1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/activestorage/app/controllers/active_storage/disk_controller.rb
Rafael Mendonça França 9330d01ada Add 'activestorage/' from commit '3f4a7218a4a4923a0e7ce1b2eb0d2888ce30da58'
git-subtree-dir: activestorage
git-subtree-mainline: 0d58e7e478
git-subtree-split: 3f4a7218a4
2017-07-31 15:21:22 -04:00

51 lines
1.5 KiB
Ruby

# Serves files stored with the disk service in the same way that the cloud services do.
# This means using expiring, signed URLs that are meant for immediate access, not permanent linking.
# Always go through the BlobsController, or your own authenticated controller, rather than directly
# to the service url.
class ActiveStorage::DiskController < ActionController::Base
def show
if key = decode_verified_key
send_data disk_service.download(key),
filename: params[:filename], disposition: disposition_param, content_type: params[:content_type]
else
head :not_found
end
end
def update
if token = decode_verified_token
if acceptable_content?(token)
disk_service.upload token[:key], request.body, checksum: token[:checksum]
else
head :unprocessable_entity
end
else
head :not_found
end
rescue ActiveStorage::IntegrityError
head :unprocessable_entity
end
private
def disk_service
ActiveStorage::Blob.service
end
def decode_verified_key
ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
end
def disposition_param
params[:disposition].presence_in(%w( inline attachment )) || "inline"
end
def decode_verified_token
ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
end
def acceptable_content?(token)
token[:content_type] == request.content_type && token[:content_length] == request.content_length
end
end