2017-07-04 12:11:06 -04:00
|
|
|
require "action_controller"
|
2017-07-05 07:06:29 -04:00
|
|
|
require "active_vault/blob"
|
|
|
|
|
require "active_vault/verified_key_with_expiration"
|
2017-07-04 12:11:06 -04:00
|
|
|
|
|
|
|
|
require "active_support/core_ext/object/inclusion"
|
|
|
|
|
|
2017-07-05 07:06:29 -04:00
|
|
|
class ActiveVault::DiskController < ActionController::Base
|
2017-07-03 14:14:28 -04:00
|
|
|
def show
|
2017-07-03 15:06:09 -04:00
|
|
|
if key = decode_verified_key
|
2017-07-05 07:06:29 -04:00
|
|
|
blob = ActiveVault::Blob.find_by!(key: key)
|
2017-07-04 12:11:06 -04:00
|
|
|
|
|
|
|
|
if stale?(etag: blob.checksum)
|
|
|
|
|
send_data blob.download, filename: blob.filename, type: blob.content_type, disposition: disposition_param
|
|
|
|
|
end
|
2017-07-03 15:06:09 -04:00
|
|
|
else
|
|
|
|
|
head :not_found
|
2017-07-03 14:14:28 -04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
2017-07-03 15:06:09 -04:00
|
|
|
def decode_verified_key
|
2017-07-05 07:06:29 -04:00
|
|
|
ActiveVault::VerifiedKeyWithExpiration.decode(params[:encoded_key])
|
2017-07-03 14:14:28 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def disposition_param
|
|
|
|
|
params[:disposition].presence_in(%w( inline attachment )) || 'inline'
|
|
|
|
|
end
|
|
|
|
|
end
|
