Autolab/app/controllers/attachments_controller.rb at ca1e0a9094b77c2525ef3aacc0c56085893deb6d · autolab/Autolab · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
##
# Attachments can be either assessment or course-specific.
# This controller handles both types, setting @is_assessment to distinguish the two
#
class AttachmentsController < ApplicationController
  # inherited from ApplicationController
  # this will also set an @is_assessment variable based on the result of is_assessment?
  before_action :set_assessment, if: :assessment?
  before_action :set_attachment, except: %i[index new create]
  before_action :add_attachments_breadcrumb

  rescue_from ActionView::MissingTemplate do |_exception|
    redirect_to("/home/error_404")
  end

  action_auth_level :index, :instructor
  def index
    @attachments = @is_assessment ? @assessment.attachments : @course.attachments
  end

  action_auth_level :new, :instructor
  def new
    @attachment = Attachment.new
  end

  action_auth_level :create, :instructor
  def create
    @attachment = if @is_assessment
                    @course.attachments.new(assessment_id: @assessment.id)
                  else
                    @course.attachments.new
                  end

    update
  end

  action_auth_level :show, :student
  def show
    filename = Rails.root.join("attachments", @attachment.filename)
    unless File.exist?(filename)
      COURSE_LOGGER.log("Cannot find the file '#{@attachment.filename}' for"\
                        " attachment #{@attachment.name}")

      flash[:error] = "Error loading #{@attachment.name} from #{@attachment.filename}"
      redirect_to([@course, :attachments]) && return
    end
    if @cud.instructor? || @attachment.released?
      # Set to application/octet-stream to force download
      send_file(filename, disposition: "inline",
                          type: "application/octet-stream",
                          filename: @attachment.filename) && return
    end

    flash[:error] = "You are unauthorized to view this attachment"
    redirect_to([@course, @assessment])
  end

  action_auth_level :edit, :instructor
  def edit; end

  action_auth_level :update, :instructor
  def update
    if @attachment.update(attachment_params)
      # is successful
      flash[:success] = "Attachment updated"
      redirect_to_attachment_list && return
    else
      # not successful, go back to edit page
      error_msg = "Attachment update failed:"
      if !@attachment.valid?
        @attachment.errors.full_messages.each do |msg|
          error_msg += "<br>#{msg}"
        end
      else
        error_msg += "<br>Unknown error"
      end
      flash[:error] = error_msg
      COURSE_LOGGER.log("Failed to update attachment: #{error_msg}")

      if @is_assessment
        redirect_to([:edit, @course, @assessment, @attachment]) && return
      end

      redirect_to([:edit, @course, @attachment]) && return
    end
  end

  action_auth_level :destroy, :instructor
  def destroy
    @attachment.destroy
    flash[:success] = "Attachment deleted"
    redirect_to_attachment_list && return
  end

private

  def assessment?
    @is_assessment = params.key?(:assessment_name)
  end

  def set_attachment
    @attachment = if @is_assessment
                    @course.attachments.find_by(assessment_id: @assessment.id, id: params[:id])
                  else
                    @course.attachments.find(params[:id])
                  end

    return unless @attachment.nil?

    COURSE_LOGGER.log("Cannot find attachment with id: #{params[:id]}")
    flash[:error] = "Could not find Attachment \# #{params[:id]}"
    redirect_to_attachment_list && return
  end

  def redirect_to_attachment_list
    if @is_assessment
      (redirect_to([@course, @assessment]) && return)
    end

    redirect_to([@course, :attachments]) && return
  end

  def add_attachments_breadcrumb
    @breadcrumbs << if @is_assessment
                      (view_context.link_to "Assessment Attachments",
                                            [@course, @assessment, :attachments])
                    else
                      (view_context.link_to "Course Attachments", [@course, :attachments])
                    end
  end

  def attachment_params
    params.require(:attachment).permit(:name, :file, :released, :mime_type)
  end
end