app/controllers/traces/icons_controller.rb

   1 module Traces
   2   class IconsController < ApplicationController
   3     before_action :authorize_web
   4     before_action :check_database_readable
   5
   6     authorize_resource :trace
   7
   8     def show
   9       trace = Trace.visible.find(params[:trace_id])
  10
  11       if trace.inserted?
  12         if trace.public? || (current_user && current_user == trace.user)
  13           if trace.icon.attached?
  14             redirect_to rails_blob_path(trace.icon, :disposition => "inline")
  15           else
  16             expires_in 7.days, :private => !trace.public?, :public => trace.public?
  17             send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => "image/gif", :disposition => "inline")
  18           end
  19         else
  20           head :forbidden
  21         end
  22       else
  23         head :not_found
  24       end
  25     rescue ActiveRecord::RecordNotFound
  26       head :not_found
  27     end
  28   end
  29 end