From 9bf8480b4a0d3ea6e284c4bd8bf26243f3f3f6f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hannes=20Rosen=C3=B6gger?= <123haynes@gmail.com>
Date: Sat, 14 Feb 2015 16:04:45 +0100
Subject: Generalize the image upload in markdown

This commit generalizes the image upload via drag and drop so it supports all files.
It also adds access control for these files.
---
 app/controllers/files_controller.rb | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

(limited to 'app/controllers/files_controller.rb')

diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb
index 15523cbc2e7..a86340dd9bb 100644
--- a/app/controllers/files_controller.rb
+++ b/app/controllers/files_controller.rb
@@ -1,5 +1,5 @@
 class FilesController < ApplicationController
-  def download
+  def download_notes
     note = Note.find(params[:id])
     uploader = note.attachment
 
@@ -14,7 +14,32 @@ class FilesController < ApplicationController
         not_found!
       end
     else
-      redirect_to uploader.url
+      not_found!
     end
   end
+
+  def download_files
+    namespace_id = params[:namespace]
+    project_id = params[:project]
+    folder_id = params[:folder_id]
+    filename = params[:filename]
+    project_with_namespace="#{namespace_id}/#{project_id}"
+    filename_with_id="#{folder_id}/#{filename}"
+    
+    project = Project.find_with_namespace(project_with_namespace)
+
+    uploader = FileUploader.new("#{Rails.root}/uploads","#{project_with_namespace}/#{folder_id}")
+    uploader.retrieve_from_store!(filename)
+
+    if can?(current_user, :read_project, project)
+      download(uploader)
+    else
+      not_found!
+    end
+  end
+
+  def download(uploader)
+    disposition = uploader.image? ? 'inline' : 'attachment'
+    send_file uploader.file.path, disposition: disposition
+  end
 end
-- 
cgit v1.2.1


From 9729cc584f5758395960416f308a9c45f698cdee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hannes=20Rosen=C3=B6gger?= <123haynes@gmail.com>
Date: Sat, 14 Feb 2015 19:52:45 +0100
Subject: implement Project::UploadsController

---
 app/controllers/files_controller.rb | 29 ++---------------------------
 1 file changed, 2 insertions(+), 27 deletions(-)

(limited to 'app/controllers/files_controller.rb')

diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb
index a86340dd9bb..15523cbc2e7 100644
--- a/app/controllers/files_controller.rb
+++ b/app/controllers/files_controller.rb
@@ -1,5 +1,5 @@
 class FilesController < ApplicationController
-  def download_notes
+  def download
     note = Note.find(params[:id])
     uploader = note.attachment
 
@@ -14,32 +14,7 @@ class FilesController < ApplicationController
         not_found!
       end
     else
-      not_found!
+      redirect_to uploader.url
     end
   end
-
-  def download_files
-    namespace_id = params[:namespace]
-    project_id = params[:project]
-    folder_id = params[:folder_id]
-    filename = params[:filename]
-    project_with_namespace="#{namespace_id}/#{project_id}"
-    filename_with_id="#{folder_id}/#{filename}"
-    
-    project = Project.find_with_namespace(project_with_namespace)
-
-    uploader = FileUploader.new("#{Rails.root}/uploads","#{project_with_namespace}/#{folder_id}")
-    uploader.retrieve_from_store!(filename)
-
-    if can?(current_user, :read_project, project)
-      download(uploader)
-    else
-      not_found!
-    end
-  end
-
-  def download(uploader)
-    disposition = uploader.image? ? 'inline' : 'attachment'
-    send_file uploader.file.path, disposition: disposition
-  end
 end
-- 
cgit v1.2.1


From d2ebdf664b42d4fac6b2e060ef79aa9fe0b0e72d Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@gitlab.com>
Date: Mon, 16 Feb 2015 19:58:40 +0100
Subject: Refactor.

---
 app/controllers/files_controller.rb | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

(limited to 'app/controllers/files_controller.rb')

diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb
index 15523cbc2e7..267239b7b84 100644
--- a/app/controllers/files_controller.rb
+++ b/app/controllers/files_controller.rb
@@ -3,18 +3,21 @@ class FilesController < ApplicationController
     note = Note.find(params[:id])
     uploader = note.attachment
 
-    if uploader.file_storage?
-      if can?(current_user, :read_project, note.project)
-        # Replace old notes location in /public with the new one in / and send the file
+    if can?(current_user, :read_project, note.project)
+      if uploader.file_storage?
         path = uploader.file.path.gsub("#{Rails.root}/public", Rails.root.to_s)
 
-        disposition = uploader.image? ? 'inline' : 'attachment'
-        send_file path, disposition: disposition
+        if File.exist?(path)
+          disposition = uploader.image? ? 'inline' : 'attachment'
+          send_file path, disposition: disposition
+        else
+          not_found!
+        end
       else
-        not_found!
+        redirect_to uploader.url
       end
     else
-      redirect_to uploader.url
+      not_found!
     end
   end
 end
-- 
cgit v1.2.1