2014-05-22 03:37:02 -04:00
|
|
|
require_dependency 'letter_avatar'
|
|
|
|
|
|
2014-05-26 05:46:43 -04:00
|
|
|
class UserAvatarsController < ApplicationController
|
2014-05-27 08:29:27 -04:00
|
|
|
DOT = Base64.decode64("R0lGODlhAQABALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD//wBiZCH5BAEAAA8ALAAAAAABAAEAAAQC8EUAOw==")
|
|
|
|
|
|
2014-05-26 05:46:43 -04:00
|
|
|
skip_before_filter :check_xhr, :verify_authenticity_token, only: :show
|
|
|
|
|
|
|
|
|
|
def refresh_gravatar
|
|
|
|
|
|
|
|
|
|
user = User.find_by(username_lower: params[:username].downcase)
|
|
|
|
|
guardian.ensure_can_edit!(user)
|
|
|
|
|
|
|
|
|
|
if user
|
|
|
|
|
user.create_user_avatar(user_id: user.id) unless user.user_avatar
|
|
|
|
|
user.user_avatar.update_gravatar!
|
|
|
|
|
|
|
|
|
|
render json: {upload_id: user.user_avatar.gravatar_upload_id}
|
|
|
|
|
else
|
|
|
|
|
raise Discourse::NotFound
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-22 03:37:02 -04:00
|
|
|
def show
|
2014-05-27 09:13:42 -04:00
|
|
|
# we need multisite support to keep a single origin pull for CDNs
|
|
|
|
|
RailsMultisite::ConnectionManagement.with_hostname(params[:hostname]) do
|
|
|
|
|
show_in_site
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
|
|
def show_in_site
|
2014-05-22 03:37:02 -04:00
|
|
|
username = params[:username].to_s
|
2014-05-27 08:29:27 -04:00
|
|
|
return render_dot unless user = User.find_by(username_lower: username.downcase)
|
2014-05-22 03:37:02 -04:00
|
|
|
|
|
|
|
|
size = params[:size].to_i
|
|
|
|
|
if size > 1000 || size < 1
|
2014-05-27 08:29:27 -04:00
|
|
|
return render_dot
|
2014-05-22 03:37:02 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
image = nil
|
|
|
|
|
version = params[:version].to_i
|
|
|
|
|
|
2014-05-27 08:29:27 -04:00
|
|
|
return render_dot unless version > 0 && user_avatar = user.user_avatar
|
2014-05-22 03:37:02 -04:00
|
|
|
|
2014-05-26 05:46:43 -04:00
|
|
|
upload = Upload.find(version) if user_avatar.contains_upload?(version)
|
2014-05-22 03:37:02 -04:00
|
|
|
upload ||= user.uploaded_avatar if user.uploaded_avatar_id == version
|
|
|
|
|
|
|
|
|
|
if user.uploaded_avatar && !upload
|
|
|
|
|
return redirect_to "/avatar/#{user.username_lower}/#{size}/#{user.uploaded_avatar_id}.png"
|
|
|
|
|
elsif upload
|
2014-05-26 05:46:43 -04:00
|
|
|
original = Discourse.store.path_for(upload)
|
2014-05-27 00:40:46 -04:00
|
|
|
if Discourse.store.external? || File.exists?(original)
|
|
|
|
|
optimized = get_optimized_image(upload, size)
|
|
|
|
|
|
|
|
|
|
if Discourse.store.external?
|
|
|
|
|
expires_in 1.day, public: true
|
|
|
|
|
return redirect_to optimized.url
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-22 03:37:02 -04:00
|
|
|
image = Discourse.store.path_for(optimized)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if image
|
|
|
|
|
expires_in 1.year, public: true
|
|
|
|
|
send_file image, disposition: nil
|
|
|
|
|
else
|
2014-05-27 08:29:27 -04:00
|
|
|
render_dot
|
2014-05-22 03:37:02 -04:00
|
|
|
end
|
|
|
|
|
end
|
2014-05-27 00:40:46 -04:00
|
|
|
|
|
|
|
|
|
2014-05-27 08:29:27 -04:00
|
|
|
# this protects us from a DoS
|
|
|
|
|
def render_dot
|
|
|
|
|
expires_in 10.minutes, public: true
|
|
|
|
|
render text: DOT, content_type: "image/png"
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-27 00:40:46 -04:00
|
|
|
def get_optimized_image(upload, size)
|
|
|
|
|
OptimizedImage.create_for(
|
|
|
|
|
upload,
|
|
|
|
|
size,
|
|
|
|
|
size,
|
|
|
|
|
allow_animation: SiteSetting.allow_animated_avatars
|
|
|
|
|
)
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-22 03:37:02 -04:00
|
|
|
end
|
