From 8a44b384c00e7d6603bbc69794087dea7ae91a73 Mon Sep 17 00:00:00 2001 From: John Edmonds Date: Sun, 18 Sep 2011 17:02:20 -0400 Subject: [PATCH 1/7] Add CSRF token to forms generated by fileuploader. Diaspora added an X-CSRF-Token header to XHR made by fileupload. Since fileupload doesn't think Opera supports XHR, it builds a form and submits that instead. By adding a hidden authenticity_token to the form, Opera can submit the form without logging the user out. --- public/javascripts/fileuploader-custom.js | 1 + 1 file changed, 1 insertion(+) diff --git a/public/javascripts/fileuploader-custom.js b/public/javascripts/fileuploader-custom.js index d5844a7c7..1840b14fa 100644 --- a/public/javascripts/fileuploader-custom.js +++ b/public/javascripts/fileuploader-custom.js @@ -1017,6 +1017,7 @@ qq.extend(qq.UploadHandlerForm.prototype, { var iframe = this._createIframe(id); var form = this._createForm(iframe, params); form.appendChild(input); + $(form).append($('')); var self = this; this._attachLoadEvent(iframe, function(){ From 5f906defc8c7d6e04730c015ebdf9f1d7e4a479a Mon Sep 17 00:00:00 2001 From: John Edmonds Date: Sun, 25 Sep 2011 11:48:59 -0400 Subject: [PATCH 2/7] Directly use UploadedFile object if available. Opera doesn't support XHR file uploads and instead submits a regular form. Thus, we are provided with an UploadedFile object which can be used instead of creating our own compatible object. --- app/controllers/photos_controller.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/controllers/photos_controller.rb b/app/controllers/photos_controller.rb index 1afafd9b9..e739c2e38 100644 --- a/app/controllers/photos_controller.rb +++ b/app/controllers/photos_controller.rb @@ -49,7 +49,11 @@ class PhotosController < ApplicationController params[:photo][:aspect_ids] = params[:photo][:aspect_ids].values end - params[:photo][:user_file] = file_handler(params) + params[:photo][:user_file] = if request.params.has_key?(:qqfile) and not request.params[:qqfile].is_a?(String) + params[:qqfile] + else + file_handler(params) + end @photo = current_user.build_post(:photo, params[:photo]) From b999617dde1bf4bc2a140c0b889fc5710479107a Mon Sep 17 00:00:00 2001 From: John Edmonds Date: Sat, 24 Sep 2011 15:59:37 -0400 Subject: [PATCH 3/7] Respond with HTML for Opera. If we don't respond with the content-type text/html, rails will return a 406 Not Acceptable. --- app/controllers/photos_controller.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/photos_controller.rb b/app/controllers/photos_controller.rb index e739c2e38..18ed04f3a 100644 --- a/app/controllers/photos_controller.rb +++ b/app/controllers/photos_controller.rb @@ -75,6 +75,7 @@ class PhotosController < ApplicationController respond_to do |format| format.json{ render(:layout => false , :json => {"success" => true, "data" => @photo}.to_json )} + format.html{ render(:layout => false , :json => {"success" => true, "data" => @photo}.to_json )} end else respond_with @photo, :location => photos_path, :error => message From dcd7e936dfb4edafcd69a587bf36cbcb849dd438 Mon Sep 17 00:00:00 2001 From: John Edmonds Date: Sun, 25 Sep 2011 11:35:24 -0400 Subject: [PATCH 4/7] Add test for Opera photo upload. --- spec/controllers/photos_controller_spec.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/spec/controllers/photos_controller_spec.rb b/spec/controllers/photos_controller_spec.rb index b87662082..210daa25c 100644 --- a/spec/controllers/photos_controller_spec.rb +++ b/spec/controllers/photos_controller_spec.rb @@ -13,6 +13,18 @@ describe PhotosController do sign_in :user, alice request.env["HTTP_REFERER"] = '' end + + describe '#create' do + before do + @params = {:photo => {:aspect_ids => "all"}, :qqfile => Rack::Test::UploadedFile.new("spec/fixtures/button.png", "image/png") } + end + + it 'accepts a photo from a regular form submission' do + lambda { + post :create, @params + }.should change(Photo, :count).by(1) + end + end describe '#create' do before do From 8d0f6699ae5551e639199b68d4e6da40adc6d11c Mon Sep 17 00:00:00 2001 From: John Edmonds Date: Thu, 29 Sep 2011 21:49:58 -0400 Subject: [PATCH 5/7] Move photo upload logic to file_handler. --- app/controllers/photos_controller.rb | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/app/controllers/photos_controller.rb b/app/controllers/photos_controller.rb index 18ed04f3a..175057c3f 100644 --- a/app/controllers/photos_controller.rb +++ b/app/controllers/photos_controller.rb @@ -49,11 +49,7 @@ class PhotosController < ApplicationController params[:photo][:aspect_ids] = params[:photo][:aspect_ids].values end - params[:photo][:user_file] = if request.params.has_key?(:qqfile) and not request.params[:qqfile].is_a?(String) - params[:qqfile] - else - file_handler(params) - end + params[:photo][:user_file] = file_handler(params) @photo = current_user.build_post(:photo, params[:photo]) @@ -213,6 +209,11 @@ class PhotosController < ApplicationController private def file_handler(params) + # For XHR file uploads, request.params[:qqfile] will be the path to the temporary file + # For regular form uploads (such as those made by Opera), request.params[:qqfile] will be an UploadedFile which can be returned unaltered. + if not request.params[:qqfile].is_a?(String) + params[:qqfile] + else ######################## dealing with local files ############# # get file name file_name = params[:qqfile] @@ -234,5 +235,6 @@ class PhotosController < ApplicationController Tempfile.send(:define_method, "content_type") {return att_content_type} Tempfile.send(:define_method, "original_filename") {return file_name} file + end end end From 19ea9e8b6da0c1d90015eb6a0252565d68e8834d Mon Sep 17 00:00:00 2001 From: John Edmonds Date: Sat, 1 Oct 2011 11:48:41 -0400 Subject: [PATCH 6/7] Add tests for Content-Type returned from #create. --- spec/controllers/photos_controller_spec.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/spec/controllers/photos_controller_spec.rb b/spec/controllers/photos_controller_spec.rb index 210daa25c..9a438a269 100644 --- a/spec/controllers/photos_controller_spec.rb +++ b/spec/controllers/photos_controller_spec.rb @@ -24,6 +24,16 @@ describe PhotosController do post :create, @params }.should change(Photo, :count).by(1) end + + it 'returns application/json when possible' do + request.env['HTTP_ACCEPT'] = 'application/json' + post(:create, @params).headers['Content-Type'].should match 'application/json.*' + end + + it 'returns text/html by default' do + request.env['HTTP_ACCEPT'] = 'text/html,*/*' + post(:create, @params).headers['Content-Type'].should match 'text/html.*' + end end describe '#create' do From de88c0ab487ae659ecad41990188b2bf4eedf3d9 Mon Sep 17 00:00:00 2001 From: danielgrippi Date: Sun, 6 Nov 2011 19:35:20 -0800 Subject: [PATCH 7/7] correct newrelic_ignore --- app/controllers/publics_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/publics_controller.rb b/app/controllers/publics_controller.rb index 160373bf6..a24525534 100644 --- a/app/controllers/publics_controller.rb +++ b/app/controllers/publics_controller.rb @@ -3,7 +3,7 @@ # the COPYRIGHT file. require File.join(Rails.root, 'lib', 'stream', 'public') -require 'newrelic_rpm' if File.exists?(File.expand_path('../newrelic.yml', __FILE__)) +require 'newrelic_rpm' if File.exists?(File.expand_path("#{Rails.root}/config/newrelic.yml", __FILE__)) class PublicsController < ApplicationController require File.join(Rails.root, '/lib/diaspora/parser') @@ -11,7 +11,7 @@ class PublicsController < ApplicationController require File.join(Rails.root, '/lib/postzord/receiver/private') include Diaspora::Parser - newrelic_ignore if File.exists?(File.expand_path('../newrelic.yml', __FILE__)) + newrelic_ignore if File.exists?(File.expand_path("#{Rails.root}/config/newrelic.yml", __FILE__)) skip_before_filter :set_header_data skip_before_filter :which_action_and_user