From 94f2558f6a5bd315334d1b57a9aeeef48abfea20 Mon Sep 17 00:00:00 2001 From: George Claghorn Date: Sun, 15 Jul 2018 20:12:53 -0400 Subject: Restore inadvertently-removed fallback --- activestorage/app/controllers/active_storage/disk_controller.rb | 3 ++- activestorage/test/controllers/disk_controller_test.rb | 6 ++++++ 2 files changed, 8 insertions(+), 1 deletion(-) (limited to 'activestorage') diff --git a/activestorage/app/controllers/active_storage/disk_controller.rb b/activestorage/app/controllers/active_storage/disk_controller.rb index 436cd0ccd8..75cc11d6ff 100644 --- a/activestorage/app/controllers/active_storage/disk_controller.rb +++ b/activestorage/app/controllers/active_storage/disk_controller.rb @@ -19,10 +19,11 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController if token = decode_verified_token if acceptable_content?(token) disk_service.upload token[:key], request.body, checksum: token[:checksum] - head :no_content else head :unprocessable_entity end + else + head :not_found end rescue ActiveStorage::IntegrityError head :unprocessable_entity diff --git a/activestorage/test/controllers/disk_controller_test.rb b/activestorage/test/controllers/disk_controller_test.rb index 32b930730d..c053052f6f 100644 --- a/activestorage/test/controllers/disk_controller_test.rb +++ b/activestorage/test/controllers/disk_controller_test.rb @@ -67,4 +67,10 @@ class ActiveStorage::DiskControllerTest < ActionDispatch::IntegrationTest assert_response :unprocessable_entity assert_not blob.service.exist?(blob.key) end + + test "directly uploading blob with invalid token" do + put update_rails_disk_service_url(encoded_token: "invalid"), + params: "Something else entirely!", headers: { "Content-Type" => "text/plain" } + assert_response :not_found + end end -- cgit v1.2.3