Support uploads for newly created personal snippets12910-snippets-description

author: Jarka Kadlecova <jarka@gitlab.com> 2017-05-29 09:54:35 +0200
committer: Jarka Kadlecova <jarka@gitlab.com> 2017-06-07 07:52:41 +0200
commit: 2e311d9d1aac58bbd9c7d6c97c7cbcccf2715347 (patch)
tree: 04555ee940d5488ef6d44c5ad3afa0688cd6c1c5 /app
parent: 4464c22d6d23d893494682d309aec3fb31c11ae3 (diff)
download: gitlab-ce-2e311d9d1aac58bbd9c7d6c97c7cbcccf2715347.tar.gz
7 files changed, 44 insertions, 22 deletions
diff --git a/app/assets/javascripts/dropzone_input.js b/app/assets/javascripts/dropzone_input.js
index f886ce21493..8837341153b 100644
--- a/app/assets/javascripts/dropzone_input.js
+++ b/app/assets/javascripts/dropzone_input.js
@@ -199,7 +199,7 @@ window.DropzoneInput = (function() {
     };
 
     addFileToForm = function(path) {
-      $(form).append('<input type="hidden" name="files[]" value="' + path + '">');
+      $(form).append('<input type="hidden" name="files[]" value="' + _.escape(path) + '">');
     };
 
     getFilename = function(e) {
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 1334f7daa44..6c25f59ccbb 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -45,7 +45,7 @@ class SnippetsController < ApplicationController
 
     @snippet = CreateSnippetService.new(nil, current_user, create_params).execute
 
-    move_temporary_files if params[:files]
+    move_temporary_files if @snippet.valid? && params[:files]
 
     recaptcha_check_with_fallback { render :new }
   end
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index 5cb3de3d4f5..dc882b17143 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -17,6 +17,8 @@ class UploadsController < ApplicationController
   end
 
   def authorize_access!
+    return nil unless model
+
     authorized =
       case model
       when Note
@@ -35,7 +37,7 @@ class UploadsController < ApplicationController
   end
 
   def authorize_create_access!
-    return unless model
+    return nil unless model
 
     # for now we support only personal snippets comments
     authorized = can?(current_user, :comment_personal_snippet, model)
@@ -77,7 +79,12 @@ class UploadsController < ApplicationController
   def uploader
     return @uploader if defined?(@uploader)
 
-    if model.is_a?(PersonalSnippet)
+    case model
+    when nil
+      @uploader = PersonalFileUploader.new(nil, params[:secret])
+
+      @uploader.retrieve_from_store!(params[:filename])
+    when PersonalSnippet
       @uploader = PersonalFileUploader.new(model, params[:secret])
 
       @uploader.retrieve_from_store!(params[:filename])
diff --git a/app/uploaders/file_mover.rb b/app/uploaders/file_mover.rb
index 21e37a08a82..00c2888d224 100644
--- a/app/uploaders/file_mover.rb
+++ b/app/uploaders/file_mover.rb
@@ -1,33 +1,42 @@
 class FileMover
-  attr_reader :secret, :file_name, :model
+  attr_reader :secret, :file_name, :model, :update_field
 
   def initialize(file_path, model, update_field = :description)
     @secret = File.split(File.dirname(file_path)).last
     @file_name = File.basename(file_path)
     @model = model
+    @update_field = update_field
   end
 
   def execute
     move
-    update_markdown
+    uploader.record_upload if update_markdown
   end
 
   private
 
   def move
-    FileUtils.mkdir_p(file_path)
+    FileUtils.mkdir_p(File.dirname(file_path))
     FileUtils.move(temp_file_path, file_path)
   end
 
-  def update_markdown(field = :description)
-    updated_text = model.send(field).sub(temp_file_uploader.to_markdown, uploader.to_markdown)
-    model.update_attribute(field, updated_text)
+  def update_markdown
+    updated_text = model.read_attribute(update_field).gsub(temp_file_uploader.to_markdown, uploader.to_markdown)
+    model.update_attribute(update_field, updated_text)
+
+    true
+  rescue
+    revert
+
+    false
   end
 
   def temp_file_path
+    return @temp_file_path if @temp_file_path
+
     temp_file_uploader.retrieve_from_store!(file_name)
 
-    temp_file_uploader.file.path
+    @temp_file_path = temp_file_uploader.file.path
   end
 
   def file_path
@@ -45,4 +54,10 @@ class FileMover
   def temp_file_uploader
     @temp_file_uploader ||= PersonalFileUploader.new(nil, secret)
   end
+
+  def revert
+    Rails.logger.warn("Markdown not updated, file move reverted for #{model}")
+
+    FileUtils.move(file_path, temp_file_path)
+  end
 end
diff --git a/app/uploaders/records_uploads.rb b/app/uploaders/records_uploads.rb
index 4c127f29250..feb4f04d7b7 100644
--- a/app/uploaders/records_uploads.rb
+++ b/app/uploaders/records_uploads.rb
@@ -6,8 +6,6 @@ module RecordsUploads
     before :remove, :destroy_upload
   end
 
-  private
-
   # After storing an attachment, create a corresponding Upload record
   #
   # NOTE: We're ignoring the argument passed to this callback because we want
@@ -15,13 +13,16 @@ module RecordsUploads
   # `Tempfile` object the callback gets.
   #
   # Called `after :store`
-  def record_upload(_tempfile)
+  def record_upload(_tempfile = nil)
+    return unless model
     return unless file_storage?
     return unless file.exists?
 
     Upload.record(self)
   end
 
+  private
+
   # Before removing an attachment, destroy any Upload records at the same path
   #
   # Called `before :remove`
diff --git a/app/views/shared/form_elements/_description.html.haml b/app/views/shared/form_elements/_description.html.haml
index 91224e232ca..307d4919224 100644
--- a/app/views/shared/form_elements/_description.html.haml
+++ b/app/views/shared/form_elements/_description.html.haml
@@ -2,7 +2,7 @@
 - model = local_assigns.fetch(:model)
 
 - form = local_assigns.fetch(:form)
-- supports_slash_commands = !model.persisted?
+- supports_slash_commands = model.new_record?
 
 - if supports_slash_commands
   - preview_url = preview_markdown_path(project, slash_commands_target_type: model.class.name)
diff --git a/app/views/shared/snippets/_header.html.haml b/app/views/shared/snippets/_header.html.haml
index d2b94ed4c0b..813d8d69d8d 100644
--- a/app/views/shared/snippets/_header.html.haml
+++ b/app/views/shared/snippets/_header.html.haml
@@ -22,10 +22,9 @@
 
   - if @snippet.updated_at != @snippet.created_at
     = edited_time_ago_with_tooltip(@snippet, placement: 'bottom', html_class: 'snippet-edited-ago', exclude_author: true)
-  %div
-    - if @snippet.description.present?
-      .description
-        .wiki
-          = markdown_field(@snippet, :description)
-        %textarea.hidden.js-task-list-field
-          = @snippet.description
+  - if @snippet.description.present?
+    .description
+      .wiki
+        = markdown_field(@snippet, :description)
+      %textarea.hidden.js-task-list-field
+        = @snippet.description
author	Jarka Kadlecova <jarka@gitlab.com>	2017-05-29 09:54:35 +0200
committer	Jarka Kadlecova <jarka@gitlab.com>	2017-06-07 07:52:41 +0200
commit	2e311d9d1aac58bbd9c7d6c97c7cbcccf2715347 (patch)
tree	04555ee940d5488ef6d44c5ad3afa0688cd6c1c5 /app
parent	4464c22d6d23d893494682d309aec3fb31c11ae3 (diff)
download	gitlab-ce-2e311d9d1aac58bbd9c7d6c97c7cbcccf2715347.tar.gz