mirror of
https://github.com/LaCasemate/fab-manager.git
synced 2025-01-20 09:52:19 +01:00
display list of allowed extensions in project's CAD attachments
This commit is contained in:
parent
bf9ea40648
commit
36524d4cd9
@ -38,6 +38,7 @@
|
||||
- Admins can toggle reminders on/off and customize the delay
|
||||
- More file types allowed as project CAD attachements
|
||||
- Project CAD attachements are now checked by MIME type in addition of extension check
|
||||
- Project CAD attachement allowed are now configured in environment variables
|
||||
- Display strategy's name in SSO providers list
|
||||
- SSO: documentation improved with an usage example
|
||||
- SSO: mapped fields display their data type. Integers, booleans and dates allow some transformations.
|
||||
@ -56,7 +57,7 @@
|
||||
- [TODO DEPLOY] `rake fablab:es_add_event_filters`
|
||||
- [TODO DEPLOY] `rake db:migrate`
|
||||
- [TODO DEPLOY] `bundle install`
|
||||
- [TODO DEPLOY] add `EXCEL_DATE_FORMAT` environment variable in `application.yml`
|
||||
- [TODO DEPLOY] add `EXCEL_DATE_FORMAT`, `ALLOWED_EXTENSIONS` and `ALLOWED_MIME_TYPES` environment variable in `application.yml`
|
||||
- [OPTIONAL] `rake fablab:fix:assign_category_to_uncategorized_events` (will put every non-categorized events into a new category called "No Category", to ease re-categorization)
|
||||
|
||||
## v2.3.1 2016 September 26
|
||||
|
23
README.md
23
README.md
@ -239,6 +239,29 @@ Retrieve them from https://apps.twitter.com
|
||||
This is optional. You can follow [this guide to get your personal App ID](https://developers.facebook.com/docs/apps/register).
|
||||
If you do so, you'll be able to customize and get statistics about project shares on Facebook.
|
||||
|
||||
LOG_LEVEL
|
||||
|
||||
This parameter configures the logs verbosity.
|
||||
Available log levels can be found [here](http://guides.rubyonrails.org/debugging_rails_applications.html#log-levels).
|
||||
|
||||
ALLOWED_EXTENSIONS
|
||||
|
||||
Exhaustive list of file's extensions available for public upload as project's CAO attachements.
|
||||
Each item in the list must be separated from the others by a space char.
|
||||
You will probably want to check that this list match the `ALLOWED_MIME_TYPES` values below.
|
||||
Please consider that allowing file archives (eg. ZIP) or binary executable (eg. EXE) may result in a **dangerous** security issue and must be avoided in any cases.
|
||||
|
||||
ALLOWED_MIME_TYPES
|
||||
|
||||
Exhaustive list of file's mime-types available for public upload as project's CAO attachements.
|
||||
Each item in the list must be separated from the others by a space char.
|
||||
You will probably want to check that this list match the `ALLOWED_EXTENSIONS` values above.
|
||||
Please consider that allowing file archives (eg. application/zip) or binary executable (eg. application/exe) may result in a **dangerous** security issue and must be avoided in any cases.
|
||||
|
||||
Settings related to Open Projects
|
||||
|
||||
See the [Open Projects](#open-projects) section for a detailed description of these parameters.
|
||||
|
||||
Settings related to i18n
|
||||
|
||||
See the [Settings](#i18n-settings) section of the [Internationalization (i18n)](#i18n) paragraph for a detailed description of these parameters.
|
||||
|
@ -12,6 +12,7 @@
|
||||
# - $scope.components = [{Component}]
|
||||
# - $scope.themes = [{Theme}]
|
||||
# - $scope.licences = [{Licence}]
|
||||
# - $scope.allowedExtensions = [{String}]
|
||||
# - $scope.submited(content)
|
||||
# - $scope.cancel()
|
||||
# - $scope.addFile()
|
||||
@ -26,7 +27,7 @@
|
||||
# - $state (Ui-Router) [ 'app.public.projects_show', 'app.public.projects_list' ]
|
||||
##
|
||||
class ProjectsController
|
||||
constructor: ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, _t)->
|
||||
constructor: ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, allowedExtensions, _t)->
|
||||
|
||||
## Retrieve the list of machines from the server
|
||||
Machine.query().$promise.then (data)->
|
||||
@ -52,8 +53,12 @@ class ProjectsController
|
||||
id: d.id
|
||||
name: d.name
|
||||
|
||||
## Total number of documentation steps for the current project
|
||||
$scope.totalSteps = $scope.project.project_steps_attributes.length
|
||||
|
||||
## List of extensions allowed for CAD attachements upload
|
||||
$scope.allowedExtensions = allowedExtensions
|
||||
|
||||
|
||||
|
||||
##
|
||||
@ -315,8 +320,8 @@ Application.Controllers.controller "ProjectsController", ["$scope", "$state", 'P
|
||||
##
|
||||
# Controller used in the project creation page
|
||||
##
|
||||
Application.Controllers.controller "NewProjectController", ["$scope", "$state", 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'Diacritics', 'dialogs', '_t'
|
||||
, ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, Diacritics, dialogs, _t) ->
|
||||
Application.Controllers.controller "NewProjectController", ["$scope", "$state", 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'Diacritics', 'dialogs', 'allowedExtensions', '_t'
|
||||
, ($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, Diacritics, dialogs, allowedExtensions, _t) ->
|
||||
CSRF.setMetaTags()
|
||||
|
||||
## API URL where the form will be posted
|
||||
@ -333,7 +338,7 @@ Application.Controllers.controller "NewProjectController", ["$scope", "$state",
|
||||
$scope.matchingMembers = []
|
||||
|
||||
## Using the ProjectsController
|
||||
new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, _t)
|
||||
new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, allowedExtensions, _t)
|
||||
]
|
||||
|
||||
|
||||
@ -341,8 +346,8 @@ Application.Controllers.controller "NewProjectController", ["$scope", "$state",
|
||||
##
|
||||
# Controller used in the project edition page
|
||||
##
|
||||
Application.Controllers.controller "EditProjectController", ["$scope", "$state", '$stateParams', 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'projectPromise', 'Diacritics', 'dialogs', '_t'
|
||||
, ($scope, $state, $stateParams, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, projectPromise, Diacritics, dialogs, _t) ->
|
||||
Application.Controllers.controller "EditProjectController", ["$scope", "$state", '$stateParams', 'Project', 'Machine', 'Member', 'Component', 'Theme', 'Licence', '$document', 'CSRF', 'projectPromise', 'Diacritics', 'dialogs', 'allowedExtensions', '_t'
|
||||
, ($scope, $state, $stateParams, Project, Machine, Member, Component, Theme, Licence, $document, CSRF, projectPromise, Diacritics, dialogs, allowedExtensions, _t) ->
|
||||
CSRF.setMetaTags()
|
||||
|
||||
## API URL where the form will be posted
|
||||
@ -359,7 +364,7 @@ Application.Controllers.controller "EditProjectController", ["$scope", "$state",
|
||||
name: u.full_name
|
||||
|
||||
## Using the ProjectsController
|
||||
new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, _t)
|
||||
new ProjectsController($scope, $state, Project, Machine, Member, Component, Theme, Licence, $document, Diacritics, dialogs, allowedExtensions, _t)
|
||||
]
|
||||
|
||||
|
||||
|
@ -270,6 +270,9 @@ angular.module('application.router', ['ui.router']).
|
||||
templateUrl: '<%= asset_path "projects/new.html" %>'
|
||||
controller: 'NewProjectController'
|
||||
resolve:
|
||||
allowedExtensions: ['Project', (Project)->
|
||||
Project.allowedExtensions().$promise
|
||||
]
|
||||
translations: [ 'Translations', (Translations) ->
|
||||
Translations.query(['app.logged.projects_new', 'app.shared.project']).$promise
|
||||
]
|
||||
@ -296,6 +299,9 @@ angular.module('application.router', ['ui.router']).
|
||||
projectPromise: ['$stateParams', 'Project', ($stateParams, Project)->
|
||||
Project.get(id: $stateParams.id).$promise
|
||||
]
|
||||
allowedExtensions: ['Project', (Project)->
|
||||
Project.allowedExtensions().$promise
|
||||
]
|
||||
translations: [ 'Translations', (Translations) ->
|
||||
Translations.query(['app.logged.projects_edit', 'app.shared.project']).$promise
|
||||
]
|
||||
|
@ -11,4 +11,8 @@ Application.Services.factory 'Project', ["$resource", ($resource)->
|
||||
method: 'GET'
|
||||
url: '/api/projects/search'
|
||||
isArray: false
|
||||
allowedExtensions:
|
||||
method: 'GET'
|
||||
url: '/api/projects/allowed_extensions'
|
||||
isArray: true
|
||||
]
|
||||
|
@ -42,18 +42,22 @@
|
||||
<label class="col-sm-2 control-label" translate>{{ 'CAD_file' }}</label>
|
||||
<div class="col-sm-10">
|
||||
<div ng-repeat="file in project.project_caos_attributes" ng-show="!file._destroy">
|
||||
<input type="hidden" name="project[project_caos_attributes][][id]" ng-value="file.id" />
|
||||
<input type="hidden" name="project[project_caos_attributes][][_destroy]" ng-value="file._destroy" />
|
||||
<div class="col-md-11 m-l-n">
|
||||
<input type="hidden" name="project[project_caos_attributes][][id]" ng-value="file.id" />
|
||||
<input type="hidden" name="project[project_caos_attributes][][_destroy]" ng-value="file._destroy" />
|
||||
|
||||
<div class="fileinput input-group" data-provides="fileinput" ng-class="fileinputClass(file.attachment)">
|
||||
<div class="form-control" data-trigger="fileinput">
|
||||
<i class="glyphicon glyphicon-file fileinput-exists"></i> <span class="fileinput-filename">{{file.attachment}}</span>
|
||||
<div class="fileinput input-group" data-provides="fileinput" ng-class="fileinputClass(file.attachment)">
|
||||
<div class="form-control" data-trigger="fileinput">
|
||||
<i class="glyphicon glyphicon-file fileinput-exists"></i> <span class="fileinput-filename">{{file.attachment}}</span>
|
||||
</div>
|
||||
<span class="input-group-addon btn btn-default btn-file"><span class="fileinput-new" translate>{{ 'browse' }}</span>
|
||||
<span class="fileinput-exists" translate>{{ 'change' }}</span><input type="file" name="project[project_caos_attributes][][attachment]"></span>
|
||||
<a class="input-group-addon btn btn-danger fileinput-exists" data-dismiss="fileinput" ng-click="deleteFile(file)"><i class="fa fa-trash-o"></i></a>
|
||||
</div>
|
||||
<span class="input-group-addon btn btn-default btn-file"><span class="fileinput-new" translate>{{ 'browse' }}</span>
|
||||
<span class="fileinput-exists" translate>{{ 'change' }}</span><input type="file" name="project[project_caos_attributes][][attachment]"></span>
|
||||
<a class="input-group-addon btn btn-danger fileinput-exists" data-dismiss="fileinput" ng-click="deleteFile(file)"><i class="fa fa-trash-o"></i></a>
|
||||
</div>
|
||||
|
||||
<div class="col-md-1 m-t-xs">
|
||||
<i class="fa fa-info-circle" aria-hidden="true" uib-tooltip="{{ 'allowed_extensions' | translate }} : {{allowedExtensions.join(', ')}}" tooltip-placement="bottom" tooltip-class="media-lg"></i>
|
||||
</div>
|
||||
</div>
|
||||
<a class="btn btn-default" ng-click="addFile()" role="button">{{ 'add_a_new_file' | translate }} <i class="fa fa-file-o fa-fw"></i></a>
|
||||
</div>
|
||||
|
@ -57,6 +57,10 @@ class API::ProjectsController < API::ApiController
|
||||
render :index
|
||||
end
|
||||
|
||||
def allowed_extensions
|
||||
render json: ENV['ALLOWED_EXTENSIONS'].split(' '), status: :ok
|
||||
end
|
||||
|
||||
private
|
||||
def set_project
|
||||
@project = Project.find(params[:id])
|
||||
|
@ -2,13 +2,5 @@ class ProjectCao < Asset
|
||||
mount_uploader :attachment, ProjectCaoUploader
|
||||
|
||||
validates :attachment, file_size: { maximum: 20.megabytes.to_i }
|
||||
validates :attachment, :file_mime_type => {
|
||||
:content_type => %w(application/pdf application/postscript application/illustrator
|
||||
image/x-eps image/svg+xml application/sla application/dxf application/acad application/dwg
|
||||
application/octet-stream application/step application/iges model/iges x-world/x-3dmf
|
||||
application/ application/vnd.openxmlformats-officedocument.wordprocessingml.document
|
||||
image/png text/x-arduino text/plain application/scad application/vnd.sketchup.skp
|
||||
application/x-koan application/vnd-koan koan/x-skm application/vnd.koan application/x-tex
|
||||
application/x-latex)
|
||||
}
|
||||
validates :attachment, :file_mime_type => { :content_type => ENV['ALLOWED_MIME_TYPES'].split(' ') }
|
||||
end
|
||||
|
@ -39,7 +39,7 @@ class ProjectCaoUploader < CarrierWave::Uploader::Base
|
||||
# Add a white list of extensions which are allowed to be uploaded.
|
||||
# For images you might use something like this:
|
||||
def extension_white_list
|
||||
%w(pdf ai eps cad math svg stl dxf dwg obj step iges igs 3dm 3dmf doc docx png ino scad fcad skp sldprt sldasm slddrw slddrt tex latex ps)
|
||||
ENV['ALLOWED_EXTENSIONS'].split(' ')
|
||||
end
|
||||
|
||||
# Override the filename of the uploaded files:
|
||||
|
@ -56,3 +56,6 @@ OPENLAB_APP_ID:
|
||||
OPENLAB_BASE_URI: 'https://openprojects.fab-manager.com'
|
||||
|
||||
LOG_LEVEL: 'debug'
|
||||
|
||||
ALLOWED_EXTENSIONS: pdf ai eps cad math svg stl dxf dwg obj step iges igs 3dm 3dmf doc docx png ino scad fcad skp sldprt sldasm slddrw slddrt tex latex ps
|
||||
ALLOWED_MIME_TYPES: application/pdf application/postscript application/illustrator image/x-eps image/svg+xml application/sla application/dxf application/acad application/dwg application/octet-stream application/step application/iges model/iges x-world/x-3dmf application/ application/vnd.openxmlformats-officedocument.wordprocessingml.document image/png text/x-arduino text/plain application/scad application/vnd.sketchup.skp application/x-koan application/vnd-koan koan/x-skm application/vnd.koan application/x-tex application/x-latex
|
||||
|
@ -128,6 +128,7 @@ en:
|
||||
illustration: "Illustration"
|
||||
add_an_illustration: "Add an illustration"
|
||||
CAD_file: "CAD file"
|
||||
allowed_extensions: "Allowed extensions:"
|
||||
add_a_new_file: "Add a new file"
|
||||
steps: "Steps"
|
||||
step_title: "Step title"
|
||||
|
@ -128,6 +128,7 @@ fr:
|
||||
illustration: "Illustration"
|
||||
add_an_illustration: "Ajouter un visuel"
|
||||
CAD_file: "Fichier CAO"
|
||||
allowed_extensions: "Extensions autorisées :"
|
||||
add_a_new_file: "Ajouter un nouveau fichier"
|
||||
steps: "Étapes"
|
||||
step_title: "Titre de l'étape"
|
||||
|
@ -26,10 +26,11 @@ Rails.application.routes.draw do
|
||||
root 'application#index'
|
||||
|
||||
namespace :api, as: nil, defaults: { format: :json } do
|
||||
resources :projects, only: [:index, :last_published, :show, :create, :update, :destroy] do
|
||||
resources :projects, only: [:index, :show, :create, :update, :destroy] do
|
||||
collection do
|
||||
get :last_published
|
||||
get :search
|
||||
get :allowed_extensions
|
||||
end
|
||||
end
|
||||
resources :openlab_projects, only: :index
|
||||
|
Loading…
x
Reference in New Issue
Block a user