jro_apps/redmine Files · app/models/attachment.rb

Upgraded to Rails 2.3.4 (#3597)...

Upgraded to Rails 2.3.4 (#3597) * Ran the Rails upgrade * Upgraded to Rails Engines 2.3.2 * Added a plugin to let Engines override application views. * Converted tests to use the new classes: ** ActionController::TestCase for functional ** ActiveSupport::TestCase for units * Converted ActiveRecord::Error message to a string. * ActiveRecord grouping returns an ordered hash which doesn't have #sort! * Updated the I18n storage_units format. * Added some default initializers from a fresh rails app * Changed the order of check_box_tags and hidden_field_tags. The hidden tag needs to appear first in Rails 2.3, otherwise it will override any value in the check_box_tag. * Removed the custom handler for when the cookie store is tampered with. Rails 2.3 removed the TamperedWithCookie exception and instead Rails will not load the data from it when it's been tampered with (e.g. no user login). * Fixed mail layouts, 2.3 has problems with implicit multipart emails that use layouts. Also removed some custom Redmine mailer code. * Fixed a bug that occurred in tests where the "required" span tag would be added to the :field_status translation. This resulted in an email string of: <li>Status<span class="required"> *</span><span class="required"> *</span> Instead of: <li>Status: New</li> git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2887 e93f8b46-1217-0410-a6f0-8f06a7374b81

Jean-Philippe Lang - - Load All Authors

File last commit:

r2600:15a14e55cdb9


                r2773:7b0cb6aba871

Download file

             attachment.rb
        
                    157 lines
            
             | 5.4 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / app / models / attachment.rb
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # redMine - project management software

      # Copyright (C) 2006-2007  Jean-Philippe Lang

      #

      # This program is free software; you can redistribute it and/or

      # modify it under the terms of the GNU General Public License

      # as published by the Free Software Foundation; either version 2

      # of the License, or (at your option) any later version.

      # 

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      # 

      # You should have received a copy of the GNU General Public License

      # along with this program; if not, write to the Free Software

      # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

      require "digest/md5"

      class Attachment < ActiveRecord::Base

        belongs_to :container, :polymorphic => true

        belongs_to :author, :class_name => "User", :foreign_key => "author_id"

        validates_presence_of :container, :filename, :author

        validates_length_of :filename, :maximum => 255

        validates_length_of :disk_filename, :maximum => 255

        acts_as_event :title => :filename,

                      :url => Proc.new {|o| {:controller => 'attachments', :action => 'download', :id => o.id, :filename => o.filename}}

        acts_as_activity_provider :type => 'files',

                                  :permission => :view_files,

                                  :author_key => :author_id,

                                  :find_options => {:select => "#{Attachment.table_name}.*", 

                                                    :joins => "LEFT JOIN #{Version.table_name} ON #{Attachment.table_name}.container_type='Version' AND #{Version.table_name}.id = #{Attachment.table_name}.container_id " +

                                                              "LEFT JOIN #{Project.table_name} ON #{Version.table_name}.project_id = #{Project.table_name}.id OR ( #{Attachment.table_name}.container_type='Project' AND #{Attachment.table_name}.container_id = #{Project.table_name}.id )"}

        acts_as_activity_provider :type => 'documents',

                                  :permission => :view_documents,

                                  :author_key => :author_id,

                                  :find_options => {:select => "#{Attachment.table_name}.*", 

                                                    :joins => "LEFT JOIN #{Document.table_name} ON #{Attachment.table_name}.container_type='Document' AND #{Document.table_name}.id = #{Attachment.table_name}.container_id " +

                                                              "LEFT JOIN #{Project.table_name} ON #{Document.table_name}.project_id = #{Project.table_name}.id"}

        cattr_accessor :storage_path

        @@storage_path = "#{RAILS_ROOT}/files"

        def validate

          if self.filesize > Setting.attachment_max_size.to_i.kilobytes

            errors.add(:base, :too_long, :count => Setting.attachment_max_size.to_i.kilobytes)

          end

        end

        def file=(incoming_file)

          unless incoming_file.nil?

            @temp_file = incoming_file

            if @temp_file.size > 0

              self.filename = sanitize_filename(@temp_file.original_filename)

              self.disk_filename = Attachment.disk_filename(filename)

              self.content_type = @temp_file.content_type.to_s.chomp

              self.filesize = @temp_file.size

            end

          end

        end

        def file

          nil

        end

        # Copies the temporary file to its final location

        # and computes its MD5 hash

        def before_save

          if @temp_file && (@temp_file.size > 0)

            logger.debug("saving '#{self.diskfile}'")

            md5 = Digest::MD5.new

            File.open(diskfile, "wb") do |f| 

              buffer = ""

              while (buffer = @temp_file.read(8192))

                f.write(buffer)

                md5.update(buffer)

              end

            end

            self.digest = md5.hexdigest

          end

          # Don't save the content type if it's longer than the authorized length

          if self.content_type && self.content_type.length > 255

            self.content_type = nil

          end

        end

        # Deletes file on the disk

        def after_destroy

          File.delete(diskfile) if !filename.blank? && File.exist?(diskfile)

        end

        # Returns file's location on disk

        def diskfile

          "#{@@storage_path}/#{self.disk_filename}"

        end

        def increment_download

          increment!(:downloads)

        end

        def project

          container.project

        end

        def visible?(user=User.current)

          container.attachments_visible?(user)

        end

        def deletable?(user=User.current)

          container.attachments_deletable?(user)

        end

        def image?

          self.filename =~ /\.(jpe?g|gif|png)$/i

        end

        def is_text?

          Redmine::MimeType.is_type?('text', filename)

        end

        def is_diff?

          self.filename =~ /\.(patch|diff)$/i

        end

        # Returns true if the file is readable

        def readable?

          File.readable?(diskfile)

        end

      private

        def sanitize_filename(value)

          # get only the filename, not the whole path

          just_filename = value.gsub(/^.*(\\|\/)/, '')

          # NOTE: File.basename doesn't work right with Windows paths on Unix

          # INCORRECT: just_filename = File.basename(value.gsub('\\\\', '/')) 

          # Finally, replace all non alphanumeric, hyphens or periods with underscore

          @filename = just_filename.gsub(/[^\w\.\-]/,'_') 

        end

        # Returns an ASCII or hashed filename

        def self.disk_filename(filename)

          df = DateTime.now.strftime("%y%m%d%H%M%S") + "_"

          if filename =~ %r{^[a-zA-Z0-9_\.\-]*$}

            df << filename

          else

            df << Digest::MD5.hexdigest(filename)

            # keep the extension if any

            df << $1 if filename =~ %r{(\.[a-zA-Z0-9]+)$}

          end

          df

        end

      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# redMine - project management software
				# Copyright (C) 2006-2007 Jean-Philippe Lang
				#
				# This program is free software; you can redistribute it and/or
				# modify it under the terms of the GNU General Public License
				# as published by the Free Software Foundation; either version 2
				# of the License, or (at your option) any later version.
				#
				# This program is distributed in the hope that it will be useful,
				# but WITHOUT ANY WARRANTY; without even the implied warranty of
				# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				# GNU General Public License for more details.
				#
				# You should have received a copy of the GNU General Public License
				# along with this program; if not, write to the Free Software
				# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

				require "digest/md5"

				class Attachment < ActiveRecord::Base
				belongs_to :container, :polymorphic => true
				belongs_to :author, :class_name => "User", :foreign_key => "author_id"

				validates_presence_of :container, :filename, :author
				validates_length_of :filename, :maximum => 255
				validates_length_of :disk_filename, :maximum => 255

				acts_as_event :title => :filename,
				:url => Proc.new {\|o\| {:controller => 'attachments', :action => 'download', :id => o.id, :filename => o.filename}}

				acts_as_activity_provider :type => 'files',
				:permission => :view_files,
				:author_key => :author_id,
				:find_options => {:select => "#{Attachment.table_name}.*",
				:joins => "LEFT JOIN #{Version.table_name} ON #{Attachment.table_name}.container_type='Version' AND #{Version.table_name}.id = #{Attachment.table_name}.container_id " +
				"LEFT JOIN #{Project.table_name} ON #{Version.table_name}.project_id = #{Project.table_name}.id OR ( #{Attachment.table_name}.container_type='Project' AND #{Attachment.table_name}.container_id = #{Project.table_name}.id )"}

				acts_as_activity_provider :type => 'documents',
				:permission => :view_documents,
				:author_key => :author_id,
				:find_options => {:select => "#{Attachment.table_name}.*",
				:joins => "LEFT JOIN #{Document.table_name} ON #{Attachment.table_name}.container_type='Document' AND #{Document.table_name}.id = #{Attachment.table_name}.container_id " +
				"LEFT JOIN #{Project.table_name} ON #{Document.table_name}.project_id = #{Project.table_name}.id"}

				cattr_accessor :storage_path
				@@storage_path = "#{RAILS_ROOT}/files"

				def validate
				if self.filesize > Setting.attachment_max_size.to_i.kilobytes
				errors.add(:base, :too_long, :count => Setting.attachment_max_size.to_i.kilobytes)
				end
				end

				def file=(incoming_file)
				unless incoming_file.nil?
				@temp_file = incoming_file
				if @temp_file.size > 0
				self.filename = sanitize_filename(@temp_file.original_filename)
				self.disk_filename = Attachment.disk_filename(filename)
				self.content_type = @temp_file.content_type.to_s.chomp
				self.filesize = @temp_file.size
				end
				end
				end

				def file
				nil
				end

				# Copies the temporary file to its final location
				# and computes its MD5 hash
				def before_save
				if @temp_file && (@temp_file.size > 0)
				logger.debug("saving '#{self.diskfile}'")
				md5 = Digest::MD5.new
				File.open(diskfile, "wb") do \|f\|
				buffer = ""
				while (buffer = @temp_file.read(8192))
				f.write(buffer)
				md5.update(buffer)
				end
				end
				self.digest = md5.hexdigest
				end
				# Don't save the content type if it's longer than the authorized length
				if self.content_type && self.content_type.length > 255
				self.content_type = nil
				end
				end

				# Deletes file on the disk
				def after_destroy
				File.delete(diskfile) if !filename.blank? && File.exist?(diskfile)
				end

				# Returns file's location on disk
				def diskfile
				"#{@@storage_path}/#{self.disk_filename}"
				end

				def increment_download
				increment!(:downloads)
				end

				def project
				container.project
				end

				def visible?(user=User.current)
				container.attachments_visible?(user)
				end

				def deletable?(user=User.current)
				container.attachments_deletable?(user)
				end

				def image?
				self.filename =~ /\.(jpe?g\|gif\|png)$/i
				end

				def is_text?
				Redmine::MimeType.is_type?('text', filename)
				end

				def is_diff?
				self.filename =~ /\.(patch\|diff)$/i
				end

				# Returns true if the file is readable
				def readable?
				File.readable?(diskfile)
				end

				private
				def sanitize_filename(value)
				# get only the filename, not the whole path
				just_filename = value.gsub(/^.*(\\\|\/)/, '')
				# NOTE: File.basename doesn't work right with Windows paths on Unix
				# INCORRECT: just_filename = File.basename(value.gsub('\\\\', '/'))

				# Finally, replace all non alphanumeric, hyphens or periods with underscore
				@filename = just_filename.gsub(/[^\w\.\-]/,'_')
				end

				# Returns an ASCII or hashed filename
				def self.disk_filename(filename)
				df = DateTime.now.strftime("%y%m%d%H%M%S") + "_"
				if filename =~ %r{^[a-zA-Z0-9_\.\-]*$}
				df << filename
				else
				df << Digest::MD5.hexdigest(filename)
				# keep the extension if any
				df << $1 if filename =~ %r{(\.[a-zA-Z0-9]+)$}
				end
				df
				end
				end