Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2026-01-05 23:30:42 +01:00
Code Issues Packages Projects Releases Activity

Merged r23581, r23582 and r23583 from trunk to 5.1-stable (#42394).

Browse Source 
git-svn-id: https://svn.redmine.org/redmine/branches/5.1-stable@23585 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Marius Balteanu
2025-03-29 13:52:41 +00:00
parent 1479b01e49
commit d98b65804b
4 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/routes.rb
View File

@@ -313,7 +313,7 @@ Rails.application.routes.draw do
# additional routes for having the file name at the end of url
get 'attachments/:id/:filename', :to => 'attachments#show', :id => /\d+/, :filename => /.*/, :as => 'named_attachment', :format => 'html'
get 'attachments/download/:id/:filename', :to => 'attachments#download', :id => /\d+/, :filename => /.*/, :as => 'download_named_attachment'
get 'attachments/download/:id/:filename', :to => 'attachments#download', :id => /\d+/, :filename => /.*/, :as => 'download_named_attachment', :format => 'html'
get 'attachments/download/:id', :to => 'attachments#download', :id => /\d+/
get 'attachments/thumbnail/:id(/:size)', :to => 'attachments#thumbnail', :id => /\d+/, :size => /\d+/, :as => 'thumbnail'
resources :attachments, :only => [:show, :update, :destroy]

2
test/integration/api_test/attachments_test.rb
View File

@@ -63,7 +63,7 @@ class Redmine::ApiTest::AttachmentsTest < Redmine::ApiTest::Base
test "GET /attachments/download/:id/:filename should deny access without credentials" do
get '/attachments/download/7/archive.zip'
assert_response 401
assert_response 302
end
test "GET /attachments/thumbnail/:id should return the thumbnail" do

10
test/integration/attachments_test.rb
View File

@@ -267,6 +267,16 @@ class AttachmentsTest < Redmine::IntegrationTest
end
end
def test_unauthorized_named_download_link_should_redirect_to_login
with_settings login_required: '1' do
get "/attachments/download/1"
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fattachments%2Fdownload%2F1"
get "/attachments/download/1/error281.txt"
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2Fattachments%2Fdownload%2F1%2Ferror281.txt"
end
end
private
def ajax_upload(filename, content, attachment_id=1)

2
test/integration/routing/attachments_test.rb
View File

@@ -26,7 +26,7 @@ class RoutingAttachmentsTest < Redmine::RoutingTest
should_route 'GET /attachments/1/filename.txt' => 'attachments#show', :id => '1', :filename => 'filename.txt', :format => 'html'
should_route 'GET /attachments/download/1' => 'attachments#download', :id => '1'
should_route 'GET /attachments/download/1/filename.ext' => 'attachments#download', :id => '1', :filename => 'filename.ext'
should_route 'GET /attachments/download/1/filename.ext' => 'attachments#download', :id => '1', :filename => 'filename.ext', :format => 'html'
should_route 'GET /attachments/thumbnail/1' => 'attachments#thumbnail', :id => '1'
should_route 'GET /attachments/thumbnail/1/200' => 'attachments#thumbnail', :id => '1', :size => '200'