Sha256: 7119a19f231f66f79196308ce746e182023933f3375a082461d440a338a4b201
Contents?: true
Size: 1.52 KB
Versions: 5
Compression:
Stored size: 1.52 KB
Contents
require_dependency "avo/application_controller"
module Avo
class AttachmentsController < ApplicationController
before_action :set_resource_name, only: [:destroy, :create]
before_action :set_resource, only: [:destroy, :create]
before_action :set_record, only: [:destroy, :create]
def create
blob = ActiveStorage::Blob.create_and_upload! io: params[:file], filename: params[:filename]
association_name = BaseResource.valid_attachment_name(@record, params[:attachment_key])
if association_name.blank?
raise ActionController::BadRequest.new("Could not find the attachment association for #{params[:attachment_key]} (check the `attachment_key` for this Trix field)")
end
@record.send(association_name).attach blob
render json: {
url: main_app.url_for(blob),
href: main_app.url_for(blob)
}
end
def destroy
raise Avo::NotAuthorizedError.new unless authorized_to :delete
attachment = ActiveStorage::Attachment.find(params[:attachment_id])
path = resource_path(record: @record, resource: @resource)
if attachment.present?
attachment.destroy
redirect_to params[:referrer] || path, notice: t("avo.attachment_destroyed")
else
redirect_back fallback_location: path, notice: t("avo.failed_to_find_attachment")
end
end
private
def authorized_to(action)
@resource.authorization.authorize_action("#{action}_#{params[:attachment_name]}?", record: @record, raise_exception: false)
end
end
end
Version data entries
5 entries across 5 versions & 1 rubygems