Commit Graph

128 Commits

Author SHA1 Message Date
Guo Xiang Tan 142571bba0 Remove use of `rescue nil`.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Sam 41986cdb2f Refactor requires login logic, reduce duplicate code
This also corrects the positioning in the chain of the check
and removes misuse of prepend_before_action
2018-02-01 15:17:59 +11:00
Sam f2e7b74d88 FIX: don't return 200s when login is required to paths
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
Régis Hanol f5e170c6b5 FIX: catch all server-side error when uploading a file
UX: always show a message to the user whenever an error happens on the server when uploading a file
2017-12-27 16:33:25 +01:00
Sam eb428ef54d FEATURE: uploads are processed a faster
Also cleans up API to always return 422 on upload error. (previously returned 200)

Uploads are processed using new hijack pattern
2017-11-27 12:43:35 +11:00
Sam 49f97d75b7 FIX: make uploads safe for block that can run later 2017-11-23 17:28:18 +11:00
Sam a92f61e926 FIX: allow login required sites access to attachements 2017-11-22 10:50:55 +11:00
Guo Xiang Tan 77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Sam d7a2584c6e FEATURE: image uploads now have short urls
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Régis Hanol a9c0df0b58 FIX: always try to convert PNG to JPG when pasting an image 2017-06-23 12:13:48 +02:00
Régis Hanol 5d63a7f4a6 FIX: pull hotlinked images even when they have no extension 2017-06-13 13:27:05 +02:00
Régis Hanol 54e8fb0d89 FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting 2017-06-12 22:41:29 +02:00
Robin Ward cdbe027c1c Refactor `FileHelper` to use keyword arguments. 2017-05-24 13:54:26 -04:00
Arpit Jalan 1fd8e426f2 FIX: better uploads error page 2017-05-18 23:29:37 +05:30
Régis Hanol 13e489b4ca replace the upload type whitelist with a sanitizer 2017-05-18 12:13:13 +02:00
Régis Hanol 9641d2413d REFACTOR: upload workflow creation into UploadCreator
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Guo Xiang Tan e7c972ac89 FIX: Don't use backticks that take in inputs. 2017-03-17 15:33:51 +08:00
Régis Hanol 3ce3abef8f FIX: add Content-Disposition and Content-Type headers when downloading attachments 2017-02-20 15:59:01 +01:00
Guo Xiang Tan 18007ed34b FIX: Can't use an internal name here if `SiteSetting.convert_pasted_images_to_hq_jpg` is `false`. 2017-02-01 14:51:56 +08:00
Guo Xiang Tan f6d9745c5f Bye bye byebug. 2017-02-01 14:50:14 +08:00
Guo Xiang Tan 6c8c91dca4 UX: Change default filename for images that have been pasted. 2017-02-01 14:44:41 +08:00
Sam 15b5fddd49 SECURITY: protect upload params, only allow very strict filenames 2016-12-19 10:16:18 +11:00
Robin Ward af83c8dc14 Upload Logos Step 2016-09-22 09:52:19 -04:00
Régis Hanol 6dac9075dc new 'convert_pasted_images_quality' site setting 2016-07-27 19:59:44 +02:00
Régis Hanol be099bb637 only convert pasted images to HQ jpg when it's at least 5% smaller 2016-07-27 19:55:13 +02:00
Régis Hanol 749b981759 FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting 2016-07-25 23:01:28 +02:00
Régis Hanol 7fca6f502f fix and improve image downsizing algorithm 2016-06-20 12:35:07 +02:00
Régis Hanol a5d8dfb07e FIX: don't hardcode maximum file size 2016-04-06 22:51:28 +02:00
Régis Hanol 4d981cec53 FIX: don't try to optimize large PNGs (takes too much time) 2016-02-22 12:57:24 +01:00
Jeff Atwood e1f90d12f1 formally remove IE9 support 2016-01-02 23:49:52 -08:00
Régis Hanol 09bfe49254 FIX: don't automagically downsize uploaded images that are larger than 10MB
FIX: don't optimize GIFs since ImageOption was disabled for GIFs (too slow)
2015-11-26 18:16:47 +01:00
Régis Hanol 16f509afb9 FIX: enforce 'allow_uploaded_avatars' & 'sso_overrides_avatar' server-side 2015-11-12 10:26:45 +01:00
Régis Hanol d541018bb2 FIX: automagic image downsizing wasn't working for GIFs... 2015-11-09 15:09:08 +01:00
Régis Hanol a3831a7003 FIX: uploading an animated user card/profile background was converted to a still image 2015-09-20 22:01:03 +02:00
Régis Hanol 4c2df814de FIX: ensure a file is present when creating an upload 2015-08-18 11:39:51 +02:00
Régis Hanol 827ea641b0 FIX: Use File.size instead of IO.size 2015-08-17 18:57:28 +02:00
Régis Hanol ffbaf8c542 FEATURE: automatically downsize large images 2015-08-12 18:33:13 +02:00
Sam 0c267e5952 maintain exact old behavior 2015-07-24 09:44:16 +10:00
Sam 719f558746 multisite fix, allow show through (security is handled in the controller) 2015-07-24 09:41:46 +10:00
Régis Hanol b0802abae2 FIX: crop & optimize user background profile/card images 2015-07-15 17:15:43 +02:00
Konstantin Ilchenko 131cf643ce FIX: Allow api to send uploads with :url 2015-06-21 14:54:59 +03:00
Régis Hanol 1ac3941130 FEATURE: allow API to upload files synchronously 2015-06-15 16:12:15 +02:00
Régis Hanol 0483f05154 make sure we pass in the user_id when creating avatar thumbnails 2015-05-29 18:11:19 +02:00
Sam bb3fb37650 FIX: when uploading same file was pasted into multiple composers 2015-05-28 15:08:54 +10:00
Régis Hanol 992154533f remove debugging letfovers 2015-05-26 20:08:19 +02:00
Régis Hanol 85d4d3223c FIX: crop avatars on the server instead of the client
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Régis Hanol bb0c2813ac FEATURE: generate (avatar) thumbnails in a background task
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar

PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Régis Hanol bcd98c8f0f FIX: API can provide a URL to create an upload 2015-05-20 17:38:06 +02:00
Régis Hanol 8d967d9065 FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread 2015-05-20 16:45:48 +02:00
Régis Hanol 7d3b7a5657 fix the build 2015-05-20 15:32:31 +02:00
Régis Hanol b44488b618 FIX: keep to old attachment route 2015-05-20 14:55:42 +02:00
Sam e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Régis Hanol 9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
Régis Hanol 0e5c9b2590 small upload code refactor 2015-02-03 18:44:18 +01:00
Régis Hanol cd2c9edb46 FIX: 🐛 upload on IE9 wasn't working :'(
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Sam 4fc3834dd6 FEATURE: allow inline disposition on uploads
when linking an upload allow ?inline=1 to display upload inline
2014-11-13 08:50:55 +11:00
Sam 58eabb03e5 FEATURE: api support for arbitrary unlinked assets
admins can set retain periods for assets
2014-09-23 16:50:17 +10:00
Régis Hanol eb34ecfc0c FEATURE: new 'prevent anons from download files' site setting 2014-09-09 18:41:13 +02:00
Sam 03c8f09be8 PERF: finalize porting to new incoming links structure 2014-08-04 16:43:57 +10:00
Sam 40af9ce612 FIX: do not store incoming links on avatars or uploads 2014-07-25 15:10:06 +10:00
Sam ca4c72e648 BUGFIX: 500 error on some invalid uploads 2014-05-14 10:51:09 +10:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol 9cd8476453 REFACTOR: use an options hash instead of multiple nil-able parameters 2014-04-15 17:17:10 +02:00
Régis Hanol 542d54e6bf BUGFIX: uploads to S3 2014-04-15 13:04:14 +02:00
Régis Hanol 2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam 3830f41e5f BUGFIX: attachments bust under multisite 2014-03-25 10:37:31 +11:00
Régis Hanol 7e7d951152 do not pull hotlinked images when max_image_size_kb == 0 2013-11-13 17:30:48 +01:00
Régis Hanol 45b838009c proper content-disposition header when downloading attachments 2013-09-06 19:23:56 +02:00
Régis Hanol be9217d4c8 add server-side filesize check on uploads 2013-07-24 00:54:41 +02:00
Régis Hanol 5ce05ff5cb adds the `max_attachment_size_kb` setting
so that we can specify a different max upload size for attachments and images.
2013-07-16 02:01:36 +02:00
Régis Hanol 27ab5f471c support arbitrary attachments 2013-07-10 22:59:53 +02:00
Régis Hanol 6ea91b4416 remove useless upload topic direct association 2013-06-17 02:49:33 +02:00
Ian Christian Myers 41528f5d11 Implemented strong_parameters for Upload/UploadsController.
The topic_id param is now required using strong_parameters' #require method. If the parameter is missing ActionController::ParameterMissing will be raised instead of Discourse::InvalidParameters.
2013-06-05 00:55:55 -07:00
Régis Hanol e3e55d4dad fix image uploads on s3/imgur 2013-06-05 00:35:42 +02:00
Régis Hanol dca2fbcefc add meaningful error message on upload [fixes #773] 2013-04-27 20:26:17 +02:00
Régis Hanol 1692350336 added some tests for uploads 2013-04-07 17:52:46 +02:00
Régis Hanol 2b120ef886 add UploadsController specs 2013-04-03 01:17:17 +02:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00