gab-social/app/controllers/media_controller.rb
mgabdev 9d61659604 Updated store_location_for for redirecting after sign in
• Updated:
- store_location_for for redirecting after sign in
2020-06-16 09:31:55 -04:00

38 lines
962 B
Ruby

# frozen_string_literal: true
class MediaController < ApplicationController
include Authorization
skip_before_action :store_current_location
before_action :set_media_attachment
before_action :verify_permitted_status!
content_security_policy only: :player do |p|
p.frame_ancestors(false)
end
def show
redirect_to @media_attachment.file.url(:original)
end
def player
@body_classes = 'player'
response.headers['X-Frame-Options'] = 'ALLOWALL'
raise ActiveRecord::RecordNotFound unless @media_attachment.video? || @media_attachment.gifv?
end
private
def set_media_attachment
@media_attachment = MediaAttachment.attached.find_by!(shortcode: params[:id] || params[:medium_id])
end
def verify_permitted_status!
authorize @media_attachment.status, :show?
rescue GabSocial::NotPermittedError
# Reraise in order to get a 404 instead of a 403 error code
raise ActiveRecord::RecordNotFound
end
end