Forum: Ruby on Rails Permissions on uploaded files, TinyFile

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ca2e3e3f873fed864da130efb194e199?d=identicon&s=25 Ana Barrueta (Guest)
on 2006-06-08 18:25
Hi, im getting a little trouble with this, im using TinyFile as the
example to upload files
http://wiki.rubyonrails.com/rails/pages/TinyFile/versions/20

All goes well but the files uploaded are saved with permissions 600
(linux) and in the case of images arent showed on the browser(but
uploaded and stored in the server without problems) i have to manually
ftp to the uploaded files folder and change it to 644 to the images
shows on the browser.

I dont know if its possible to define the permissions of the file that
will keep when saved in the model or the controller, or maybe its a
server issue.

Hope someone can help with this, small problem but not so easy to me to
fix it.
Ca2e3e3f873fed864da130efb194e199?d=identicon&s=25 Ana Barrueta (Guest)
on 2006-06-08 23:34
Anyone? i have been trying to set the permissions of the uploaded file
with: FileUtils.chmod 0644, %w(File) , on the before_create action but
doesnt seems to work, still the files are saved with 600, her is the
code im using:

#view-----------------

<%= start_form_tag( {:action => 'create' }, :multipart => true )%>
  <%= render_partial 'form' %>
<br />
<br />
  <%= submit_tag "Subir imagen" %>
<%= end_form_tag %>

#controller-----------------------

class ResourcesController < AdController
layout 'admin'
before_filter :index
  def index
    @resources = Resource.find(:all, :order => "filename ASC")
    #@resource_pages, @resources = paginate :resource, :per_page => 200
  end

  def download
     send_file Resource.find(params[:id]).path_to_file, :stream => true
  end

  def create
    @resource = Resource.new(params[:resource])

    return render :action => 'new' unless request.post? and
@resource.save
    flash[:notice] = "sucess: <strong>#{@resource.filename}</strong>."
    redirect_to :action => 'index'
  end

  def rename
#    @resource = Resource.find(params[:id])
#    return render unless
Resource.find(params[:id]).rename(params[:resource][:filename]) rescue
return
    return render unless
(@resource=Resource.find(params[:id])).rename(params[:resource][:filename])
rescue return
     flash[:notice] = "success."

    redirect_to :action => 'index'
  end

  def destroy
    Resource.find(params[:id]).destroy
    flash[:notice] = "deleted."
    redirect_to :action => 'index'
  end
end

#model----------------------------

class Resource < ActiveRecord::Base

validates_presence_of :filename
validates_uniqueness_of :filename, :message => "already exists, try
uploading another file or deleting first."

def rename(new_name, old_path=self.path_to_file)
  File.rename old_path, self.path_to_file(new_name) if
self.update_attributes( :filename => new_name )
end

def before_destroy
  # delete the file from the filesystem
  File.delete self.path_to_file
end

def file=(uploaded_file, i=1)
  @uploaded_file = uploaded_file
  fn=self.filename=sanitize_filename(@uploaded_file.original_filename)
  self.filename=fn+(i+=1).to_s while File.exists? (self.path_to_file)

  #tmpfile = filename.sub(/^(.*?)(\.[^\.]+)?$/,'\1'+"#{i+=1}"+'\2')
while File.exists? (self.path_to_file)
end

def before_create
  # if it's large enough to be a real file
  return FileUtils.copy( @uploaded_file.local_path, self.path_to_file)
if @uploaded_file.instance_of?(Tempfile)
  # else
  File.open(self.path_to_file, "w") { |f| f.write(@uploaded_file.read) }
  FileUtils.chmod 0644, %w(File)
end

# setup file location
def path_to_file ( file = self.filename)
  RAILS_ROOT + "/public/images/publicas/" + file
end

def sanitize_filename(name)
  # get only the filename, not the whole path and
  # replace all none alphanumeric, underscore or periods with underscore
  File.basename(name.gsub('\\', '/')).gsub(/[^\w\.\-]/,'_')
end

end

As i said, the files are uploaded and stored without problems but the
600 permissions that later i have to manually change it by ftp to 644.

Hop someone can help :(
This topic is locked and can not be replied to.