debian-mirror-gitlab/app/controllers/concerns/send_file_upload.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

93 lines
3.1 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2018-05-09 12:01:36 +05:30
module SendFileUpload
2018-12-13 13:39:08 +05:30
def send_upload(file_upload, send_params: {}, redirect_params: {}, attachment: nil, proxy: false, disposition: 'attachment')
2020-11-24 15:15:51 +05:30
content_type = content_type_for(attachment)
2018-05-09 12:01:36 +05:30
if attachment
2020-03-13 15:44:24 +05:30
response_disposition = ActionDispatch::Http::ContentDisposition.format(disposition: disposition, filename: attachment)
2019-03-02 22:35:43 +05:30
2018-11-20 20:47:30 +05:30
# Response-Content-Type will not override an existing Content-Type in
# Google Cloud Storage, so the metadata needs to be cleared on GCS for
# this to work. However, this override works with AWS.
2019-03-02 22:35:43 +05:30
redirect_params[:query] = { "response-content-disposition" => response_disposition,
2020-11-24 15:15:51 +05:30
"response-content-type" => content_type }
2018-11-08 19:23:39 +05:30
# By default, Rails will send uploads with an extension of .js with a
# content-type of text/javascript, which will trigger Rails'
# cross-origin JavaScript protection.
send_params[:content_type] = 'text/plain' if File.extname(attachment) == '.js'
2019-03-02 22:35:43 +05:30
2020-03-13 15:44:24 +05:30
send_params.merge!(filename: attachment, disposition: disposition)
2018-05-09 12:01:36 +05:30
end
2020-10-24 23:57:45 +05:30
if image_scaling_request?(file_upload)
location = file_upload.file_storage? ? file_upload.path : file_upload.url
2020-11-24 15:15:51 +05:30
headers.store(*Gitlab::Workhorse.send_scaled_image(location, params[:width].to_i, content_type))
2020-10-24 23:57:45 +05:30
head :ok
elsif file_upload.file_storage?
2018-05-09 12:01:36 +05:30
send_file file_upload.path, send_params
2018-12-13 13:39:08 +05:30
elsif file_upload.class.proxy_download_enabled? || proxy
2018-05-09 12:01:36 +05:30
headers.store(*Gitlab::Workhorse.send_url(file_upload.url(**redirect_params)))
head :ok
else
2023-01-13 00:05:48 +05:30
redirect_to cdn_fronted_url(file_upload, redirect_params)
end
end
def cdn_fronted_url(file, redirect_params)
if file.respond_to?(:cdn_enabled_url)
result = file.cdn_enabled_url(request.remote_ip, redirect_params[:query])
Gitlab::ApplicationContext.push(artifact_used_cdn: result.used_cdn)
result.url
else
file.url(**redirect_params)
2018-05-09 12:01:36 +05:30
end
end
2018-11-20 20:47:30 +05:30
2020-11-24 15:15:51 +05:30
def content_type_for(attachment)
return '' unless attachment
guess_content_type(attachment)
end
2018-11-20 20:47:30 +05:30
def guess_content_type(filename)
types = MIME::Types.type_for(filename)
if types.present?
types.first.content_type
else
"application/octet-stream"
end
end
2020-10-24 23:57:45 +05:30
private
def image_scaling_request?(file_upload)
2023-07-09 08:55:56 +05:30
avatar_safe_for_scaling?(file_upload) || pwa_icon_safe_for_scaling?(file_upload)
2023-04-23 21:23:45 +05:30
end
def pwa_icon_safe_for_scaling?(file_upload)
file_upload.try(:image_safe_for_scaling?) &&
mounted_as_pwa_icon?(file_upload) &&
valid_image_scaling_width?(Appearance::ALLOWED_PWA_ICON_SCALER_WIDTHS)
2020-10-24 23:57:45 +05:30
end
2020-11-24 15:15:51 +05:30
def avatar_safe_for_scaling?(file_upload)
2023-04-23 21:23:45 +05:30
file_upload.try(:image_safe_for_scaling?) &&
mounted_as_avatar?(file_upload) &&
valid_image_scaling_width?(Avatarable::ALLOWED_IMAGE_SCALER_WIDTHS)
2020-11-24 15:15:51 +05:30
end
def mounted_as_avatar?(file_upload)
file_upload.try(:mounted_as)&.to_sym == :avatar
2020-10-24 23:57:45 +05:30
end
2023-04-23 21:23:45 +05:30
def mounted_as_pwa_icon?(file_upload)
file_upload.try(:mounted_as)&.to_sym == :pwa_icon
end
def valid_image_scaling_width?(allowed_scalar_widths)
allowed_scalar_widths.include?(params[:width]&.to_i)
2020-10-24 23:57:45 +05:30
end
2018-05-09 12:01:36 +05:30
end