jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert uploads to pundit.

Browse Source
This commit is contained in:
evazion
2020-03-20 02:59:02 -05:00
parent d51b0dfe17
commit 7f742242e4
3 changed files with 28 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
app/controllers/uploads_controller.rb
View File

@@ -1,9 +1,9 @@
class UploadsController < ApplicationController
before_action :member_only, except: [:index, :show]
respond_to :html, :xml, :json, :js
skip_before_action :verify_authenticity_token, only: [:preprocess]
def new
authorize Upload
@source = Sources::Strategies.find(params[:url], params[:ref]) if params[:url].present?
@upload, @remote_size = UploadService::ControllerHelper.prepare(
url: params[:url], ref: params[:ref]
@@ -12,25 +12,27 @@ class UploadsController < ApplicationController
end
def batch
authorize Upload
@url = params.dig(:batch, :url) || params[:url]
@source = Sources::Strategies.find(@url, params[:ref]) if @url.present?
respond_with(@source)
end
def image_proxy
authorize Upload
resp = ImageProxy.get_image(params[:url])
send_data resp.body, :type => resp.content_type, :disposition => "inline"
end
def index
@uploads = Upload.paginated_search(params, count_pages: true)
@uploads = authorize Upload.paginated_search(params, count_pages: true)
@uploads = @uploads.includes(:uploader, post: :uploader) if request.format.html?
respond_with(@uploads)
end
def show
@upload = Upload.find(params[:id])
@upload = authorize Upload.find(params[:id])
respond_with(@upload) do |format|
format.html do
if @upload.is_completed? && @upload.post_id
@@ -41,14 +43,15 @@ class UploadsController < ApplicationController
end
def preprocess
authorize Upload
@upload, @remote_size = UploadService::ControllerHelper.prepare(
url: upload_params[:source], file: upload_params[:file], ref: upload_params[:referer_url]
url: params.dig(:upload, :source), file: params.dig(:upload, :file), ref: params.dig(:upload, :referer_url),
)
render body: nil
end
def create
@service = UploadService.new(upload_params)
@service = authorize UploadService.new(permitted_attributes(Upload)), policy_class: UploadPolicy
@upload = @service.start!
if @service.warnings.any?
@@ -57,17 +60,4 @@ class UploadsController < ApplicationController
respond_with(@upload)
end
private
def upload_params
permitted_params = %i[
file source tag_string rating status parent_id artist_commentary_title
artist_commentary_desc include_artist_commentary referer_url
md5_confirmation as_pending translated_commentary_title
translated_commentary_desc
]
params.require(:upload).permit(permitted_params)
end
end