Extract filename obfuscation into module

cefef2c5 · Alyssa Ross · Andrea Faulds · 7161f913 · cefef2c5 · cefef2c5
Commit cefef2c5 authored 8 years ago by Alyssa Ross Committed by Andrea Faulds 8 years ago
--- a/app/controllers/api/v1/media_controller.rb
+++ b/app/controllers/api/v1/media_controller.rb
@@ -4,13 +4,13 @@ class Api::V1::MediaController < ApiController
  before_action -> { doorkeeper_authorize! :write }
  before_action :require_user!

+  include ObfuscateFilename
+  obfuscate_filename :file
+
  respond_to :json

  def create
-    file = params[:file]
-    # Change so Paperclip won't expose the actual filename
-    file.original_filename = "media" + File.extname(file.original_filename)
-    @media = MediaAttachment.create!(account: current_user.account, file: file)
+    @media = MediaAttachment.create!(account: current_user.account, file: params[:file])
  rescue Paperclip::Errors::NotIdentifiedByImageMagickError
    render json: { error: 'File type of uploaded media could not be verified' }, status: 422
  rescue Paperclip::Error

--- a/app/controllers/settings/profiles_controller.rb
+++ b/app/controllers/settings/profiles_controller.rb
@@ -6,6 +6,10 @@ class Settings::ProfilesController < ApplicationController
  before_action :authenticate_user!
  before_action :set_account

+  include ObfuscateFilename
+  obfuscate_filename [:account, :avatar]
+  obfuscate_filename [:account, :header]
+
  def show
  end

@@ -20,18 +24,7 @@ class Settings::ProfilesController < ApplicationController
  private

  def account_params
-    p = params.require(:account).permit(:display_name, :note, :avatar, :header, :silenced)
-    if p[:avatar]
-        avatar = p[:avatar]
-        # Change so Paperclip won't expose the actual filename
-        avatar.original_filename = "media" + File.extname(avatar.original_filename)
-    end
-    if p[:header]
-        header = p[:header]
-        # Change so Paperclip won't expose the actual filename
-        header.original_filename = "media" + File.extname(header.original_filename)
-    end
-    p
+    params.require(:account).permit(:display_name, :note, :avatar, :header, :silenced)
  end

  def set_account

--- a/app/models/concerns/obfuscate_filename.rb
+++ b/app/models/concerns/obfuscate_filename.rb
+module ObfuscateFilename
+  extend ActiveSupport::Concern
+
+  class_methods do
+    def obfuscate_filename(*args)
+      before_action { obfuscate_filename(*args) }
+    end
+  end
+
+  def obfuscate_filename(path)
+    file = params.dig(*path)
+    return if file.nil?
+
+    file.original_filename = "media" + File.extname(file.original_filename)
+  end
+end