diff --git a/app/controllers/active_storage/disk_controller.rb b/app/controllers/active_storage/disk_controller.rb new file mode 100644 index 000000000..5c95db131 --- /dev/null +++ b/app/controllers/active_storage/disk_controller.rb @@ -0,0 +1,64 @@ +# frozen_string_literal: true + +module ActiveStorage + class DiskController < ActiveStorage::BaseController + skip_forgery_protection + skip_before_action :authenticate_user!, :authenticate_user_from_token!, only: :show # Skip authentication + + def show + if (key = decode_verified_key) + serve_file disk_service.path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition] + else + head :not_found + end + rescue Errno::ENOENT + head :not_found + end + + def update + if (token = decode_verified_token) + if acceptable_content?(token) + disk_service.upload token[:key], request.body, checksum: token[:checksum] + else + head :unprocessable_entity + end + else + head :not_found + end + rescue ActiveStorage::IntegrityError + head :unprocessable_entity + end + + private + + def disk_service + ActiveStorage::Blob.service + end + + def decode_verified_key + ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key) + end + + def serve_file(path, content_type:, disposition:) + Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)| + self.status = status + self.response_body = body + + headers.each do |name, value| + response.headers[name] = value + end + + response.headers['Content-Type'] = content_type || DEFAULT_SEND_FILE_TYPE + response.headers['Content-Disposition'] = disposition || DEFAULT_SEND_FILE_DISPOSITION + end + end + + def decode_verified_token + ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token) + end + + def acceptable_content?(token) + token[:content_type] == request.content_mime_type && token[:content_length] == request.content_length + end + end +end diff --git a/app/models/asset.rb b/app/models/asset.rb index 1335624fb..62487b0ce 100644 --- a/app/models/asset.rb +++ b/app/models/asset.rb @@ -243,6 +243,12 @@ class Asset < ApplicationRecord to_asset.post_process_file(to_asset.team) end + def file_service_url + ActiveStorage::Current.set(host: Rails.application.secrets.mail_server_url) do + file.service_url + end + end + def extract_image_quality return unless ['image/jpeg', 'image/pjpeg'].include? content_type diff --git a/app/models/temp_file.rb b/app/models/temp_file.rb index 8ed198c35..0ead177a0 100644 --- a/app/models/temp_file.rb +++ b/app/models/temp_file.rb @@ -5,6 +5,12 @@ class TempFile < ApplicationRecord has_one_attached :file + def file_service_url + ActiveStorage::Current.set(host: Rails.application.secrets.mail_server_url) do + file.service_url + end + end + class << self def destroy_obsolete(temp_file_id) temp_file = find_by_id(temp_file_id) diff --git a/app/models/tiny_mce_asset.rb b/app/models/tiny_mce_asset.rb index e9ecf058b..e5470f192 100644 --- a/app/models/tiny_mce_asset.rb +++ b/app/models/tiny_mce_asset.rb @@ -102,6 +102,12 @@ class TinyMceAsset < ApplicationRecord image.variant(resize_to_limit: Constants::LARGE_PIC_FORMAT) end + def file_service_url + ActiveStorage::Current.set(host: Rails.application.secrets.mail_server_url) do + image.service_url + end + end + def self.delete_unsaved_image(id) asset = find_by(id: id) asset.destroy if asset && !asset.saved diff --git a/app/services/reports/docx/private_methods.rb b/app/services/reports/docx/private_methods.rb index 375fc1652..cbd18dddc 100644 --- a/app/services/reports/docx/private_methods.rb +++ b/app/services/reports/docx/private_methods.rb @@ -293,12 +293,7 @@ module Reports::Docx::PrivateMethods end def image_path(asset) - image = if asset.class == Asset - asset.file - else - asset.image - end - image.service_url + asset.file_service_url end def calculate_color_hsp(color) diff --git a/app/services/spreadsheet_parser.rb b/app/services/spreadsheet_parser.rb index 700697169..9f7ff7c35 100644 --- a/app/services/spreadsheet_parser.rb +++ b/app/services/spreadsheet_parser.rb @@ -8,7 +8,7 @@ class SpreadsheetParser file_path = file.path else filename = file.filename.to_s - file_path = file.service_url + file_path = file.file_service_url end case File.extname(filename)