class AttachmentsController < ApplicationController
before_action :find_attachment, :only => [:show, :download, :thumbnail, :destroy]
- before_action :find_editable_attachments, :only => [:edit, :update]
+ before_action :find_editable_attachments, :only => [:edit_all, :update_all]
before_action :file_readable, :read_authorize, :only => [:show, :download, :thumbnail]
before_action :delete_authorize, :only => :destroy
before_action :authorize_global, :only => :upload
# MIME type text/javascript.
skip_after_filter :verify_same_origin_request, :only => :download
- accept_api_auth :show, :download, :thumbnail, :upload, :destroy
+ accept_api_auth :show, :download, :thumbnail, :upload, :update, :destroy
def show
respond_to do |format|
end
end
- def edit
+ # Edit all the attachments of a container
+ def edit_all
end
- def update
+ # Update all the attachments of a container
+ def update_all
if params[:attachments].is_a?(Hash)
if Attachment.update_attachments(@attachments, params[:attachments])
redirect_back_or_default home_path
return
end
end
- render :action => 'edit'
+ render :action => 'edit_all'
end
def destroy
+++ /dev/null
-<h2><%= l(:label_edit_attachments) %></h2>
-
-<%= error_messages_for *@attachments %>
-
-<%= form_tag(container_attachments_path(@container), :method => 'patch') do %>
- <%= back_url_hidden_field_tag %>
- <div class="box attachments">
- <table>
- <% @attachments.each do |attachment| %>
- <tr>
- <td colspan="2">
- <span class="icon icon-attachment"><%= attachment.filename_was %></span>
- <span class="size">(<%= number_to_human_size attachment.filesize %>)</span>
- <span class="author"><%= attachment.author %>, <%= format_time(attachment.created_on) %></span>
- </td>
- </tr>
- <tr id="attachment-<%= attachment.id %>">
- <td><%= text_field_tag "attachments[#{attachment.id}][filename]", attachment.filename, :size => 40 %></td>
- <td>
- <%= text_field_tag "attachments[#{attachment.id}][description]", attachment.description, :size => 80, :placeholder => l(:label_optional_description) %>
- </td>
- </tr>
- <% end %>
- </table>
- </div>
- <p>
- <%= submit_tag l(:button_save) %>
- <%= link_to l(:button_cancel), back_url if back_url.present? %>
- </p>
-<% end %>
--- /dev/null
+<h2><%= l(:label_edit_attachments) %></h2>
+
+<%= error_messages_for *@attachments %>
+
+<%= form_tag(container_attachments_path(@container), :method => 'patch') do %>
+ <%= back_url_hidden_field_tag %>
+ <div class="box attachments">
+ <table>
+ <% @attachments.each do |attachment| %>
+ <tr>
+ <td colspan="2">
+ <span class="icon icon-attachment"><%= attachment.filename_was %></span>
+ <span class="size">(<%= number_to_human_size attachment.filesize %>)</span>
+ <span class="author"><%= attachment.author %>, <%= format_time(attachment.created_on) %></span>
+ </td>
+ </tr>
+ <tr id="attachment-<%= attachment.id %>">
+ <td><%= text_field_tag "attachments[#{attachment.id}][filename]", attachment.filename, :size => 40 %></td>
+ <td>
+ <%= text_field_tag "attachments[#{attachment.id}][description]", attachment.description, :size => 80, :placeholder => l(:label_optional_description) %>
+ </td>
+ </tr>
+ <% end %>
+ </table>
+ </div>
+ <p>
+ <%= submit_tag l(:button_save) %>
+ <%= link_to l(:button_cancel), back_url if back_url.present? %>
+ </p>
+<% end %>
get 'attachments/download/:id', :to => 'attachments#download', :id => /\d+/
get 'attachments/thumbnail/:id(/:size)', :to => 'attachments#thumbnail', :id => /\d+/, :size => /\d+/, :as => 'thumbnail'
resources :attachments, :only => [:show, :destroy]
- get 'attachments/:object_type/:object_id/edit', :to => 'attachments#edit', :as => :object_attachments_edit
- patch 'attachments/:object_type/:object_id', :to => 'attachments#update', :as => :object_attachments
+ get 'attachments/:object_type/:object_id/edit', :to => 'attachments#edit_all', :as => :object_attachments_edit
+ patch 'attachments/:object_type/:object_id', :to => 'attachments#update_all', :as => :object_attachments
resources :groups do
resources :memberships, :controller => 'principal_memberships'
puts '(ImageMagick convert not available)'
end
- def test_edit
+ def test_edit_all
@request.session[:user_id] = 2
- get :edit, :object_type => 'issues', :object_id => '2'
+ get :edit_all, :object_type => 'issues', :object_id => '2'
assert_response :success
assert_select 'form[action=?]', '/attachments/issues/2' do
end
end
- def test_edit_invalid_container_class_should_return_404
- get :edit, :object_type => 'nuggets', :object_id => '3'
+ def test_edit_all_with_invalid_container_class_should_return_404
+ get :edit_all, :object_type => 'nuggets', :object_id => '3'
assert_response 404
end
- def test_edit_invalid_object_should_return_404
- get :edit, :object_type => 'issues', :object_id => '999'
+ def test_edit_all_with_invalid_object_should_return_404
+ get :edit_all, :object_type => 'issues', :object_id => '999'
assert_response 404
end
- def test_edit_for_object_that_is_not_visible_should_return_403
- get :edit, :object_type => 'issues', :object_id => '4'
+ def test_edit_all_for_object_that_is_not_visible_should_return_403
+ get :edit_all, :object_type => 'issues', :object_id => '4'
assert_response 403
end
- def test_update
+ def test_update_all
@request.session[:user_id] = 2
- patch :update, :object_type => 'issues', :object_id => '2', :attachments => {
+ patch :update_all, :object_type => 'issues', :object_id => '2', :attachments => {
'1' => {:filename => 'newname.text', :description => ''},
'4' => {:filename => 'newname.rb', :description => 'Renamed'},
}
assert_equal 'Renamed', attachment.description
end
- def test_update_with_failure
+ def test_update_all_with_failure
@request.session[:user_id] = 2
- patch :update, :object_type => 'issues', :object_id => '3', :attachments => {
+ patch :update_all, :object_type => 'issues', :object_id => '3', :attachments => {
'1' => {:filename => '', :description => ''},
'4' => {:filename => 'newname.rb', :description => 'Renamed'},
}
projects / redmine.git / commitdiff