2007-01-22 07:43:50 -06:00
|
|
|
# Controller responsible for serving files and pictures.
|
|
|
|
|
|
|
|
require 'zip/zip'
|
2010-06-09 11:47:39 -05:00
|
|
|
require 'instiki_stringsupport'
|
2007-01-22 07:43:50 -06:00
|
|
|
|
|
|
|
class FileController < ApplicationController
|
|
|
|
|
|
|
|
layout 'default'
|
|
|
|
|
2009-10-11 14:00:16 -05:00
|
|
|
before_filter :check_authorized
|
|
|
|
before_filter :check_allow_uploads, :dnsbl_check, :except => [:file, :blahtex_png]
|
2007-01-22 07:43:50 -06:00
|
|
|
|
|
|
|
def file
|
2007-05-11 11:47:38 -05:00
|
|
|
@file_name = params['id']
|
|
|
|
if params['file']
|
2009-01-26 01:39:04 -06:00
|
|
|
return unless is_post and check_allow_uploads
|
2007-01-22 07:43:50 -06:00
|
|
|
# form supplied
|
2007-05-11 11:47:38 -05:00
|
|
|
new_file = @web.wiki_files.create(params['file'])
|
2007-01-22 07:43:50 -06:00
|
|
|
if new_file.valid?
|
|
|
|
flash[:info] = "File '#{@file_name}' successfully uploaded"
|
2009-02-18 01:40:11 -06:00
|
|
|
redirect_to(params['referring_page'])
|
2007-01-22 07:43:50 -06:00
|
|
|
else
|
|
|
|
# pass the file with errors back into the form
|
|
|
|
@file = new_file
|
|
|
|
render
|
|
|
|
end
|
|
|
|
else
|
|
|
|
# no form supplied, this is a request to download the file
|
2009-08-28 11:10:34 -05:00
|
|
|
file = @web.files_path.join(@file_name)
|
2009-01-26 01:39:04 -06:00
|
|
|
if File.exists?(file)
|
2009-06-17 21:12:58 -05:00
|
|
|
send_file(file)
|
2007-01-22 07:43:50 -06:00
|
|
|
else
|
2009-01-26 01:39:04 -06:00
|
|
|
return unless check_allow_uploads
|
2007-01-22 07:43:50 -06:00
|
|
|
@file = WikiFile.new(:file_name => @file_name)
|
|
|
|
render
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2009-01-27 11:35:05 -06:00
|
|
|
|
|
|
|
def blahtex_png
|
2009-08-28 11:10:34 -05:00
|
|
|
send_file(@web.blahtex_pngs_path.join(params['id']))
|
2009-01-27 11:35:05 -06:00
|
|
|
end
|
2008-12-31 03:54:23 -06:00
|
|
|
|
2008-12-30 03:03:02 -06:00
|
|
|
def delete
|
|
|
|
@file_name = params['id']
|
|
|
|
file = WikiFile.find_by_file_name(@file_name)
|
|
|
|
unless file
|
|
|
|
flash[:error] = "File '#{@file_name}' not found."
|
|
|
|
redirect_to_page(@page_name)
|
|
|
|
end
|
|
|
|
system_password = params['system_password']
|
|
|
|
if system_password
|
|
|
|
return unless is_post
|
|
|
|
# form supplied
|
|
|
|
if wiki.authenticate(system_password)
|
|
|
|
file.destroy
|
|
|
|
flash[:info] = "File '#{@file_name}' deleted."
|
|
|
|
else
|
|
|
|
flash[:error] = "System Password incorrect."
|
|
|
|
end
|
|
|
|
redirect_to_page(@page_name)
|
|
|
|
else
|
|
|
|
# no system password supplied, display the form
|
|
|
|
end
|
|
|
|
end
|
2007-01-22 07:43:50 -06:00
|
|
|
|
|
|
|
def cancel_upload
|
|
|
|
return_to_last_remembered
|
|
|
|
end
|
|
|
|
|
|
|
|
def import
|
2007-05-11 11:47:38 -05:00
|
|
|
if params['file']
|
2007-01-22 07:43:50 -06:00
|
|
|
@problems = []
|
|
|
|
import_file_name = "#{@web.address}-import-#{Time.now.strftime('%Y-%m-%d-%H-%M-%S')}.zip"
|
2007-05-11 11:47:38 -05:00
|
|
|
import_from_archive(params['file'].path)
|
2007-01-22 07:43:50 -06:00
|
|
|
if @problems.empty?
|
|
|
|
flash[:info] = 'Import successfully finished'
|
|
|
|
else
|
|
|
|
flash[:error] = 'Import finished, but some pages were not imported:<li>' +
|
|
|
|
@problems.join('</li><li>') + '</li>'
|
|
|
|
end
|
|
|
|
return_to_last_remembered
|
|
|
|
else
|
|
|
|
# to template
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
protected
|
2009-06-17 11:17:25 -05:00
|
|
|
|
|
|
|
def check_authorized
|
|
|
|
if authorized? or @web.published?
|
|
|
|
return true
|
|
|
|
else
|
|
|
|
@hide_navigation = true
|
|
|
|
render(:status => 403, :text => 'This web is private', :layout => true)
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
end
|
2007-01-22 07:43:50 -06:00
|
|
|
|
|
|
|
def check_allow_uploads
|
2007-12-30 03:58:57 -06:00
|
|
|
render(:status => 404, :text => "Web #{params['web'].inspect} not found", :layout => 'error') and return false unless @web
|
2009-06-17 11:17:25 -05:00
|
|
|
if @web.allow_uploads? and authorized?
|
2007-01-22 07:43:50 -06:00
|
|
|
return true
|
|
|
|
else
|
2007-03-07 21:06:39 -06:00
|
|
|
@hide_navigation = true
|
|
|
|
render(:status => 403, :text => 'File uploads are blocked by the webmaster', :layout => true)
|
2007-01-22 07:43:50 -06:00
|
|
|
return false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2008-12-30 03:03:02 -06:00
|
|
|
def is_post
|
2010-05-26 14:16:34 -05:00
|
|
|
unless (request.post? || Rails.env.test?)
|
2008-12-30 03:03:02 -06:00
|
|
|
headers['Allow'] = 'POST'
|
|
|
|
render(:status => 405, :text => 'You must use an HTTP POST', :layout => 'error')
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
return true
|
|
|
|
end
|
|
|
|
|
2007-01-22 07:43:50 -06:00
|
|
|
def import_from_archive(archive)
|
|
|
|
logger.info "Importing pages from #{archive}"
|
|
|
|
zip = Zip::ZipInputStream.open(archive)
|
|
|
|
while (entry = zip.get_next_entry) do
|
|
|
|
ext_length = File.extname(entry.name).length
|
2009-09-07 16:02:36 -05:00
|
|
|
page_name = entry.name[0..-(ext_length + 1)].purify
|
|
|
|
page_content = entry.get_input_stream.read.purify
|
2007-01-22 07:43:50 -06:00
|
|
|
logger.info "Processing page '#{page_name}'"
|
|
|
|
begin
|
|
|
|
existing_page = @wiki.read_page(@web.address, page_name)
|
|
|
|
if existing_page
|
|
|
|
if existing_page.content == page_content
|
|
|
|
logger.info "Page '#{page_name}' with the same content already exists. Skipping."
|
|
|
|
next
|
|
|
|
else
|
|
|
|
logger.info "Page '#{page_name}' already exists. Adding a new revision to it."
|
2009-06-02 22:17:15 -05:00
|
|
|
wiki.revise_page(@web.address, page_name, page_name, page_content, Time.now, @author, PageRenderer.new)
|
2007-01-22 07:43:50 -06:00
|
|
|
end
|
|
|
|
else
|
|
|
|
wiki.write_page(@web.address, page_name, page_content, Time.now, @author, PageRenderer.new)
|
|
|
|
end
|
|
|
|
rescue => e
|
|
|
|
logger.error(e)
|
|
|
|
@problems << "#{page_name} : #{e.message}"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
logger.info "Import from #{archive} finished"
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|