Forum: Ruby on Rails File Column Directory Add another layer

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Andrew F. (Guest)
on 2005-12-20 23:36
(Received via mailing list)
Quick Question. I understand how to change the default path to
something other than public but what if I wanted to add another
directory into the equation. I want to upload an image into the
following structure:

/public/image/userid/imageid/test.gif

So basically I want to look up the userid in my users table and put
all the images for that user in the same directory. So i have a one
more level of separation. The reason being that we want to have a
bandwidth cap put on download for our app. We are doing this via
virtual's set on the server however with all the virtuals pointing to
the same place it is possible for a malicious user to find out
another virtuals name and use that as a workaround to their bandwidth
constraint. Is it possible? has anyone else tried this?

Thanks

Andrew
David R. (Guest)
on 2005-12-21 04:04
(Received via mailing list)
This certainly isn't a concise answer to your query, but I needed to do
several things with uploaded images, beyond what file_column provided.
I'm
just gonna paste stuff right out of my Registrant model rather than try
to
figure out how to make it generic for you...

  def save_image(image_to_crop, crop_params)
    img_base = RAILS_ROOT + "/public/images/registrants/"
    img_filename =  self.id.to_s + ".jpg"
    y, x, w, h = crop_params.split(',')

    logger.info("Trying to open " + image_to_crop)

    img = ::Magick::ImageList.new(image_to_crop)

    img.crop!(x.to_i, y.to_i, w.to_i, h.to_i)
    img.resize!(120, 120)
    color_thumb = img.resize(32, 32)
    grey_img = img.quantize(256, ::Magick::GRAYColorspace)
    img.write(img_base + img_filename)
    grey_img.write(img_base + 'greyscale/' + img_filename)
    color_thumb.write(img_base + 'thumbnail/' + img_filename)
  end

image_to_crop comes from the view where the file_column field
originated:
<input type='hidden' name='image_to_crop' value='<%= @registrant.image
%>'
/>

save_image is called from the controller.

Hopefully you'll see something there that will help you with your issue.

David R.
Kyle M. (Guest)
on 2005-12-21 04:59
(Received via mailing list)
With the trunk version of file_column, you can:

class Model #...
  file_column :field, :store_dir = > :dynamic_dir

  def dynamic_dir
    File.join(field_options[:root_path], "model_name",
Digest::SHA1.hexdigest(User.current_user.hash)[0..9], "field_name")
  #...

Have you looked into lighty's protected downloads feature?  That might
be a better solution.
Andrew F. (Guest)
on 2005-12-21 16:46
(Received via mailing list)
Well I have not looked into it yet. But the trunk version of
file_column will allow me to do what I want to do, while lighty does
not support the throttling that we are looking to do. We are still
trying to find a webserver that will and that also supports rails.

I'll have to go and grab the trunk version of file column.

Andrew
This topic is locked and can not be replied to.