Generalize the image upload in markdown

This commit generalizes the image upload via drag and drop so it supports all files.
It also adds access control for these files.

1 files changed, 27 insertions, 2 deletions

diff --git a/app/controllers/files_controller.rb b/app/controllers/files_controller.rb
index 15523cbc2e7..a86340dd9bb 100644
--- a/app/controllers/files_controller.rb
+++ b/app/controllers/files_controller.rb
@@ -1,5 +1,5 @@
 class FilesController < ApplicationController
-  def download
+  def download_notes
     note = Note.find(params[:id])
     uploader = note.attachment
 
@@ -14,7 +14,32 @@ class FilesController < ApplicationController
         not_found!
       end
     else
-      redirect_to uploader.url
+      not_found!
     end
   end
+
+  def download_files
+    namespace_id = params[:namespace]
+    project_id = params[:project]
+    folder_id = params[:folder_id]
+    filename = params[:filename]
+    project_with_namespace="#{namespace_id}/#{project_id}"
+    filename_with_id="#{folder_id}/#{filename}"
+    
+    project = Project.find_with_namespace(project_with_namespace)
+
+    uploader = FileUploader.new("#{Rails.root}/uploads","#{project_with_namespace}/#{folder_id}")
+    uploader.retrieve_from_store!(filename)
+
+    if can?(current_user, :read_project, project)
+      download(uploader)
+    else
+      not_found!
+    end
+  end
+
+  def download(uploader)
+    disposition = uploader.image? ? 'inline' : 'attachment'
+    send_file uploader.file.path, disposition: disposition
+  end
 end