jcoglan-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org
2008-Feb-17 13:47 UTC
Image access control
Hi all,
My app allows users to upload images, but access to the images needs
to be controlled. For this reason, I''m not storing the images in the /
public dir, I''m storing them elsewhere. What I need as an action that
will verify the logged-in user''s access to an image, then render the
image inline. I''ve been trying this but it doesn''t work:
class ImagesController < ApplicationController
before_filter :verify_user
def show
@image = CmsImage.find(params[:id])
send_data(File.read(@image.full_path), :type =>
@image.content_type, :disposition => ''inline'')
rescue
# image not found...
end
end
It just prints the URL used to access this action to the screen (in
firefox). If I call this instead:
render :text => File.read(@image.full_path)
then I get the contents of the image fill as text, so it''s reading the
file OK. It just doesn''t display in the browser. Anyone got any idea
how to solve this?
Many thanks,
James
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
jcoglan-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org
2008-Feb-17 14:56 UTC
Re: Image access control
Quick update: I found I could use ImageMagick do deliver the data, but
it''s pretty damn slow. Any know a faster way?
## ---- Model cms_image.rb ----
require ''RMagick''
class CmsImage
def image_data
Magick::Image.read(full_path).first.to_blob
end
end
## ---- Controller images_controller.rb ----
class ImagesController < ApplicationController
before_filter :verify_user
def show
@image = CmsImage.find(params[:id])
send_data(@image.image_data, :type =>
@image.content_type, :disposition => ''inline'')
rescue
# image not found...
end
end
On Feb 17, 1:47 pm, "jcog...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org"
<jcog...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org>
wrote:> Hi all,
>
> My app allows users to upload images, but access to the images needs
> to be controlled. For this reason, I''m not storing the images in
the /
> public dir, I''m storing them elsewhere. What I need as an action
that
> will verify the logged-in user''s access to an image, then render
the
> image inline. I''ve been trying this but it doesn''t work:
>
> class ImagesController < ApplicationController
> before_filter :verify_user
>
> def show
> @image = CmsImage.find(params[:id])
> send_data(File.read(@image.full_path), :type =>
> @image.content_type, :disposition => ''inline'')
> rescue
> # image not found...
> end
> end
>
> It just prints the URL used to access this action to the screen (in
> firefox). If I call this instead:
>
> render :text => File.read(@image.full_path)
>
> then I get the contents of the image fill as text, so it''s reading
the
> file OK. It just doesn''t display in the browser. Anyone got any
idea
> how to solve this?
>
> Many thanks,
> James
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---