2020-10-27 00:50:13 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
involve user in generating non-public links
fixes RECNVS-12
and make public links explicit. note that for non-inst-fs file storage,
the user parameter to the existing authenticated_url method is unused.
so for non-inst-fs, the following sets of methods are equivalent:
* authenticated_url_for_user(*) == public_url == authenticated_url
* download_url_for_user(*) == public_download_url (was download_url)
* inline_url_for_user(*) == public_inline_url (was inline_url)
the choice of `public_...` over `..._for_user` methods in the refactoring
should thus be a no-op except when inst-fs is enabled. with inst-fs enabled,
the `public_...` methods produce URLs usable by any user (including
those not logged in!); this matches non-inst-fs behavior. the
`..._for_user` methods produce URLs usable only by the user for whom
they were generated, and should be preferred where public access is not
necessary.
after this refactor, make public links for google doc previews short
lived and consolidate some code around google doc preview links.
test-plan:
- enable inst-fs
[per-user inst-fs JWTs]
- have a student and a teacher in a course with an assignment
- as the teacher upload an image to the course files, then add the
image to the course syllabus
- as the student, attempt to view the course syllabus. should see the
image in the course syllabus (prior to this commit would fail)
- copy the inst-fs URL the student's browser was redirected to when
viewing the file
- as the teacher attempt to access the image directly using the
student's inst-fs URL; should fail
[public inst-fs JWTs]
- as the teacher, upload a course card image (example of public file)
- as the teacher, view the course card image and copy the inst-fs URL
redirected to
- as the student, attempt to access the course card image directly
using the copied inst-fs URL; should succeed
[google docs preview]
- disable canvadocs on the account if enabled
- as the teacher, upload a PDF to the course files
- find the PDF in the course files and preview it
- preview should be displayed via embedded google docs iframe
- preview should succeed
Change-Id: I8384cbb89f1522022e2f06579e6381de5ed0076c
Reviewed-on: https://gerrit.instructure.com/133889
Tested-by: Jenkins
Reviewed-by: Andrew Huff <ahuff@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
2017-11-28 05:10:55 +08:00
|
|
|
#
|
|
|
|
|
# Copyright (C) 2017 - present Instructure, Inc.
|
|
|
|
|
#
|
|
|
|
|
# This file is part of Canvas.
|
|
|
|
|
#
|
|
|
|
|
# Canvas is free software: you can redistribute it and/or modify it under
|
|
|
|
|
# the terms of the GNU Affero General Public License as published by the Free
|
|
|
|
|
# Software Foundation, version 3 of the License.
|
|
|
|
|
#
|
|
|
|
|
# Canvas is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
|
|
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
|
|
|
|
# A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
|
|
|
|
|
# details.
|
|
|
|
|
#
|
|
|
|
|
# You should have received a copy of the GNU Affero General Public License along
|
|
|
|
|
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
module GoogleDocsPreview
|
|
|
|
|
PREVIEWABLE_TYPES = %w[
|
|
|
|
|
application/vnd.openxmlformats-officedocument.wordprocessingml.template
|
|
|
|
|
application/vnd.oasis.opendocument.spreadsheet
|
|
|
|
|
application/vnd.sun.xml.writer
|
|
|
|
|
application/excel
|
|
|
|
|
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
|
|
|
|
|
text/rtf
|
|
|
|
|
text/plain
|
|
|
|
|
application/vnd.openxmlformats-officedocument.spreadsheetml.template
|
|
|
|
|
application/vnd.sun.xml.impress
|
|
|
|
|
application/vnd.sun.xml.calc
|
|
|
|
|
application/vnd.ms-excel
|
|
|
|
|
application/msword
|
|
|
|
|
application/mspowerpoint
|
|
|
|
|
application/rtf
|
|
|
|
|
application/vnd.oasis.opendocument.presentation
|
|
|
|
|
application/vnd.oasis.opendocument.text
|
|
|
|
|
application/vnd.openxmlformats-officedocument.presentationml.template
|
|
|
|
|
application/vnd.openxmlformats-officedocument.presentationml.slideshow
|
|
|
|
|
application/vnd.openxmlformats-officedocument.presentationml.presentation
|
|
|
|
|
application/vnd.openxmlformats-officedocument.wordprocessingml.document
|
|
|
|
|
application/postscript
|
|
|
|
|
application/pdf
|
|
|
|
|
application/vnd.ms-powerpoint
|
|
|
|
|
].freeze
|
|
|
|
|
|
|
|
|
|
def self.previewable?(account, attachment)
|
|
|
|
|
account&.service_enabled?(:google_docs_previews) &&
|
|
|
|
|
PREVIEWABLE_TYPES.include?(attachment.content_type) &&
|
|
|
|
|
attachment.downloadable?
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def self.url_for(attachment)
|
|
|
|
|
expires_in = Setting.get("google_docs_previews.link_duration_minutes", "5").to_i.minutes
|
|
|
|
|
attachment.public_url(expires_in: expires_in)
|
|
|
|
|
end
|
|
|
|
|
end
|