diff options
author | David Heinemeier Hansson <david@loudthinking.com> | 2017-08-04 18:05:13 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-08-04 18:05:13 -0500 |
commit | 552840660389e39f3ba8e47dcf35ab817c01cb48 (patch) | |
tree | 5013b2d5a1691ac1f675935eea38848639ac54bc /activestorage/app/controllers/active_storage/disk_controller.rb | |
parent | 978b3d604ab082ac0be071245646b0803b8ff382 (diff) | |
parent | 3179f089be4f631b9c0f8b431567992164f2bdb4 (diff) | |
download | rails-552840660389e39f3ba8e47dcf35ab817c01cb48.tar.gz rails-552840660389e39f3ba8e47dcf35ab817c01cb48.tar.bz2 rails-552840660389e39f3ba8e47dcf35ab817c01cb48.zip |
Merge pull request #30020 from rails/active-storage-import
Add Active Storage to Rails
Diffstat (limited to 'activestorage/app/controllers/active_storage/disk_controller.rb')
-rw-r--r-- | activestorage/app/controllers/active_storage/disk_controller.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/activestorage/app/controllers/active_storage/disk_controller.rb b/activestorage/app/controllers/active_storage/disk_controller.rb new file mode 100644 index 0000000000..76377a0f20 --- /dev/null +++ b/activestorage/app/controllers/active_storage/disk_controller.rb @@ -0,0 +1,51 @@ +# Serves files stored with the disk service in the same way that the cloud services do. +# This means using expiring, signed URLs that are meant for immediate access, not permanent linking. +# Always go through the BlobsController, or your own authenticated controller, rather than directly +# to the service url. +class ActiveStorage::DiskController < ActionController::Base + def show + if key = decode_verified_key + send_data disk_service.download(key), + filename: params[:filename], disposition: disposition_param, content_type: params[:content_type] + else + head :not_found + end + end + + def update + if token = decode_verified_token + if acceptable_content?(token) + disk_service.upload token[:key], request.body, checksum: token[:checksum] + else + head :unprocessable_entity + end + else + head :not_found + end + rescue ActiveStorage::IntegrityError + head :unprocessable_entity + end + + private + def disk_service + ActiveStorage::Blob.service + end + + + def decode_verified_key + ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key) + end + + def disposition_param + params[:disposition].presence_in(%w( inline attachment )) || "inline" + end + + + def decode_verified_token + ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token) + end + + def acceptable_content?(token) + token[:content_type] == request.content_type && token[:content_length] == request.content_length + end +end |