Permissions on uploaded files, TinyFile

anabia · June 8, 2006, 6:25pm

Hi, im getting a little trouble with this, im using TinyFile as the
example to upload files
http://wiki.rubyonrails.com/rails/pages/TinyFile/versions/20

All goes well but the files uploaded are saved with permissions 600
(linux) and in the case of images arent showed on the browser(but
uploaded and stored in the server without problems) i have to manually
ftp to the uploaded files folder and change it to 644 to the images
shows on the browser.

I dont know if its possible to define the permissions of the file that
will keep when saved in the model or the controller, or maybe its a
server issue.

Hope someone can help with this, small problem but not so easy to me to
fix it.

anabia · June 8, 2006, 11:34pm

Anyone? i have been trying to set the permissions of the uploaded file
with: FileUtils.chmod 0644, %w(File) , on the before_create action but
doesnt seems to work, still the files are saved with 600, her is the
code im using:

#view-----------------

<%= start_form_tag( {:action => ‘create’ }, :multipart => true )%>
<%= render_partial ‘form’ %>

<%= submit_tag “Subir imagen” %>
<%= end_form_tag %>

#controller-----------------------

class ResourcesController < AdController
layout ‘admin’
before_filter :index
def index
@resources = Resource.find(:all, :order => “filename ASC”)
#@resource_pages, @resources = paginate :resource, :per_page => 200
end

def download
send_file Resource.find(params[:id]).path_to_file, :stream => true
end

def create
@resource = Resource.new(params[:resource])

return render :action => 'new' unless request.post? and

@resource.save
flash[:notice] = “sucess: #{@resource.filename}.”
redirect_to :action => ‘index’
end

def rename

@resource = Resource.find(params[:id])

return render unless

Resource.find(params[:id]).rename(params[:resource][:filename]) rescue
return
return render unless
(@resource=Resource.find(params[:id])).rename(params[:resource][:filename])
rescue return
flash[:notice] = “success.”

redirect_to :action => 'index'

end

def destroy
Resource.find(params[:id]).destroy
flash[:notice] = “deleted.”
redirect_to :action => ‘index’
end
end

#model----------------------------

class Resource < ActiveRecord::Base

validates_presence_of :filename
validates_uniqueness_of :filename, :message => “already exists, try
uploading another file or deleting first.”

def rename(new_name, old_path=self.path_to_file)
File.rename old_path, self.path_to_file(new_name) if
self.update_attributes( :filename => new_name )
end

def before_destroy

delete the file from the filesystem

File.delete self.path_to_file
end

def file=(uploaded_file, i=1)
@uploaded_file = uploaded_file
fn=self.filename=sanitize_filename(@uploaded_file.original_filename)
self.filename=fn+(i+=1).to_s while File.exists? (self.path_to_file)

#tmpfile = filename.sub(/^(.*?)(.[^.]+)?$/,’\1’+"#{i+=1}"+’\2’)
while File.exists? (self.path_to_file)
end

def before_create

if it’s large enough to be a real file

return FileUtils.copy( @uploaded_file.local_path, self.path_to_file)
if @uploaded_file.instance_of?(Tempfile)

else

File.open(self.path_to_file, “w”) { |f| f.write(@uploaded_file.read) }
FileUtils.chmod 0644, %w(File)
end

setup file location

def path_to_file ( file = self.filename)
RAILS_ROOT + “/public/images/publicas/” + file
end

def sanitize_filename(name)

get only the filename, not the whole path and

replace all none alphanumeric, underscore or periods with underscore

File.basename(name.gsub(’\’, ‘/’)).gsub(/[^\w.-]/,’_’)
end

end

As i said, the files are uploaded and stored without problems but the
600 permissions that later i have to manually change it by ftp to 644.

Hop someone can help