json: {
|
|
|
|
|
'preview-url' => @asset.url(:medium),
|
2016-12-20 00:36:18 +08:00
|
|
|
'large-preview-url' => @asset.url(:large),
|
2016-12-09 20:59:49 +08:00
|
|
|
'filename' => truncate(@asset.file_file_name,
|
|
|
|
|
length:
|
|
|
|
|
Constants::FILENAME_TRUNCATION_LENGTH),
|
|
|
|
|
'download-url' => download_asset_path(@asset),
|
|
|
|
|
'type' => (@asset.is_image? ? 'image' : 'file')
|
|
|
|
|
}, status: 200
|
2016-07-21 19:11:15 +08:00
|
|
|
end
|
2016-12-09 20:59:49 +08:00
|
|
|
end
|
2016-07-21 19:11:15 +08:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
def preview
|
|
|
|
|
if @asset.is_image?
|
2016-12-09 20:59:49 +08:00
|
|
|
redirect_to @asset.url(:medium), status: 307
|
2016-02-12 23:52:43 +08:00
|
|
|
else
|
|
|
|
|
render_400
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def download
|
2016-07-21 19:11:15 +08:00
|
|
|
if !@asset.file_present
|
|
|
|
|
render_404 and return
|
|
|
|
|
elsif @asset.file.is_stored_on_s3?
|
2016-08-17 21:51:04 +08:00
|
|
|
redirect_to @asset.presigned_url(download: true), status: 307
|
2016-02-12 23:52:43 +08:00
|
|
|
else
|
2016-08-09 23:08:47 +08:00
|
|
|
send_file @asset.file.path, filename: URI.unescape(@asset.file_file_name),
|
2016-02-12 23:52:43 +08:00
|
|
|
type: @asset.file_content_type
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def load_vars
|
|
|
|
|
@asset = Asset.find_by_id(params[:id])
|
|
|
|
|
|
|
|
|
|
unless @asset
|
|
|
|
|
render_404
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
step_assoc = @asset.step
|
|
|
|
|
result_assoc = @asset.result
|
|
|
|
|
|
|
|
|
|
@assoc = step_assoc if not step_assoc.nil?
|
|
|
|
|
@assoc = result_assoc if not result_assoc.nil?
|
|
|
|
|
|
2016-07-21 19:11:15 +08:00
|
|
|
if @assoc.class == Step
|
|
|
|
|
@protocol = @asset.step.protocol
|
|
|
|
|
else
|
|
|
|
|
@my_module = @assoc.my_module
|
|
|
|
|
end
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def check_read_permission
|
|
|
|
|
if @assoc.class == Step
|
2016-07-21 19:11:15 +08:00
|
|
|
unless can_view_or_download_step_assets(@protocol)
|
|
|
|
|
render_403 and return
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
elsif @assoc.class == Result
|
2016-07-21 19:11:15 +08:00
|
|
|
unless can_view_or_download_result_assets(@my_module)
|
|
|
|
|
render_403 and return
|
2016-02-12 23:52:43 +08:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-08-05 23:00:29 +08:00
|
|
|
def asset_params
|
|
|
|
|
params.permit(
|
|
|
|
|
:file
|
|
|
|
|
)
|
|
|
|
|
end
|
2016-07-21 19:11:15 +08:00
|
|
|
end
|
