Class: UploadsController

Inherits:
CrmController show all
Includes:
Controllers::Destroyable, PresignedUploadActions
Defined in:
app/controllers/uploads_controller.rb

Constant Summary

Constants included from Controllers::ReferenceFindable

Controllers::ReferenceFindable::ID_EMBEDDED_PATTERNS

Constants included from Controllers::AnalyticsEvents

Controllers::AnalyticsEvents::MAX_QUEUED_EVENTS, Controllers::AnalyticsEvents::SESSION_KEY

Constants included from Controllers::ErrorRendering

Controllers::ErrorRendering::NON_CONTENT_PATH_PREFIXES

Constants included from Www::SeoHelper

Www::SeoHelper::AWARDS, Www::SeoHelper::CA_ADDRESS, Www::SeoHelper::CA_BUSINESS_HOURS, Www::SeoHelper::CA_CONTACT_POINT, Www::SeoHelper::CA_CURRENCIES, Www::SeoHelper::CA_DESCRIPTION, Www::SeoHelper::CA_FOUNDING_DATE, Www::SeoHelper::CA_GLOBAL_LOCATION_NUMBER, Www::SeoHelper::CA_LEGAL_NAME, Www::SeoHelper::CA_LOCAL_BUSINESS, Www::SeoHelper::CA_ONLINE_STORE, Www::SeoHelper::CA_RETURN_POLICY, Www::SeoHelper::CA_SALES_DEPARTMENT, Www::SeoHelper::CA_SERVICE_AREA, Www::SeoHelper::CA_URL, Www::SeoHelper::CA_VAT_ID, Www::SeoHelper::CA_WAREHOUSE_DEPARTMENT, Www::SeoHelper::CA_WAREHOUSE_HOURS, Www::SeoHelper::COMPANY_EMAIL, Www::SeoHelper::COMPANY_LOGO, Www::SeoHelper::COMPANY_NAME, Www::SeoHelper::COMPANY_SLOGAN, Www::SeoHelper::EXPERTISE, Www::SeoHelper::FAX_NUMBER, Www::SeoHelper::GS1_COMPANY_PREFIX, Www::SeoHelper::ISO6523_CODE, Www::SeoHelper::PAYMENT_METHODS, Www::SeoHelper::PHONE_NUMBER, Www::SeoHelper::PRIMARY_NAICS, Www::SeoHelper::REFUND_TYPE, Www::SeoHelper::RETURN_FEES, Www::SeoHelper::RETURN_METHOD, Www::SeoHelper::RETURN_POLICY_CATEGORY, Www::SeoHelper::SECONDARY_NAICS, Www::SeoHelper::SOCIAL_PROFILES, Www::SeoHelper::US_ADDRESS, Www::SeoHelper::US_BUSINESS_HOURS, Www::SeoHelper::US_CONTACT_POINT, Www::SeoHelper::US_CURRENCIES, Www::SeoHelper::US_DESCRIPTION, Www::SeoHelper::US_FOUNDING_DATE, Www::SeoHelper::US_GLOBAL_LOCATION_NUMBER, Www::SeoHelper::US_IMAGE, Www::SeoHelper::US_LEGAL_NAME, Www::SeoHelper::US_LOCAL_BUSINESS, Www::SeoHelper::US_ONLINE_STORE, Www::SeoHelper::US_RETURN_POLICY, Www::SeoHelper::US_SALES_DEPARTMENT, Www::SeoHelper::US_SERVICE_AREA, Www::SeoHelper::US_TAX_ID, Www::SeoHelper::US_URL, Www::SeoHelper::US_WAREHOUSE_DEPARTMENT, Www::SeoHelper::US_WAREHOUSE_HOURS

Constants included from IconHelper

IconHelper::CUSTOM_ICON_MAP, IconHelper::CUSTOM_SVG_DIR, IconHelper::DEFAULT_FAMILY

Instance Method Summary collapse

Methods included from PresignedUploadActions

#presigned_url, #upload_complete

Methods included from Controllers::Destroyable

#perform_destroy

Methods inherited from CrmController

#access_denied, #context_id, #context_object, #crm_home_path, #current_ability, #default_url_options, #download_temp, #get_tempfile_path_for_download, #initialize_crm_lazy_chunks, #record_not_found, #redirect_to_job_or_fallback, #render_edit_action, #set_context, #set_download_path, #stash_file_for_temp_download

Methods inherited from ApplicationController

#account_impersonated?, #add_to_flash, #append_token, #bypass_forgery_protection?, #chat_enabled?, #cloudflare_cleared?, #default_catalog, #default_url_options, #enable_turbo_frames, #find_publication, #fix_invalid_accept_header, #init_js_utils, #is_globals_call?, #layout_by_resource, #locale_store, #redirect_to, #require_employee_for_crm, #set_base_host, #set_real_ip, #set_report_errors_for, #should_render_layout?, #stamp_impersonation_context, #warmlyyours_canada_ip?, #warmlyyours_ip?, #y

Methods included from Controllers::ReturnPathHandling

#check_for_return_path, #redirect_to_return_path_or_default

Methods included from Controllers::AnalyticsEvents

#consume_queued_analytics_events, #track_event

Methods included from Controllers::DeviceDetection

#device_detector, #is_ie?

Methods included from Controllers::SubdomainDetection

#is_crm_request?, #is_www_request?, #json_request?

Methods included from Controllers::TrackingDetection

#bot_request?, #gdpr_country?, #gdpr_country_data, #prevent_bots, #set_tracking_cookie, #track_visitor?

Methods included from Controllers::AcceleratedFileSending

#send_file_accelerated, #send_upload_accelerated

Methods included from Controllers::ErrorRendering

#excp_string, #mail_to_for_error_reporting, #render_400, #render_404, #render_406, #render_410, #render_500, #render_invalid_authenticity_token, #render_ip_spoof_error, #safe_referer_or_fallback

Methods included from Controllers::TurnstileVerification

#load_turnstile_script_tag, #turnstile_lazy_widget, #turnstile_script_tag, #turnstile_widget, #validate_turnstile!

Methods included from Controllers::CloudflareCaching

edge_cached, #edge_cached_action?, #reset_cloudflare_cache, #set_cloudflare_cache, #skip_session

Methods included from Controllers::Webpackable

#preload_webpack_fonts, #webpack_css_include, #webpack_css_url, #webpack_js_include, #wpd_is_running?

Methods included from Controllers::Localizable

#cloudflare_country_locale, #determine_request_locale, #geocoder_locale, #guest_user_locale_check, #locale_optional_www_auth_path?, #param_locale, #set_locale, #set_request_locale, #skip_localization?, #warmlyyours_ip_locale

Methods included from Controllers::Authenticable

#access_denied, #authenticate_account, #authenticate_account!, #authenticate_account_from_login_token!, #authenticate_account_from_token!, #check_is_a_manager, #check_is_a_sales_manager, #check_is_an_admin, #check_is_an_employee, #check_party, #clear_mismatched_guest_user, #create_guest_user, #credentials?, #current_or_guest_user, #current_or_guest_user_id_read_only, #current_user, #devise_mapping, #fully_logged_in?, #generate_bot_id, #guest_user, #identifiable?, #init_current_user, #initialize_guest, #load_context_user, #logging_in, #resource, #resource_name, #restrict_access_for_non_employees, #scrubbed_request_path, #user_object, #warn_on_session_guest_id_leak

Methods included from ApplicationHelper

#better_number_to_currency, #check_force_logout, #check_or_cross, #check_or_times, #error_messages, #general_disclaimer_on_product_installation_and_local_codes, #gridjs_from_html_table, #gridjs_table, #is_wy_ip, #line_break, #parent_layout, #pass_or_fail, #render_error_messages_list, #render_video_card, #resolved_auth_form_turbo_frame, #return_path_or, #safe_css_color, #set_return_path_if_present, #set_section_if_present, #tab_frame_id, #to_underscore, #track_page?, #turbo_section_wrapper, #turbo_tabs_request?, #url_on_same_domain_as_request, #widget_index_daily_focus_index_path, #working_hours?, #yes_or_no, #yes_or_no_highlighted, #yes_or_no_with_check_or_cross, #youtube_video

Methods included from UppyUploaderHelper

#file_uploader, #image_uploader, #large_file_uploader_s3, #lead_sketch_uploader, #rma_image_uploader, #rma_image_uploader_s3, #uppy_uploader, #video_uploader

Methods included from Www::ImagesHelper

#image_asset_tag, #image_asset_url

Methods included from Www::SeoHelper

#add_page_schema, #canada?, #company_social_links, #ensure_context_json, #json_ld_script_tag, #local_business_schema, #online_store_id, #online_store_schema, #page_main_entity, #page_main_entity_json, #render_auto_collection_page_schema, #render_collection_page_schema, #render_local_business_schema, #render_online_store_schema, #render_page_schemas, #render_page_video_schemas, #render_webpage_schema, #render_webpage_schema_with_collections, #usa?

Methods included from UrlsHelper

#catalog_breadcrumb_links, #catalog_link, #catalog_link_for_product_line, #catalog_link_for_sku, #cms_link, #delocalized_path, #path_to_sales_product_sku, #path_to_sales_product_sku_for_product_line, #path_to_sales_product_sku_for_product_line_slug, #product_line_from_catalog_link, #protocol_neutral_url, #sanitize_external_url, #valid_external_url?

Methods included from IconHelper

#account_nav_icon, #fa_icon, #star_rating_html

Instance Method Details

#check_for_downloadObject 



96
97
98
99
100
101
102
103
 
# File 'app/controllers/uploads_controller.rb', line 96

def check_for_download
  @download_path = session[:download_path] if session[:download_path].present?
  if @download_path
    redirect_to @download_path
  else
    head :ok
  end
end

#createObject 



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'app/controllers/uploads_controller.rb', line 47

def create
  authorize!(:create, Upload)

  # Plain file input handling only (revert Uppy integration on this page)
  @upload = (@resource&.uploads || Upload).new(params[:upload])
  @upload.save

  respond_to do |format|
    format.html do
      if @upload.errors.any?
        render :new, status: :unprocessable_entity
      else
        redirect_to_return_path_or_default(@upload.resource || @upload, flash: { notice: 'Upload successfully created' })
      end
    end
  end
end

#destroyObject 



127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'app/controllers/uploads_controller.rb', line 127

def destroy
  return_path = @return_path
  if return_path.nil? && (item = @upload.items.first)
    return_path = item_path(item, tab: 'attachments')
  elsif return_path.nil? && @upload.resource
    return_path = polymorphic_path(@upload.resource)
  end
  return_path ||= request.referer
  return_path ||= root_path

  authorize! :destroy, @upload
  @upload.destroy

  if @upload.destroyed?
    flash[:info] = 'Upload was deleted successfully.'
  else
    @error_msg = @upload.errors.full_messages
    flash[:error] = "Could not delete upload. #{@error_msg.join(', ')}"
  end

  respond_to do |format|
    format.turbo_stream
    format.html { redirect_to_return_path_or_default return_path }
  end
end

#downloadObject 



122
123
124
125
 
# File 'app/controllers/uploads_controller.rb', line 122

def download
  upload = Upload.find(params[:id])
  send_upload_accelerated(upload, download: true)
end

#editObject 



42
43
44
45
 
# File 'app/controllers/uploads_controller.rb', line 42

def edit
  authorize!(:update, @upload)
  @resource = @upload.resource
end

#indexObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
 
# File 'app/controllers/uploads_controller.rb', line 9

def index
  @context_object = context_object
  uploads = @context_object.all_uploads if @context_object.respond_to?(:all_uploads)
  uploads ||= @context_object&.uploads
  uploads ||= Upload.all
  @q = uploads.ransack(params[:q])
  @q.sorts = 'created_at DESC' if @q.sorts.blank?
  @pagy, @uploads = pagy(@q.result)
  respond_to do |format|
    format.html { render layout: should_render_layout? }
    format.turbo_stream
  end
end

#newObject 



36
37
38
39
40
 
# File 'app/controllers/uploads_controller.rb', line 36

def new
  authorize!(:create, Upload)
  @upload = (@resource&.uploads || Upload).new(document_date: Date.current)
  @upload.item_ids = params[:item_ids].presence
end

#showObject

GET /uploads/1



24
25
26
27
28
29
30
31
32
33
34
 
# File 'app/controllers/uploads_controller.rb', line 24

def show
  authorize!(:read, @upload)
  if @upload.attachment.present?
    # Pass download: true for non-previewable types (CSV, Excel, ZIP, etc.) so
    # S3 returns Content-Disposition: attachment. PDFs and images stay inline so
    # browsers can render them natively. Without this Safari renders text/csv inline.
    redirect_to @upload.presigned_url(expires_in: 1.day, download: !@upload.browser_previewable?), allow_other_host: true
  else
    render inline: 'File is missing', status: :not_found
  end
end

#updateObject 



105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
 
# File 'app/controllers/uploads_controller.rb', line 105

def update
  authorize!(:update, @upload)
  if @upload.update(params[:upload])
    if @resource
      return_path = begin
        polymorphic_path(@resource)
      rescue StandardError
        nil
      end
    end
    return_path ||= upload_path(@upload)
    redirect_to_return_path_or_default return_path
  else
    render :edit, status: :unprocessable_entity
  end
end

#uploadObject

Endpoint for uppy.js file uploads



66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'app/controllers/uploads_controller.rb', line 66

def upload
  authorize!(:create, Upload)
  uploaded_file = params[:file]
  upload_ids = []

  Rails.logger.debug { "Upload params: #{params.inspect}" }
  Rails.logger.debug { "Uploaded file class: #{uploaded_file.class}" }

  if uploaded_file.is_a?(ActionDispatch::Http::UploadedFile)
    # Create Upload record for the file
    upload = Upload.new(attachment: uploaded_file)
    upload.category = params[:category] || 'photo'
    upload.resource_type = params[:resource_type] if params[:resource_type].present?
    upload.resource_id = params[:resource_id] if params[:resource_id].present?

    if upload.save
      upload_ids << upload.id
      Rails.logger.debug { "Upload created with ID: #{upload.id}" }
    else
      Rails.logger.error { "Upload failed: #{upload.errors.full_messages}" }
    end
  end

  render json: {
    message: 'File uploaded successfully.',
    files_list: upload_ids.to_json,
    upload_ids: upload_ids
  }
end