set permissions on attachments so that users in same group can handle the attachments

if you run MessageGateway under user mail and Tracks under user apache, you cannot delete attachments from the web ui since the default permissions is read-only. To delete an attachment, you need w permission on the directory containing the attachment
2026-02-13 02:44:22 +01:00 · 2014-07-24 20:58:11 +02:00 · 2014-07-24 20:58:11 +02:00 · eb4624ff69
commit eb4624ff69
parent 8226be68b3
2 changed files with 10 additions and 1 deletions
--- a/app/models/attachment.rb
+++ b/app/models/attachment.rb
@ -1,9 +1,13 @@
 class Attachment < ActiveRecord::Base
  belongs_to :todo, touch: true

+  # enable write permissions on group, since MessageGateway could be run under different
+  # user than Tracks (i.e. apache versus mail)
+
  has_attached_file :file,
    url:  '/:class/:id/:basename.:extension',
-    path: ":rails_root/db/assets/#{Rails.env}/:class/:id/:basename.:extension"
+    path: ":rails_root/db/assets/#{Rails.env}/:class/:id/:basename.:extension",
+    override_file_permissions: 0660

  do_not_validate_attachment_file_type :file
  # validates_attachment_content_type :file, :content_type => ["text/plain"]
--- a/app/models/message_gateway.rb
+++ b/app/models/message_gateway.rb
@ -43,6 +43,11 @@ class MessageGateway < ActionMailer::Base
    tmp.close
    saved = attachment.save!

+    # enable write permissions on group, since MessageGateway could be run under different
+    # user than Tracks (i.e. apache versus mail)
+    dir = File.open(File.dirname(attachment.file.path))
+    dir.chmod(0770)
+
    # delete temp file
    tmp.unlink
  end