Skip to content
Snippets Groups Projects
Commit 6efe1514 authored by Mauricio Giacomini Girardello's avatar Mauricio Giacomini Girardello
Browse files

adding whitelist params for chunks controller

parent 4594ae2d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/controllers/chunks_controller.rb
+ 18
9
View file @ 6efe1514
...@@ -5,7 +5,7 @@ class ChunksController < ApplicationController ...@@ -5,7 +5,7 @@ class ChunksController < ApplicationController
#GET /chunk #GET /chunk
def show def show
chunk = resumable_chunk params[:resumableChunkNumber] chunk = resumable_chunk chunk_number
if File.exists?(chunk) if File.exists?(chunk)
post_file_and_create_thumbnail @learning_object, resumable_filename if last_chunk? post_file_and_create_thumbnail @learning_object, resumable_filename if last_chunk?
...@@ -29,7 +29,7 @@ class ChunksController < ApplicationController ...@@ -29,7 +29,7 @@ class ChunksController < ApplicationController
end end
#Move the uploaded chunk to the directory #Move the uploaded chunk to the directory
FileUtils.mv params[:file].tempfile, chunk FileUtils.mv chunk_tmpfile, chunk
#Concatenate all the partial files into the original file #Concatenate all the partial files into the original file
#When all chunks are uploaded #When all chunks are uploaded
...@@ -37,7 +37,7 @@ class ChunksController < ApplicationController ...@@ -37,7 +37,7 @@ class ChunksController < ApplicationController
#Create a target file #Create a target file
File.open(resumable_filename, "a") do |target| File.open(resumable_filename, "a") do |target|
#Loop trough the chunks #Loop trough the chunks
for i in 1..params[:resumableChunkNumber].to_i for i in 1..chunk_number
#Select the chunk #Select the chunk
chunk = File.open(resumable_chunk(i), 'r').read chunk = File.open(resumable_chunk(i), 'r').read
...@@ -65,20 +65,24 @@ class ChunksController < ApplicationController ...@@ -65,20 +65,24 @@ class ChunksController < ApplicationController
publisher.post learning_object, filename publisher.post learning_object, filename
end end
def chunk_tmpfile
chunks_params[:file].tempfile
end
def last_chunk? def last_chunk?
chunk_number == total_chunks chunk_number == total_chunks
end end
def chunk_size def chunk_size
params[:resumableChunkSize].to_i chunks_params[:resumableChunkSize].to_i
end end
def total_chunks def total_chunks
params[:resumableTotalChunks].to_i chunks_params[:resumableTotalChunks].to_i
end end
def chunk_number def chunk_number
params[:resumableChunkNumber].to_i chunks_params[:resumableChunkNumber].to_i
end end
def resumable_chunk(part) def resumable_chunk(part)
...@@ -86,14 +90,19 @@ class ChunksController < ApplicationController ...@@ -86,14 +90,19 @@ class ChunksController < ApplicationController
end end
def resumable_filename def resumable_filename
"#{dir}/#{params[:resumableFilename]}" "#{dir}/#{chunks_params[:resumableFilename]}"
end end
def dir def dir
"/tmp/#{params[:resumableIdentifier]}" "/tmp/#{chunks_params[:resumableIdentifier]}"
end end
def set_learning_object def set_learning_object
@learning_object = LearningObject.find params[:learning_object_id] @learning_object = LearningObject.find chunks_params[:learning_object_id]
end
# Never trust parameters from the scary internet, only allow the white list through.
def chunks_params
params.permit(:file, :learning_object_id, :resumableIdentifier, :resumableFilename, :resumableChunkNumber, :resumableTotalChunks, :resumableChunkSize)
end end
end end
app/services/thumbnail_service.rb
+ 0
5
View file @ 6efe1514
...@@ -10,9 +10,4 @@ class ThumbnailService ...@@ -10,9 +10,4 @@ class ThumbnailService
end end
end end
#def update_object_thumbnail(media, object_id)
# lo = LearningObject.find(object_id)
# lo.thumbnail = media
# lo.save!
#end
end end
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment