jro_apps/redmine Commit - r13421:7ca5df08360e

Merged r13787 (#18667)....

Jean-Philippe Lang -

r13421:7ca5df08360e

parent child

Context file:

r13421:7ca5df08360e

Collapse all files

app/models/attachment.rb +5 -4

             # Redmine - project management software
             # Copyright (C) 2006-2014  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             require "digest/md5"
             require "fileutils"
             class Attachment < ActiveRecord::Base
               belongs_to :container, :polymorphic => true
               belongs_to :author, :class_name => "User", :foreign_key => "author_id"
               validates_presence_of :filename, :author
               validates_length_of :filename, :maximum => 255
               validates_length_of :disk_filename, :maximum => 255
               validates_length_of :description, :maximum => 255
               validate :validate_max_file_size
               acts_as_event :title => :filename,
                             :url => Proc.new {|o| {:controller => 'attachments', :action => 'download', :id => o.id, :filename => o.filename}}
               acts_as_activity_provider :type => 'files',
                                         :permission => :view_files,
                                         :author_key => :author_id,
                                         :find_options => {:select => "#{Attachment.table_name}.*",
                                                           :joins => "LEFT JOIN #{Version.table_name} ON #{Attachment.table_name}.container_type='Version' AND #{Version.table_name}.id = #{Attachment.table_name}.container_id " +
                                                                     "LEFT JOIN #{Project.table_name} ON #{Version.table_name}.project_id = #{Project.table_name}.id OR ( #{Attachment.table_name}.container_type='Project' AND #{Attachment.table_name}.container_id = #{Project.table_name}.id )"}
               acts_as_activity_provider :type => 'documents',
                                         :permission => :view_documents,
                                         :author_key => :author_id,
                                         :find_options => {:select => "#{Attachment.table_name}.*",
                                                           :joins => "LEFT JOIN #{Document.table_name} ON #{Attachment.table_name}.container_type='Document' AND #{Document.table_name}.id = #{Attachment.table_name}.container_id " +
                                                                     "LEFT JOIN #{Project.table_name} ON #{Document.table_name}.project_id = #{Project.table_name}.id"}
               cattr_accessor :storage_path
               @@storage_path = Redmine::Configuration['attachments_storage_path'] || File.join(Rails.root, "files")
               cattr_accessor :thumbnails_storage_path
               @@thumbnails_storage_path = File.join(Rails.root, "tmp", "thumbnails")
-              before_save :files_to_final_location
+              before_create :files_to_final_location
               after_destroy :delete_from_disk
               # Returns an unsaved copy of the attachment
               def copy(attributes=nil)
                 copy = self.class.new
                 copy.attributes = self.attributes.dup.except("id", "downloads")
                 copy.attributes = attributes if attributes
                 copy
               end
               def validate_max_file_size
                 if @temp_file && self.filesize > Setting.attachment_max_size.to_i.kilobytes
                   errors.add(:base, l(:error_attachment_too_big, :max_size => Setting.attachment_max_size.to_i.kilobytes))
                 end
               end
               def file=(incoming_file)
                 unless incoming_file.nil?
                   @temp_file = incoming_file
                   if @temp_file.size > 0
                     if @temp_file.respond_to?(:original_filename)
                       self.filename = @temp_file.original_filename
                       self.filename.force_encoding("UTF-8") if filename.respond_to?(:force_encoding)
                     end
                     if @temp_file.respond_to?(:content_type)
                       self.content_type = @temp_file.content_type.to_s.chomp
                     end
-                    if content_type.blank? && filename.present?
-                      self.content_type = Redmine::MimeType.of(filename)
-                    end
                     self.filesize = @temp_file.size
                   end
                 end
               end
               def file
                 nil
               end
               def filename=(arg)
                 write_attribute :filename, sanitize_filename(arg.to_s)
                 filename
               end
               # Copies the temporary file to its final location
               # and computes its MD5 hash
               def files_to_final_location
                 if @temp_file && (@temp_file.size > 0)
                   self.disk_directory = target_directory
                   self.disk_filename = Attachment.disk_filename(filename, disk_directory)
                   logger.info("Saving attachment '#{self.diskfile}' (#{@temp_file.size} bytes)") if logger
                   path = File.dirname(diskfile)
                   unless File.directory?(path)
                     FileUtils.mkdir_p(path)
                   end
                   md5 = Digest::MD5.new
                   File.open(diskfile, "wb") do |f|
                     if @temp_file.respond_to?(:read)
                       buffer = ""
                       while (buffer = @temp_file.read(8192))
                         f.write(buffer)
                         md5.update(buffer)
                       end
                     else
                       f.write(@temp_file)
                       md5.update(@temp_file)
                     end
                   end
                   self.digest = md5.hexdigest
                 end
                 @temp_file = nil
+                if content_type.blank? && filename.present?
+                  self.content_type = Redmine::MimeType.of(filename)
+                end
                 # Don't save the content type if it's longer than the authorized length
                 if self.content_type && self.content_type.length > 255
                   self.content_type = nil
                 end
               end
               # Deletes the file from the file system if it's not referenced by other attachments
               def delete_from_disk
                 if Attachment.where("disk_filename = ? AND id <> ?", disk_filename, id).empty?
                   delete_from_disk!
                 end
               end
               # Returns file's location on disk
               def diskfile
                 File.join(self.class.storage_path, disk_directory.to_s, disk_filename.to_s)
               end
               def title
                 title = filename.to_s
                 if description.present?
                   title << " (#{description})"
                 end
                 title
               end
               def increment_download
                 increment!(:downloads)
               end
               def project
                 container.try(:project)
               end
               def visible?(user=User.current)
                 if container_id
                   container && container.attachments_visible?(user)
                 else
                   author == user
                 end
               end
               def deletable?(user=User.current)
                 if container_id
                   container && container.attachments_deletable?(user)
                 else
                   author == user
                 end
               end
               def image?
                 !!(self.filename =~ /\.(bmp|gif|jpg|jpe|jpeg|png)$/i)
               end
               def thumbnailable?
                 image?
               end
               # Returns the full path the attachment thumbnail, or nil
               # if the thumbnail cannot be generated.
               def thumbnail(options={})
                 if thumbnailable? && readable?
                   size = options[:size].to_i
                   if size > 0
                     # Limit the number of thumbnails per image
                     size = (size / 50) * 50
                     # Maximum thumbnail size
                     size = 800 if size > 800
                   else
                     size = Setting.thumbnails_size.to_i
                   end
                   size = 100 unless size > 0
                   target = File.join(self.class.thumbnails_storage_path, "#{id}_#{digest}_#{size}.thumb")
                   begin
                     Redmine::Thumbnail.generate(self.diskfile, target, size)
                   rescue => e
                     logger.error "An error occured while generating thumbnail for #{disk_filename} to #{target}\nException was: #{e.message}" if logger
                     return nil
                   end
                 end
               end
               # Deletes all thumbnails
               def self.clear_thumbnails
                 Dir.glob(File.join(thumbnails_storage_path, "*.thumb")).each do |file|
                   File.delete file
                 end
               end
               def is_text?
                 Redmine::MimeType.is_type?('text', filename)
               end
               def is_diff?
                 self.filename =~ /\.(patch|diff)$/i
               end
               # Returns true if the file is readable
               def readable?
                 File.readable?(diskfile)
               end
               # Returns the attachment token
               def token
                 "#{id}.#{digest}"
               end
               # Finds an attachment that matches the given token and that has no container
               def self.find_by_token(token)
                 if token.to_s =~ /^(\d+)\.([0-9a-f]+)$/
                   attachment_id, attachment_digest = $1, $2
                   attachment = Attachment.where(:id => attachment_id, :digest => attachment_digest).first
                   if attachment && attachment.container.nil?
                     attachment
                   end
                 end
               end
               # Bulk attaches a set of files to an object
               #
               # Returns a Hash of the results:
               # :files => array of the attached files
               # :unsaved => array of the files that could not be attached
               def self.attach_files(obj, attachments)
                 result = obj.save_attachments(attachments, User.current)
                 obj.attach_saved_attachments
                 result
               end
               def self.latest_attach(attachments, filename)
                 attachments.sort_by(&:created_on).reverse.detect {
                   |att| att.filename.downcase == filename.downcase
                  }
               end
               def self.prune(age=1.day)
                 Attachment.where("created_on < ? AND (container_type IS NULL OR container_type = '')", Time.now - age).destroy_all
               end
               # Moves an existing attachment to its target directory
               def move_to_target_directory!
                 return unless !new_record? & readable?
                 src = diskfile
                 self.disk_directory = target_directory
                 dest = diskfile
                 return if src == dest
                 if !FileUtils.mkdir_p(File.dirname(dest))
                   logger.error "Could not create directory #{File.dirname(dest)}" if logger
                   return
                 end
                 if !FileUtils.mv(src, dest)
                   logger.error "Could not move attachment from #{src} to #{dest}" if logger
                   return
                 end
                 update_column :disk_directory, disk_directory
               end
               # Moves existing attachments that are stored at the root of the files
               # directory (ie. created before Redmine 2.3) to their target subdirectories
               def self.move_from_root_to_target_directory
                 Attachment.where("disk_directory IS NULL OR disk_directory = ''").find_each do |attachment|
                   attachment.move_to_target_directory!
                 end
               end
               private
               # Physically deletes the file from the file system
               def delete_from_disk!
                 if disk_filename.present? && File.exist?(diskfile)
                   File.delete(diskfile)
                 end
               end
               def sanitize_filename(value)
                 # get only the filename, not the whole path
                 just_filename = value.gsub(/\A.*(\\|\/)/m, '')
                 # Finally, replace invalid characters with underscore
                 @filename = just_filename.gsub(/[\/\?\%\*\:\|\"\'<>\n\r]+/, '_')
               end
               # Returns the subdirectory in which the attachment will be saved
               def target_directory
                 time = created_on || DateTime.now
                 time.strftime("%Y/%m")
               end
               # Returns an ASCII or hashed filename that do not
               # exists yet in the given subdirectory
               def self.disk_filename(filename, directory=nil)
                 timestamp = DateTime.now.strftime("%y%m%d%H%M%S")
                 ascii = ''
                 if filename =~ %r{^[a-zA-Z0-9_\.\-]*$}
                   ascii = filename
                 else
                   ascii = Digest::MD5.hexdigest(filename)
                   # keep the extension if any
                   ascii << $1 if filename =~ %r{(\.[a-zA-Z0-9]+)$}
                 end
                 while File.exist?(File.join(storage_path, directory.to_s, "#{timestamp}_#{ascii}"))
                   timestamp.succ!
                 end
                 "#{timestamp}_#{ascii}"
               end
             end

test/integration/attachments_test.rb +10 0

             # Redmine - project management software
             # Copyright (C) 2006-2014  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             require File.expand_path('../../test_helper', __FILE__)
             class AttachmentsTest < ActionController::IntegrationTest
               fixtures :projects, :enabled_modules,
                        :users, :roles, :members, :member_roles,
                        :trackers, :projects_trackers,
                        :issue_statuses, :enumerations
+              def test_upload_should_set_default_content_type
+                log_user('jsmith', 'jsmith')
+                assert_difference 'Attachment.count' do
+                  post "/uploads.js?attachment_id=1&filename=foo.txt", "File content", {"CONTENT_TYPE" => 'application/octet-stream'}
+                  assert_response :success
+                end
+                attachment = Attachment.order(:id => :desc).first
+                assert_equal 'text/plain', attachment.content_type
+              end
               def test_upload_as_js_and_attach_to_an_issue
                 log_user('jsmith', 'jsmith')
                 token = ajax_upload('myupload.txt', 'File content')
                 assert_difference 'Issue.count' do
                   post '/projects/ecookbook/issues', {
                       :issue => {:tracker_id => 1, :subject => 'Issue with upload'},
                       :attachments => {'1' => {:filename => 'myupload.txt', :description => 'My uploaded file', :token => token}}
                     }
                   assert_response 302
                 end
                 issue = Issue.order('id DESC').first
                 assert_equal 'Issue with upload', issue.subject
                 assert_equal 1, issue.attachments.count
                 attachment = issue.attachments.first
                 assert_equal 'myupload.txt', attachment.filename
                 assert_equal 'My uploaded file', attachment.description
                 assert_equal 'File content'.length, attachment.filesize
               end
               def test_upload_as_js_and_preview_as_inline_attachment
                 log_user('jsmith', 'jsmith')
                 token = ajax_upload('myupload.jpg', 'JPEG content')
                 post '/issues/preview/new/ecookbook', {
                     :issue => {:tracker_id => 1, :description => 'Inline upload: !myupload.jpg!'},
                     :attachments => {'1' => {:filename => 'myupload.jpg', :description => 'My uploaded file', :token => token}}
                   }
                 assert_response :success
                 attachment_path = response.body.match(%r{<img src="(/attachments/download/\d+/myupload.jpg)"})[1]
                 assert_not_nil token, "No attachment path found in response:\n#{response.body}"
                 get attachment_path
                 assert_response :success
                 assert_equal 'JPEG content', response.body
               end
               def test_upload_and_resubmit_after_validation_failure
                 log_user('jsmith', 'jsmith')
                 token = ajax_upload('myupload.txt', 'File content')
                 assert_no_difference 'Issue.count' do
                   post '/projects/ecookbook/issues', {
                       :issue => {:tracker_id => 1, :subject => ''},
                       :attachments => {'1' => {:filename => 'myupload.txt', :description => 'My uploaded file', :token => token}}
                     }
                   assert_response :success
                 end
                 assert_select 'input[type=hidden][name=?][value=?]', 'attachments[p0][token]', token
                 assert_select 'input[name=?][value=?]', 'attachments[p0][filename]', 'myupload.txt'
                 assert_select 'input[name=?][value=?]', 'attachments[p0][description]', 'My uploaded file'
                 assert_difference 'Issue.count' do
                   post '/projects/ecookbook/issues', {
                       :issue => {:tracker_id => 1, :subject => 'Issue with upload'},
                       :attachments => {'p0' => {:filename => 'myupload.txt', :description => 'My uploaded file', :token => token}}
                     }
                   assert_response 302
                 end
                 issue = Issue.order('id DESC').first
                 assert_equal 'Issue with upload', issue.subject
                 assert_equal 1, issue.attachments.count
                 attachment = issue.attachments.first
                 assert_equal 'myupload.txt', attachment.filename
                 assert_equal 'My uploaded file', attachment.description
                 assert_equal 'File content'.length, attachment.filesize
               end
               def test_upload_as_js_and_destroy
                 log_user('jsmith', 'jsmith')
                 token = ajax_upload('myupload.txt', 'File content')
                 attachment = Attachment.order('id DESC').first
                 attachment_path = "/attachments/#{attachment.id}.js?attachment_id=1"
                 assert_include "href: '#{attachment_path}'", response.body, "Path to attachment: #{attachment_path} not found in response:\n#{response.body}"
                 assert_difference 'Attachment.count', -1 do
                   delete attachment_path
                   assert_response :success
                 end
                 assert_include "$('#attachments_1').remove();", response.body
               end
               private
               def ajax_upload(filename, content, attachment_id=1)
                 assert_difference 'Attachment.count' do
                   post "/uploads.js?attachment_id=#{attachment_id}&filename=#{filename}", content, {"CONTENT_TYPE" => 'application/octet-stream'}
                   assert_response :success
                   assert_equal 'text/javascript', response.content_type
                 end
                 token = response.body.match(/\.val\('(\d+\.[0-9a-f]+)'\)/)[1]
                 assert_not_nil token, "No upload token found in response:\n#{response.body}"
                 token
               end
             end

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages