Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
305725f8
Commit
305725f8
authored
Apr 17, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Correctly handle blocked users.
parent
dccd79d2
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
14 additions
and
15 deletions
+14
-15
app/controllers/projects/uploads_controller.rb
app/controllers/projects/uploads_controller.rb
+14
-15
No files found.
app/controllers/projects/uploads_controller.rb
View file @
305725f8
class
Projects::UploadsController
<
Projects
::
ApplicationController
class
Projects::UploadsController
<
Projects
::
ApplicationController
layout
'project'
layout
'project'
skip_before_filter
:project
,
:repository
,
:authenticate_user!
,
only:
[
:show
]
skip_before_filter
:authenticate_user!
,
:reject_blocked!
,
:project
,
:repository
,
only:
[
:show
]
before_filter
:authenticate_user!
,
:reject_blocked!
,
:project
,
:repository
,
only:
[
:show
],
unless: :image?
before_filter
:authorize_uploads
,
only:
[
:show
]
def
create
def
create
link_to_file
=
::
Projects
::
UploadService
.
new
(
project
,
params
[
:file
]).
link_to_file
=
::
Projects
::
UploadService
.
new
(
project
,
params
[
:file
]).
...
@@ -23,32 +22,32 @@ class Projects::UploadsController < Projects::ApplicationController
...
@@ -23,32 +22,32 @@ class Projects::UploadsController < Projects::ApplicationController
end
end
def
show
def
show
uploader
=
get_file
return
not_found!
if
uploader
.
nil?
||
!
uploader
.
file
.
exists?
return
not_found!
if
uploader
.
nil?
||
!
uploader
.
file
.
exists?
disposition
=
uploader
.
image?
?
'inline'
:
'attachment'
disposition
=
uploader
.
image?
?
'inline'
:
'attachment'
send_file
uploader
.
file
.
path
,
disposition:
disposition
send_file
uploader
.
file
.
path
,
disposition:
disposition
end
end
def
get_file
def
uploader
return
@uploader
if
defined?
(
@uploader
)
namespace
=
params
[
:namespace_id
]
namespace
=
params
[
:namespace_id
]
id
=
params
[
:project_id
]
id
=
params
[
:project_id
]
file_project
=
Project
.
find_with_namespace
(
"
#{
namespace
}
/
#{
id
}
"
)
file_project
=
Project
.
find_with_namespace
(
"
#{
namespace
}
/
#{
id
}
"
)
return
nil
if
file_project
.
nil?
if
file_project
.
nil?
@uploader
=
nil
return
end
uploader
=
FileUploader
.
new
(
file_project
,
params
[
:secret
])
@
uploader
=
FileUploader
.
new
(
file_project
,
params
[
:secret
])
uploader
.
retrieve_from_store!
(
params
[
:filename
])
@
uploader
.
retrieve_from_store!
(
params
[
:filename
])
uploader
@
uploader
end
end
def
authorize_uploads
def
image?
uploader
=
get_file
uploader
&&
uploader
.
file
.
exists?
&&
uploader
.
image?
unless
uploader
&&
uploader
.
image?
project
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment