REST API for reading attachments (#7671).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6295 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2011-07-18 20:53:10 +00:00
parent e10198f0d5
commit f89483a206
8 changed files with 144 additions and 11 deletions

View File

@ -20,9 +20,11 @@ class AttachmentsController < ApplicationController
before_filter :file_readable, :read_authorize, :except => :destroy
before_filter :delete_authorize, :only => :destroy
verify :method => :post, :only => :destroy
accept_api_auth :show, :download
def show
respond_to do |format|
format.html {
if @attachment.is_diff?
@diff = File.new(@attachment.diskfile, "rb").read
render :action => 'diff'
@ -32,6 +34,9 @@ class AttachmentsController < ApplicationController
else
download
end
}
format.api
end
end
def download
@ -46,6 +51,7 @@ class AttachmentsController < ApplicationController
end
verify :method => :post, :only => :destroy
def destroy
# Make sure association callbacks are called
@attachment.container.attachments.delete(@attachment)

View File

@ -43,4 +43,17 @@ module AttachmentsHelper
str
end
end
def render_api_attachment(attachment, api)
api.attachment do
api.id attachment.id
api.filename attachment.filename
api.filesize attachment.filesize
api.content_type attachment.content_type
api.description attachment.description
api.content_url url_for(:controller => 'attachments', :action => 'download', :id => attachment, :filename => attachment.filename, :only_path => false)
api.author(:id => attachment.author.id, :name => attachment.author.name) if attachment.author
api.created_on attachment.created_on
end
end
end

View File

@ -0,0 +1 @@
render_api_attachment(@attachment, api)

View File

@ -25,6 +25,12 @@ api.issue do
render_api_issue_children(@issue, api) if include_in_api_response?('children')
api.array :attachments do
@issue.attachments.each do |attachment|
render_api_attachment(attachment, api)
end
end if include_in_api_response?('attachments')
api.array :relations do
@relations.each do |relation|
api.relation(:id => relation.id, :issue_id => relation.issue_from_id, :issue_to_id => relation.issue_to_id, :relation_type => relation.relation_type, :delay => relation.delay)

View File

@ -220,6 +220,7 @@ ActionController::Routing::Routes.draw do |map|
end
map.connect 'attachments/:id', :controller => 'attachments', :action => 'show', :id => /\d+/
map.connect 'attachments/:id.:format', :controller => 'attachments', :action => 'show', :id => /\d+/
map.connect 'attachments/:id/:filename', :controller => 'attachments', :action => 'show', :id => /\d+/, :filename => /.*/
map.connect 'attachments/download/:id/:filename', :controller => 'attachments', :action => 'download', :id => /\d+/, :filename => /.*/

View File

@ -0,0 +1,78 @@
# Redmine - project management software
# Copyright (C) 2006-2011 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require File.expand_path('../../../test_helper', __FILE__)
class ApiTest::AttachmentsTest < ActionController::IntegrationTest
fixtures :all
def setup
Setting.rest_api_enabled = '1'
Attachment.storage_path = "#{Rails.root}/test/fixtures/files"
end
context "/attachments/:id" do
context "GET" do
should "return the attachment" do
get '/attachments/7.xml', {}, :authorization => credentials('jsmith')
assert_response :success
assert_equal 'application/xml', @response.content_type
assert_tag :tag => 'attachment',
:child => {
:tag => 'id',
:content => '7',
:sibling => {
:tag => 'filename',
:content => 'archive.zip',
:sibling => {
:tag => 'content_url',
:content => 'http://www.example.com/attachments/download/7/archive.zip'
}
}
}
end
should "deny access without credentials" do
get '/attachments/7.xml'
assert_response 401
end
end
end
context "/attachments/download/:id/:filename" do
context "GET" do
should "return the attachment content" do
get '/attachments/download/7/archive.zip', {}, :authorization => credentials('jsmith')
assert_response :success
assert_equal 'application/octet-stream', @response.content_type
end
should "deny access without credentials" do
get '/attachments/download/7/archive.zip'
assert_response 302
end
end
end
def credentials(user, password=nil)
ActionController::HttpAuthentication::Basic.encode_credentials(user, password || user)
end
end

View File

@ -1,5 +1,5 @@
# Redmine - project management software
# Copyright (C) 2006-2010 Jean-Philippe Lang
# Copyright (C) 2006-2011 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@ -40,7 +40,8 @@ class ApiTest::IssuesTest < ActionController::IntegrationTest
:time_entries,
:journals,
:journal_details,
:queries
:queries,
:attachments
def setup
Setting.rest_api_enabled = '1'
@ -201,6 +202,31 @@ class ApiTest::IssuesTest < ActionController::IntegrationTest
end
end
context "with attachments" do
context ".xml" do
should "display attachments" do
get '/issues/3.xml?include=attachments'
assert_tag :tag => 'issue',
:child => {
:tag => 'attachments',
:children => {:count => 5},
:child => {
:tag => 'attachment',
:child => {
:tag => 'filename',
:content => 'source.rb',
:sibling => {
:tag => 'content_url',
:content => 'http://www.example.com/attachments/download/4/source.rb'
}
}
}
}
end
end
end
context "with subtasks" do
setup do
@c1 = Issue.generate!(:status_id => 1, :subject => "child c1", :tracker_id => 1, :project_id => 1, :parent_issue_id => 1)

View File

@ -25,6 +25,8 @@ class RoutingTest < ActionController::IntegrationTest
context "attachments" do
should_route :get, "/attachments/1", :controller => 'attachments', :action => 'show', :id => '1'
should_route :get, "/attachments/1.xml", :controller => 'attachments', :action => 'show', :id => '1', :format => 'xml'
should_route :get, "/attachments/1.json", :controller => 'attachments', :action => 'show', :id => '1', :format => 'json'
should_route :get, "/attachments/1/filename.ext", :controller => 'attachments', :action => 'show', :id => '1', :filename => 'filename.ext'
should_route :get, "/attachments/download/1", :controller => 'attachments', :action => 'download', :id => '1'
should_route :get, "/attachments/download/1/filename.ext", :controller => 'attachments', :action => 'download', :id => '1', :filename => 'filename.ext'