class Projects::AvatarsController < Projects::ApplicationController
  include BlobHelper

  before_action :authorize_admin_project!, only: [:destroy]

  def show
    @blob = @repository.blob_at_branch(@repository.root_ref, @project.avatar_in_git)
    if @blob
      headers['X-Content-Type-Options'] = 'nosniff'

      return if cached_blob?

      send_git_blob @repository, @blob
    else
      render_404
    end
  end

  def destroy
    @project.remove_avatar!

    @project.save

    redirect_to edit_project_path(@project), status: 302
  end
end