From 8bc9d2abdff3cfc7288ceff85962c90fcca61c43 Mon Sep 17 00:00:00 2001
From: Go MAEDA <maeda@farend.jp>
Date: Thu, 20 Oct 2022 04:14:26 +0000
Subject: Simplify AttachmentsController#find_container (#37772).
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Patch by  Jens Krämer.


git-svn-id: https://svn.redmine.org/redmine/trunk@21907 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/controllers/attachments_controller.rb | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb
index 612e070d2..210cd7ba4 100644
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -219,19 +219,10 @@ class AttachmentsController < ApplicationController
   end
 
   def find_container
-    klass =
-      begin
-        params[:object_type].to_s.singularize.classify.constantize
-      rescue
-        nil
-      end
-    unless klass && (klass.reflect_on_association(:attachments) || klass.method_defined?(:attachments))
-      render_404
-      return
-    end
-
+    # object_type is constrained to valid values in routes
+    klass = params[:object_type].to_s.singularize.classify.constantize
     @container = klass.find(params[:object_id])
-    if @container.respond_to?(:visible?) && !@container.visible?
+    unless @container.visible?
       render_403
       return
     end
-- 
cgit v1.2.3