diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-02-23 10:01:16 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-02-23 10:01:16 +0000 |
| commit | 77626ef6fbf2df028ccf01f6a72e459bfc70e2ab (patch) | |
| tree | 226c3c315e1f3d3162dfac14535821156c703532 /app/controllers | |
| parent | d086683b17665719aa352074288b90ba954e6db0 (diff) | |
| download | redmine-77626ef6fbf2df028ccf01f6a72e459bfc70e2ab.tar.gz redmine-77626ef6fbf2df028ccf01f6a72e459bfc70e2ab.zip | |
Adds support for adding attachments to issues through the REST API (#8171).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@8928 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/attachments_controller.rb | 30 | ||||
| -rw-r--r-- | app/controllers/issues_controller.rb | 4 |
2 files changed, 29 insertions, 5 deletions
diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb index 53ff69ba8..e6fa8a8a8 100644 --- a/app/controllers/attachments_controller.rb +++ b/app/controllers/attachments_controller.rb @@ -16,11 +16,12 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. class AttachmentsController < ApplicationController - before_filter :find_project - before_filter :file_readable, :read_authorize, :except => :destroy + before_filter :find_project, :except => :upload + before_filter :file_readable, :read_authorize, :only => [:show, :download] before_filter :delete_authorize, :only => :destroy + before_filter :authorize_global, :only => :upload - accept_api_auth :show, :download + accept_api_auth :show, :download, :upload def show respond_to do |format| @@ -58,6 +59,29 @@ class AttachmentsController < ApplicationController end + def upload + # Make sure that API users get used to set this content type + # as it won't trigger Rails' automatic parsing of the request body for parameters + unless request.content_type == 'application/octet-stream' + render :nothing => true, :status => 406 + return + end + + @attachment = Attachment.new(:file => request.body) + @attachment.author = User.current + @attachment.filename = "test" #ActiveSupport::SecureRandom.hex(16) + + if @attachment.save + respond_to do |format| + format.api { render :action => 'upload', :status => :created } + end + else + respond_to do |format| + format.api { render_validation_errors(@attachment) } + end + end + end + verify :method => :delete, :only => :destroy def destroy # Make sure association callbacks are called diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index 7adad0008..e8ff416b7 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -149,7 +149,7 @@ class IssuesController < ApplicationController def create call_hook(:controller_issues_new_before_save, { :params => params, :issue => @issue }) - @issue.save_attachments(params[:attachments]) + @issue.save_attachments(params[:attachments] || (params[:issue] && params[:issue][:uploads])) if @issue.save call_hook(:controller_issues_new_after_save, { :params => params, :issue => @issue}) respond_to do |format| @@ -181,7 +181,7 @@ class IssuesController < ApplicationController def update return unless update_issue_from_params - @issue.save_attachments(params[:attachments]) + @issue.save_attachments(params[:attachments] || (params[:issue] && params[:issue][:uploads])) saved = false begin saved = @issue.save_issue_with_child_records(params, @time_entry) |