29 lines
867 B
Ruby
29 lines
867 B
Ruby
module Traces
|
|
class IconsController < ApplicationController
|
|
before_action :authorize_web
|
|
before_action :check_database_readable
|
|
|
|
authorize_resource :trace
|
|
|
|
def show
|
|
trace = Trace.visible.find(params[:trace_id])
|
|
|
|
if trace.inserted?
|
|
if trace.public? || (current_user && current_user == trace.user)
|
|
if trace.icon.attached?
|
|
redirect_to rails_blob_path(trace.icon, :disposition => "inline")
|
|
else
|
|
expires_in 7.days, :private => !trace.public?, :public => trace.public?
|
|
send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => "image/gif", :disposition => "inline")
|
|
end
|
|
else
|
|
head :forbidden
|
|
end
|
|
else
|
|
head :not_found
|
|
end
|
|
rescue ActiveRecord::RecordNotFound
|
|
head :not_found
|
|
end
|
|
end
|
|
end
|