rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-01-20 09:52:19 +01:00
Code Issues Releases Activity

display list of allowed extensions in project's CAD attachments

Browse Source
This commit is contained in:
Sylvain 2016-09-27 14:08:04 +02:00
parent bf9ea40648
commit 36524d4cd9
13 changed files with 73 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -38,6 +38,7 @@
- Admins can toggle reminders on/off and customize the delay - Admins can toggle reminders on/off and customize the delay
- More file types allowed as project CAD attachements - More file types allowed as project CAD attachements
- Project CAD attachements are now checked by MIME type in addition of extension check - Project CAD attachements are now checked by MIME type in addition of extension check
- Project CAD attachement allowed are now configured in environment variables
- Display strategy's name in SSO providers list - Display strategy's name in SSO providers list
- SSO: documentation improved with an usage example - SSO: documentation improved with an usage example
- SSO: mapped fields display their data type. Integers, booleans and dates allow some transformations. - SSO: mapped fields display their data type. Integers, booleans and dates allow some transformations.
@ -56,7 +57,7 @@
- [TODO DEPLOY] `rake fablab:es_add_event_filters` - [TODO DEPLOY] `rake fablab:es_add_event_filters`
- [TODO DEPLOY] `rake db:migrate` - [TODO DEPLOY] `rake db:migrate`
- [TODO DEPLOY] `bundle install` - [TODO DEPLOY] `bundle install`
- [TODO DEPLOY] add `EXCEL_DATE_FORMAT` environment variable in `application.yml` - [TODO DEPLOY] add `EXCEL_DATE_FORMAT`, `ALLOWED_EXTENSIONS` and `ALLOWED_MIME_TYPES` environment variable in `application.yml`
- [OPTIONAL] `rake fablab:fix:assign_category_to_uncategorized_events` (will put every non-categorized events into a new category called "No Category", to ease re-categorization) - [OPTIONAL] `rake fablab:fix:assign_category_to_uncategorized_events` (will put every non-categorized events into a new category called "No Category", to ease re-categorization)
## v2.3.1 2016 September 26 ## v2.3.1 2016 September 26

23
README.md
View File

@ -239,6 +239,29 @@ Retrieve them from https://apps.twitter.com
This is optional. You can follow [this guide to get your personal App ID](https://developers.facebook.com/docs/apps/register). This is optional. You can follow [this guide to get your personal App ID](https://developers.facebook.com/docs/apps/register).
If you do so, you'll be able to customize and get statistics about project shares on Facebook. If you do so, you'll be able to customize and get statistics about project shares on Facebook.
LOG_LEVEL
This parameter configures the logs verbosity.
Available log levels can be found [here](http://guides.rubyonrails.org/debugging_rails_applications.html#log-levels).
ALLOWED_EXTENSIONS
Exhaustive list of file's extensions available for public upload as project's CAO attachements.
Each item in the list must be separated from the others by a space char.
You will probably want to check that this list match the `ALLOWED_MIME_TYPES` values below.
Please consider that allowing file archives (eg. ZIP) or binary executable (eg. EXE) may result in a **dangerous** security issue and must be avoided in any cases.
ALLOWED_MIME_TYPES
Exhaustive list of file's mime-types available for public upload as project's CAO attachements.
Each item in the list must be separated from the others by a space char.
You will probably want to check that this list match the `ALLOWED_EXTENSIONS` values above.
Please consider that allowing file archives (eg. application/zip) or binary executable (eg. application/exe) may result in a **dangerous** security issue and must be avoided in any cases.
Settings related to Open Projects
See the [Open Projects](#open-projects) section for a detailed description of these parameters.
Settings related to i18n Settings related to i18n
See the [Settings](#i18n-settings) section of the [Internationalization (i18n)](#i18n) paragraph for a detailed description of these parameters. See the [Settings](#i18n-settings) section of the [Internationalization (i18n)](#i18n) paragraph for a detailed description of these parameters.

19
app/assets/javascripts/controllers/projects.coffee.erb
View File

@ -12,6 +12,7 @@
# - $scope.components = [{Component}] # - $scope.components = [{Component}]
# - $scope.themes = [{Theme}] # - $scope.themes = [{Theme}]
# - $scope.licences = [{Licence}] # - $scope.licences = [{Licence}]
# - $scope.allowedExtensions = [{String}]
# - $scope.submited(content) # - $scope.submited(content)
# - $scope.cancel() # - $scope.cancel()
# - $scope.addFile() # - $scope.addFile()
@ -26,7 +27,7 @@
# - $state (Ui-Router) [ 'app.public.projects_show', 'app.public.projects_list' ] # - $state (Ui-Router) [ 'app.public.projects_show', 'app.public.projects_list' ]
## ##
class ProjectsController class ProjectsController
constructor: ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, _t)-> constructor: ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, allowedExtensions, _t)->
## Retrieve the list of machines from the server ## Retrieve the list of machines from the server
Machine.query().$promise.then (data)-> Machine.query().$promise.then (data)->
@ -52,8 +53,12 @@ class ProjectsController
id: d.id id: d.id
name: d.name name: d.name
## Total number of documentation steps for the current project
$scope.totalSteps = $scope.project.project_steps_attributes.length $scope.totalSteps = $scope.project.project_steps_attributes.length
## List of extensions allowed for CAD attachements upload
$scope.allowedExtensions = allowedExtensions
## ##
@ -315,8 +320,8 @@ Application.Controllers.controller "ProjectsController", ["$scope", "$state", 'P
## ##
# Controller used in the project creation page # Controller used in the project creation page
## ##
Application.Controllers.controller "NewProjectController", ["$scope", "$state", 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'Diacritics', 'dialogs', '_t' Application.Controllers.controller "NewProjectController", ["$scope", "$state", 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'Diacritics', 'dialogs', 'allowedExtensions', '_t'
, ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, Diacritics, dialogs, _t) -> , ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, Diacritics, dialogs, allowedExtensions, _t) ->
CSRF.setMetaTags() CSRF.setMetaTags()
## API URL where the form will be posted ## API URL where the form will be posted
@ -333,7 +338,7 @@ Application.Controllers.controller "NewProjectController", ["$scope", "$state",
$scope.matchingMembers = [] $scope.matchingMembers = []
## Using the ProjectsController ## Using the ProjectsController
new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, _t) new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, allowedExtensions, _t)
] ]
@ -341,8 +346,8 @@ Application.Controllers.controller "NewProjectController", ["$scope", "$state",
## ##
# Controller used in the project edition page # Controller used in the project edition page
## ##
Application.Controllers.controller "EditProjectController", ["$scope", "$state", '$stateParams', 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'projectPromise', 'Diacritics', 'dialogs', '_t' Application.Controllers.controller "EditProjectController", ["$scope", "$state", '$stateParams', 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'projectPromise', 'Diacritics', 'dialogs', 'allowedExtensions', '_t'
, ($scope, $state, $stateParams, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, projectPromise, Diacritics, dialogs, _t) -> , ($scope, $state, $stateParams, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, projectPromise, Diacritics, dialogs, allowedExtensions, _t) ->
CSRF.setMetaTags() CSRF.setMetaTags()
## API URL where the form will be posted ## API URL where the form will be posted
@ -359,7 +364,7 @@ Application.Controllers.controller "EditProjectController", ["$scope", "$state",
name: u.full_name name: u.full_name
## Using the ProjectsController ## Using the ProjectsController
new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, _t) new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, allowedExtensions, _t)
] ]

6
app/assets/javascripts/router.coffee.erb
View File

@ -270,6 +270,9 @@ angular.module('application.router', ['ui.router']).
templateUrl: '<%= asset_path "projects/new.html" %>' templateUrl: '<%= asset_path "projects/new.html" %>'
controller: 'NewProjectController' controller: 'NewProjectController'
resolve: resolve:
allowedExtensions: ['Project', (Project)->
Project.allowedExtensions().$promise
]
translations: [ 'Translations', (Translations) -> translations: [ 'Translations', (Translations) ->
Translations.query(['app.logged.projects_new', 'app.shared.project']).$promise Translations.query(['app.logged.projects_new', 'app.shared.project']).$promise
] ]
@ -296,6 +299,9 @@ angular.module('application.router', ['ui.router']).
projectPromise: ['$stateParams', 'Project', ($stateParams, Project)-> projectPromise: ['$stateParams', 'Project', ($stateParams, Project)->
Project.get(id: $stateParams.id).$promise Project.get(id: $stateParams.id).$promise
] ]
allowedExtensions: ['Project', (Project)->
Project.allowedExtensions().$promise
]
translations: [ 'Translations', (Translations) -> translations: [ 'Translations', (Translations) ->
Translations.query(['app.logged.projects_edit', 'app.shared.project']).$promise Translations.query(['app.logged.projects_edit', 'app.shared.project']).$promise
] ]

4
app/assets/javascripts/services/project.coffee
View File

@ -11,4 +11,8 @@ Application.Services.factory 'Project', ["$resource", ($resource)->
method: 'GET' method: 'GET'
url: '/api/projects/search' url: '/api/projects/search'
isArray: false isArray: false
allowedExtensions:
method: 'GET'
url: '/api/projects/allowed_extensions'
isArray: true
] ]

22
app/assets/templates/projects/_form.html.erb
View File

@ -42,18 +42,22 @@
<label class="col-sm-2 control-label" translate>{{ 'CAD_file' }}</label> <label class="col-sm-2 control-label" translate>{{ 'CAD_file' }}</label>
<div class="col-sm-10"> <div class="col-sm-10">
<div ng-repeat="file in project.project_caos_attributes" ng-show="!file._destroy"> <div ng-repeat="file in project.project_caos_attributes" ng-show="!file._destroy">
<input type="hidden" name="project[project_caos_attributes][][id]" ng-value="file.id" /> <div class="col-md-11 m-l-n">
<input type="hidden" name="project[project_caos_attributes][][_destroy]" ng-value="file._destroy" /> <input type="hidden" name="project[project_caos_attributes][][id]" ng-value="file.id" />
<input type="hidden" name="project[project_caos_attributes][][_destroy]" ng-value="file._destroy" />
<div class="fileinput input-group" data-provides="fileinput" ng-class="fileinputClass(file.attachment)"> <div class="fileinput input-group" data-provides="fileinput" ng-class="fileinputClass(file.attachment)">
<div class="form-control" data-trigger="fileinput"> <div class="form-control" data-trigger="fileinput">
<i class="glyphicon glyphicon-file fileinput-exists"></i> <span class="fileinput-filename">{{file.attachment}}</span> <i class="glyphicon glyphicon-file fileinput-exists"></i> <span class="fileinput-filename">{{file.attachment}}</span>
</div>
<span class="input-group-addon btn btn-default btn-file"><span class="fileinput-new" translate>{{ 'browse' }}</span>
<span class="fileinput-exists" translate>{{ 'change' }}</span><input type="file" name="project[project_caos_attributes][][attachment]"></span>
<a class="input-group-addon btn btn-danger fileinput-exists" data-dismiss="fileinput" ng-click="deleteFile(file)"><i class="fa fa-trash-o"></i></a>
</div> </div>
<span class="input-group-addon btn btn-default btn-file"><span class="fileinput-new" translate>{{ 'browse' }}</span>
<span class="fileinput-exists" translate>{{ 'change' }}</span><input type="file" name="project[project_caos_attributes][][attachment]"></span>
<a class="input-group-addon btn btn-danger fileinput-exists" data-dismiss="fileinput" ng-click="deleteFile(file)"><i class="fa fa-trash-o"></i></a>
</div> </div>
<div class="col-md-1 m-t-xs">
<i class="fa fa-info-circle" aria-hidden="true" uib-tooltip="{{ 'allowed_extensions' | translate }} : {{allowedExtensions.join(', ')}}" tooltip-placement="bottom" tooltip-class="media-lg"></i>
</div>
</div> </div>
<a class="btn btn-default" ng-click="addFile()" role="button">{{ 'add_a_new_file' | translate }} <i class="fa fa-file-o fa-fw"></i></a> <a class="btn btn-default" ng-click="addFile()" role="button">{{ 'add_a_new_file' | translate }} <i class="fa fa-file-o fa-fw"></i></a>
</div> </div>

4
app/controllers/api/projects_controller.rb
View File

@ -57,6 +57,10 @@ class API::ProjectsController < API::ApiController
render :index render :index
end end
def allowed_extensions
render json: ENV['ALLOWED_EXTENSIONS'].split(' '), status: :ok
end
private private
def set_project def set_project
@project = Project.find(params[:id]) @project = Project.find(params[:id])

10
app/models/project_cao.rb
View File

@ -2,13 +2,5 @@ class ProjectCao < Asset
mount_uploader :attachment, ProjectCaoUploader mount_uploader :attachment, ProjectCaoUploader
validates :attachment, file_size: { maximum: 20.megabytes.to_i } validates :attachment, file_size: { maximum: 20.megabytes.to_i }
validates :attachment, :file_mime_type => { validates :attachment, :file_mime_type => { :content_type => ENV['ALLOWED_MIME_TYPES'].split(' ') }
:content_type => %w(application/pdf application/postscript application/illustrator
image/x-eps image/svg+xml application/sla application/dxf application/acad application/dwg
application/octet-stream application/step application/iges model/iges x-world/x-3dmf
application/ application/vnd.openxmlformats-officedocument.wordprocessingml.document
image/png text/x-arduino text/plain application/scad application/vnd.sketchup.skp
application/x-koan application/vnd-koan koan/x-skm application/vnd.koan application/x-tex
application/x-latex)
}
end end

2
app/uploaders/project_cao_uploader.rb
View File

@ -39,7 +39,7 @@ class ProjectCaoUploader < CarrierWave::Uploader::Base
# Add a white list of extensions which are allowed to be uploaded. # Add a white list of extensions which are allowed to be uploaded.
# For images you might use something like this: # For images you might use something like this:
def extension_white_list def extension_white_list
%w(pdf ai eps cad math svg stl dxf dwg obj step iges igs 3dm 3dmf doc docx png ino scad fcad skp sldprt sldasm slddrw slddrt tex latex ps) ENV['ALLOWED_EXTENSIONS'].split(' ')
end end
# Override the filename of the uploaded files: # Override the filename of the uploaded files:

3
config/application.yml.default
View File

@ -56,3 +56,6 @@ OPENLAB_APP_ID:
OPENLAB_BASE_URI: 'https://openprojects.fab-manager.com' OPENLAB_BASE_URI: 'https://openprojects.fab-manager.com'
LOG_LEVEL: 'debug' LOG_LEVEL: 'debug'
ALLOWED_EXTENSIONS: pdf ai eps cad math svg stl dxf dwg obj step iges igs 3dm 3dmf doc docx png ino scad fcad skp sldprt sldasm slddrw slddrt tex latex ps
ALLOWED_MIME_TYPES: application/pdf application/postscript application/illustrator image/x-eps image/svg+xml application/sla application/dxf application/acad application/dwg application/octet-stream application/step application/iges model/iges x-world/x-3dmf application/ application/vnd.openxmlformats-officedocument.wordprocessingml.document image/png text/x-arduino text/plain application/scad application/vnd.sketchup.skp application/x-koan application/vnd-koan koan/x-skm application/vnd.koan application/x-tex application/x-latex

1
config/locales/app.shared.en.yml
View File

@ -128,6 +128,7 @@ en:
illustration: "Illustration" illustration: "Illustration"
add_an_illustration: "Add an illustration" add_an_illustration: "Add an illustration"
CAD_file: "CAD file" CAD_file: "CAD file"
allowed_extensions: "Allowed extensions:"
add_a_new_file: "Add a new file" add_a_new_file: "Add a new file"
steps: "Steps" steps: "Steps"
step_title: "Step title" step_title: "Step title"

1
config/locales/app.shared.fr.yml
View File

@ -128,6 +128,7 @@ fr:
illustration: "Illustration" illustration: "Illustration"
add_an_illustration: "Ajouter un visuel" add_an_illustration: "Ajouter un visuel"
CAD_file: "Fichier CAO" CAD_file: "Fichier CAO"
allowed_extensions: "Extensions autorisées :"
add_a_new_file: "Ajouter un nouveau fichier" add_a_new_file: "Ajouter un nouveau fichier"
steps: "Étapes" steps: "Étapes"
step_title: "Titre de l'étape" step_title: "Titre de l'étape"

3
config/routes.rb
View File

@ -26,10 +26,11 @@ Rails.application.routes.draw do
root 'application#index' root 'application#index'
namespace :api, as: nil, defaults: { format: :json } do namespace :api, as: nil, defaults: { format: :json } do
resources :projects, only: [:index, :last_published, :show, :create, :update, :destroy] do resources :projects, only: [:index, :show, :create, :update, :destroy] do
collection do collection do
get :last_published get :last_published
get :search get :search
get :allowed_extensions
end end
end end
resources :openlab_projects, only: :index resources :openlab_projects, only: :index