Blocking of file uploads by admin

2005-01-24 01:04:00 +00:00 · 2005-01-24 01:04:00 +00:00 · b747b611b3
parent 6c020342a3
commit b747b611b3
2 changed files with 23 additions and 0 deletions
--- a/app/controllers/file_controller.rb
+++ b/app/controllers/file_controller.rb
@ -5,6 +5,8 @@ require 'instiki_errors'
 class FileController < ApplicationController

  layout 'default'
+  
+  before_filter :check_allow_uploads

  def file
    check_path
@ -43,6 +45,17 @@ class FileController < ApplicationController
    end
  end

+
+  protected
+  
+  def check_allow_uploads
+    unless @web.allow_uploads
+      render_text 'File uploads are blocked by the webmaster', '403 Forbidden'
+      return false
+    end
+  end
+
+
  private 
  
  def check_path
--- a/test/functional/file_controller_test.rb
+++ b/test/functional/file_controller_test.rb
@ -114,4 +114,14 @@ class FileControllerTest < Test::Unit::TestCase
        @home.display_content
  end

+  def test_uploads_blocking
+    @web.allow_uploads = true
+    r = process 'file', 'web' => 'wiki1', 'id' => 'filename'
+    assert_success
+
+    @web.allow_uploads = false
+    r = process 'file', 'web' => 'wiki1', 'id' => 'filename'
+    assert_equal '403 Forbidden', r.headers['Status']
+  end
+
 end