diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2014-11-29 13:41:53 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2014-11-29 13:41:53 +0000 |
| commit | 288c014aa7aa608751dbafeb2c8b358f2fec5c22 (patch) | |
| tree | 68a5705092edc501641630fa960cee368d27ca88 /app/controllers/attachments_controller.rb | |
| parent | 3c7f638a834d6d9717e3d8babe3bab6af5100994 (diff) | |
| download | redmine-288c014aa7aa608751dbafeb2c8b358f2fec5c22.tar.gz redmine-288c014aa7aa608751dbafeb2c8b358f2fec5c22.zip | |
Edit attachments after upload (#1326).
git-svn-id: http://svn.redmine.org/redmine/trunk@13665 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/attachments_controller.rb')
| -rw-r--r-- | app/controllers/attachments_controller.rb | 42 |
1 files changed, 39 insertions, 3 deletions
diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb index b7f856a1a..924e9a186 100644 --- a/app/controllers/attachments_controller.rb +++ b/app/controllers/attachments_controller.rb @@ -16,7 +16,8 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. class AttachmentsController < ApplicationController - before_filter :find_project, :except => :upload + before_filter :find_attachment, :only => [:show, :download, :thumbnail, :destroy] + before_filter :find_editable_attachments, :only => [:edit, :update] before_filter :file_readable, :read_authorize, :only => [:show, :download, :thumbnail] before_filter :delete_authorize, :only => :destroy before_filter :authorize_global, :only => :upload @@ -99,6 +100,19 @@ class AttachmentsController < ApplicationController end end + def edit + end + + def update + if params[:attachments].is_a?(Hash) + if Attachment.update_attachments(@attachments, params[:attachments]) + redirect_back_or_default home_path + return + end + end + render :action => 'edit' + end + def destroy if @attachment.container.respond_to?(:init_journal) @attachment.container.init_journal(User.current) @@ -116,8 +130,9 @@ class AttachmentsController < ApplicationController end end -private - def find_project + private + + def find_attachment @attachment = Attachment.find(params[:id]) # Show 404 if the filename in the url is wrong raise ActiveRecord::RecordNotFound if params[:filename] && params[:filename] != @attachment.filename @@ -126,6 +141,27 @@ private render_404 end + def find_editable_attachments + klass = params[:object_type].to_s.singularize.classify.constantize rescue nil + unless klass && klass.reflect_on_association(:attachments) + render_404 + return + end + + @container = klass.find(params[:object_id]) + if @container.respond_to?(:visible?) && !@container.visible? + render_403 + return + end + @attachments = @container.attachments.select(&:editable?) + if @container.respond_to?(:project) + @project = @container.project + end + render_404 if @attachments.empty? + rescue ActiveRecord::RecordNotFound + render_404 + end + # Checks that the file exists and is readable def file_readable if @attachment.readable? |