Class: Attachment

Inherits:
ActiveRecord::Base
  • Object
show all
Includes:
Redmine::SafeAttributes
Defined in:
app/models/attachment.rb

Constant Summary collapse

@@storage_path =
Redmine::Configuration['attachments_storage_path'] || File.join(Rails.root, "files")
@@thumbnails_storage_path =
File.join(Rails.root, "tmp", "thumbnails")

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Redmine::SafeAttributes

#delete_unsafe_attributes, included, #safe_attribute?, #safe_attribute_names, #safe_attributes=

Class Method Details

.archive_attachments(attachments) ⇒ Object


349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
# File 'app/models/attachment.rb', line 349

def self.archive_attachments(attachments)
  attachments = attachments.select(&:readable?)
  return nil if attachments.blank?

  Zip.unicode_names = true
  archived_file_names = []
  buffer = Zip::OutputStream.write_buffer do |zos|
    attachments.each do |attachment|
      filename = attachment.filename
      # rename the file if a file with the same name already exists
      dup_count = 0
      while archived_file_names.include?(filename)
        dup_count += 1
        extname = File.extname(attachment.filename)
        basename = File.basename(attachment.filename, extname)
        filename = "#{basename}(#{dup_count})#{extname}"
      end
      zos.put_next_entry(filename)
      zos << IO.binread(attachment.diskfile)
      archived_file_names << filename
    end
  end
  buffer.string
ensure
  buffer&.close
end

.attach_files(obj, attachments) ⇒ Object

Bulk attaches a set of files to an object

Returns a Hash of the results: :files => array of the attached files :unsaved => array of the files that could not be attached


304
305
306
307
308
# File 'app/models/attachment.rb', line 304

def self.attach_files(obj, attachments)
  result = obj.save_attachments(attachments, User.current)
  obj.attach_saved_attachments
  result
end

.clear_thumbnailsObject

Deletes all thumbnails


236
237
238
239
240
# File 'app/models/attachment.rb', line 236

def self.clear_thumbnails
  Dir.glob(File.join(thumbnails_storage_path, "*.thumb")).each do |file|
    File.delete file
  end
end

.disk_filename(filename, directory = nil) ⇒ Object

Returns an ASCII or hashed filename that do not exists yet in the given subdirectory


529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
# File 'app/models/attachment.rb', line 529

def disk_filename(filename, directory=nil)
  timestamp = DateTime.now.strftime("%y%m%d%H%M%S")
  ascii = ''
  if %r{^[a-zA-Z0-9_\.\-]*$}.match?(filename) && filename.length <= 50
    ascii = filename
  else
    ascii = Digest::MD5.hexdigest(filename)
    # keep the extension if any
    ascii << $1 if filename =~ %r{(\.[a-zA-Z0-9]+)$}
  end
  while File.exist?(File.join(storage_path, directory.to_s,
                              "#{timestamp}_#{ascii}"))
    timestamp.succ!
  end
  "#{timestamp}_#{ascii}"
end

.extension_in?(extension, extensions) ⇒ Boolean

Returns true if extension belongs to extensions list.

Returns:

  • (Boolean)

444
445
446
447
448
449
450
451
452
# File 'app/models/attachment.rb', line 444

def self.extension_in?(extension, extensions)
  extension = extension.downcase.sub(/\A\.+/, '')

  unless extensions.is_a?(Array)
    extensions = extensions.to_s.split(",").map(&:strip)
  end
  extensions = extensions.map {|s| s.downcase.sub(/\A\.+/, '')}.reject(&:blank?)
  extensions.include?(extension)
end

.find_by_token(token) ⇒ Object

Finds an attachment that matches the given token and that has no container


289
290
291
292
293
294
295
296
297
# File 'app/models/attachment.rb', line 289

def self.find_by_token(token)
  if token.to_s =~ /^(\d+)\.([0-9a-f]+)$/
    attachment_id, attachment_digest = $1, $2
    attachment = Attachment.find_by(:id => attachment_id, :digest => attachment_digest)
    if attachment && attachment.container.nil?
      attachment
    end
  end
end

.latest_attach(attachments, filename) ⇒ Object


339
340
341
342
343
# File 'app/models/attachment.rb', line 339

def self.latest_attach(attachments, filename)
  attachments.sort_by(&:created_on).reverse.detect do |att|
    filename.casecmp(att.filename) == 0
  end
end

.move_from_root_to_target_directoryObject

Moves existing attachments that are stored at the root of the files directory (ie. created before Redmine 2.3) to their target subdirectories


401
402
403
404
405
# File 'app/models/attachment.rb', line 401

def self.move_from_root_to_target_directory
  Attachment.where("disk_directory IS NULL OR disk_directory = ''").find_each do |attachment|
    attachment.move_to_target_directory!
  end
end

.prune(age = 1.day) ⇒ Object


345
346
347
# File 'app/models/attachment.rb', line 345

def self.prune(age=1.day)
  Attachment.where("created_on < ? AND (container_type IS NULL OR container_type = '')", Time.now - age).destroy_all
end

.update_attachments(attachments, params) ⇒ Object

Updates the filename and description of a set of attachments with the given hash of attributes. Returns true if all attachments were updated.

Example:

Attachment.update_attachments(attachments, {
  4 => {:filename => 'foo'},
  7 => {:filename => 'bar', :description => 'file description'}
})

320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
# File 'app/models/attachment.rb', line 320

def self.update_attachments(attachments, params)
  params = params.transform_keys {|key| key.to_i}

  saved = true
  transaction do
    attachments.each do |attachment|
      if p = params[attachment.id]
        attachment.filename = p[:filename] if p.key?(:filename)
        attachment.description = p[:description] if p.key?(:description)
        saved &&= attachment.save
      end
    end
    unless saved
      raise ActiveRecord::Rollback
    end
  end
  saved
end

.update_digests_to_sha256Object

Updates digests to SHA256 for all attachments that have a MD5 digest (ie. created before Redmine 3.4)


409
410
411
412
413
# File 'app/models/attachment.rb', line 409

def self.update_digests_to_sha256
  Attachment.where("length(digest) < 64").find_each do |attachment|
    attachment.update_digest_to_sha256!
  end
end

.valid_extension?(extension) ⇒ Boolean

Returns true if the extension is allowed regarding allowed/denied extensions defined in application settings, otherwise false

Returns:

  • (Boolean)

430
431
432
433
434
435
436
437
438
439
440
441
# File 'app/models/attachment.rb', line 430

def self.valid_extension?(extension)
  denied, allowed = [:attachment_extensions_denied, :attachment_extensions_allowed].map do |setting|
    Setting.send(setting)
  end
  if denied.present? && extension_in?(extension, denied)
    return false
  end
  if allowed.present? && !extension_in?(extension, allowed)
    return false
  end
  true
end

Instance Method Details

#copy(attributes = nil) ⇒ Object

Returns an unsaved copy of the attachment


66
67
68
69
70
71
# File 'app/models/attachment.rb', line 66

def copy(attributes=nil)
  copy = self.class.new
  copy.attributes = self.attributes.dup.except("id", "downloads")
  copy.attributes = attributes if attributes
  copy
end

#deletable?(user = User.current) ⇒ Boolean

Returns:

  • (Boolean)

192
193
194
195
196
197
198
# File 'app/models/attachment.rb', line 192

def deletable?(user=User.current)
  if container_id
    container && container.attachments_deletable?(user)
  else
    author == user
  end
end

#delete_from_diskObject

Deletes the file from the file system if it's not referenced by other attachments


149
150
151
152
153
# File 'app/models/attachment.rb', line 149

def delete_from_disk
  if Attachment.where("disk_filename = ? AND id <> ?", disk_filename, id).empty?
    delete_from_disk!
  end
end

#digest_typeObject

returns either MD5 or SHA256 depending on the way self.digest was computed


460
461
462
# File 'app/models/attachment.rb', line 460

def digest_type
  digest.size < 64 ? "MD5" : "SHA256" if digest.present?
end

#diskfileObject

Returns file's location on disk


156
157
158
# File 'app/models/attachment.rb', line 156

def diskfile
  File.join(self.class.storage_path, disk_directory.to_s, disk_filename.to_s)
end

#editable?(user = User.current) ⇒ Boolean

Returns:

  • (Boolean)

184
185
186
187
188
189
190
# File 'app/models/attachment.rb', line 184

def editable?(user=User.current)
  if container_id
    container && container.attachments_editable?(user)
  else
    author == user
  end
end

#extension_in?(extensions) ⇒ Boolean

Returns true if attachment's extension belongs to extensions list.

Returns:

  • (Boolean)

455
456
457
# File 'app/models/attachment.rb', line 455

def extension_in?(extensions)
  self.class.extension_in?(File.extname(filename), extensions)
end

#fileObject


102
103
104
# File 'app/models/attachment.rb', line 102

def file
  nil
end

#file=(incoming_file) ⇒ Object


88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'app/models/attachment.rb', line 88

def file=(incoming_file)
  unless incoming_file.nil?
    @temp_file = incoming_file
    if @temp_file.respond_to?(:original_filename)
      self.filename = @temp_file.original_filename
      self.filename.force_encoding("UTF-8")
    end
    if @temp_file.respond_to?(:content_type)
      self.content_type = @temp_file.content_type.to_s.chomp
    end
    self.filesize = @temp_file.size
  end
end

#filename=(arg) ⇒ Object


106
107
108
109
# File 'app/models/attachment.rb', line 106

def filename=(arg)
  write_attribute :filename, sanitize_filename(arg.to_s)
  filename
end

#files_to_final_locationObject

Copies the temporary file to its final location and computes its MD5 hash


113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# File 'app/models/attachment.rb', line 113

def files_to_final_location
  if @temp_file
    self.disk_directory = target_directory
    self.disk_filename = Attachment.disk_filename(filename, disk_directory)
    logger.info("Saving attachment '#{self.diskfile}' (#{@temp_file.size} bytes)") if logger
    path = File.dirname(diskfile)
    unless File.directory?(path)
      FileUtils.mkdir_p(path)
    end
    sha = Digest::SHA256.new
    File.open(diskfile, "wb") do |f|
      if @temp_file.respond_to?(:read)
        buffer = ""
        while (buffer = @temp_file.read(8192))
          f.write(buffer)
          sha.update(buffer)
        end
      else
        f.write(@temp_file)
        sha.update(@temp_file)
      end
    end
    self.digest = sha.hexdigest
  end
  @temp_file = nil

  if content_type.blank? && filename.present?
    self.content_type = Redmine::MimeType.of(filename)
  end
  # Don't save the content type if it's longer than the authorized length
  if self.content_type && self.content_type.length > 255
    self.content_type = nil
  end
end

#image?Boolean

Returns:

  • (Boolean)

200
201
202
# File 'app/models/attachment.rb', line 200

def image?
  !!(self.filename =~ /\.(bmp|gif|jpg|jpe|jpeg|png)$/i)
end

#increment_downloadObject


168
169
170
# File 'app/models/attachment.rb', line 168

def increment_download
  increment!(:downloads)
end

#is_audio?Boolean

Returns:

  • (Boolean)

270
271
272
# File 'app/models/attachment.rb', line 270

def is_audio?
  Redmine::MimeType.is_type?('audio', filename)
end

#is_diff?Boolean

Returns:

  • (Boolean)

258
259
260
# File 'app/models/attachment.rb', line 258

def is_diff?
  /\.(patch|diff)$/i.match?(filename)
end

#is_image?Boolean

Returns:

  • (Boolean)

254
255
256
# File 'app/models/attachment.rb', line 254

def is_image?
  Redmine::MimeType.is_type?('image', filename)
end

#is_markdown?Boolean

Returns:

  • (Boolean)

246
247
248
# File 'app/models/attachment.rb', line 246

def is_markdown?
  Redmine::MimeType.of(filename) == 'text/markdown'
end

#is_pdf?Boolean

Returns:

  • (Boolean)

262
263
264
# File 'app/models/attachment.rb', line 262

def is_pdf?
  Redmine::MimeType.of(filename) == "application/pdf"
end

#is_text?Boolean

Returns:

  • (Boolean)

242
243
244
# File 'app/models/attachment.rb', line 242

def is_text?
  Redmine::MimeType.is_type?('text', filename) || Redmine::SyntaxHighlighting.filename_supported?(filename)
end

#is_textile?Boolean

Returns:

  • (Boolean)

250
251
252
# File 'app/models/attachment.rb', line 250

def is_textile?
  Redmine::MimeType.of(filename) == 'text/x-textile'
end

#is_video?Boolean

Returns:

  • (Boolean)

266
267
268
# File 'app/models/attachment.rb', line 266

def is_video?
  Redmine::MimeType.is_type?('video', filename)
end

#move_to_target_directory!Object

Moves an existing attachment to its target directory


377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
# File 'app/models/attachment.rb', line 377

def move_to_target_directory!
  return unless !new_record? & readable?

  src = diskfile
  self.disk_directory = target_directory
  dest = diskfile

  return if src == dest

  if !FileUtils.mkdir_p(File.dirname(dest))
    logger.error "Could not create directory #{File.dirname(dest)}" if logger
    return
  end

  if !FileUtils.mv(src, dest)
    logger.error "Could not move attachment from #{src} to #{dest}" if logger
    return
  end

  update_column :disk_directory, disk_directory
end

#previewable?Boolean

Returns:

  • (Boolean)

274
275
276
# File 'app/models/attachment.rb', line 274

def previewable?
  is_text? || is_image? || is_video? || is_audio?
end

#projectObject


172
173
174
# File 'app/models/attachment.rb', line 172

def project
  container.try(:project)
end

#readable?Boolean

Returns true if the file is readable

Returns:

  • (Boolean)

279
280
281
# File 'app/models/attachment.rb', line 279

def readable?
  disk_filename.present? && File.readable?(diskfile)
end

#thumbnail(options = {}) ⇒ Object

Returns the full path the attachment thumbnail, or nil if the thumbnail cannot be generated.


212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
# File 'app/models/attachment.rb', line 212

def thumbnail(options={})
  if thumbnailable? && readable?
    size = options[:size].to_i
    if size > 0
      # Limit the number of thumbnails per image
      size = (size / 50.0).ceil * 50
      # Maximum thumbnail size
      size = 800 if size > 800
    else
      size = Setting.thumbnails_size.to_i
    end
    size = 100 unless size > 0
    target = thumbnail_path(size)

    begin
      Redmine::Thumbnail.generate(self.diskfile, target, size, is_pdf?)
    rescue => e
      logger.error "An error occured while generating thumbnail for #{disk_filename} to #{target}\nException was: #{e.message}" if logger
      return nil
    end
  end
end

#thumbnailable?Boolean

Returns:

  • (Boolean)

204
205
206
207
208
# File 'app/models/attachment.rb', line 204

def thumbnailable?
  Redmine::Thumbnail.convert_available? && (
    image? || (is_pdf? && Redmine::Thumbnail.gs_available?)
  )
end

#titleObject


160
161
162
163
164
165
166
# File 'app/models/attachment.rb', line 160

def title
  title = filename.dup
  if description.present?
    title << " (#{description})"
  end
  title
end

#tokenObject

Returns the attachment token


284
285
286
# File 'app/models/attachment.rb', line 284

def token
  "#{id}.#{digest}"
end

#update_digest_to_sha256!Object

Updates attachment digest to SHA256


416
417
418
419
420
421
422
423
424
425
426
# File 'app/models/attachment.rb', line 416

def update_digest_to_sha256!
  if readable?
    sha = Digest::SHA256.new
    File.open(diskfile, 'rb') do |f|
      while buffer = f.read(8192)
        sha.update(buffer)
      end
    end
    update_column :digest, sha.hexdigest
  end
end

#validate_file_extensionObject


79
80
81
82
83
84
85
86
# File 'app/models/attachment.rb', line 79

def validate_file_extension
  if @temp_file
    extension = File.extname(filename)
    unless self.class.valid_extension?(extension)
      errors.add(:base, l(:error_attachment_extension_not_allowed, :extension => extension))
    end
  end
end

#validate_max_file_sizeObject


73
74
75
76
77
# File 'app/models/attachment.rb', line 73

def validate_max_file_size
  if @temp_file && self.filesize > Setting.attachment_max_size.to_i.kilobytes
    errors.add(:base, l(:error_attachment_too_big, :max_size => Setting.attachment_max_size.to_i.kilobytes))
  end
end

#visible?(user = User.current) ⇒ Boolean

Returns:

  • (Boolean)

176
177
178
179
180
181
182
# File 'app/models/attachment.rb', line 176

def visible?(user=User.current)
  if container_id
    container && container.attachments_visible?(user)
  else
    author == user
  end
end