diff --git a/app/controllers/announcements_controller.rb b/app/controllers/announcements_controller.rb index 177288b..3e5d3e4 100644 --- a/app/controllers/announcements_controller.rb +++ b/app/controllers/announcements_controller.rb @@ -203,7 +203,27 @@ class AnnouncementsController < ApplicationController } } end - + def get_file + @url = request.path + begin + file = BulletinFile.find(params[:id]) + @url = file.file.url + if file.can_access?(OrbitHelper.current_user) + @path = file.file.path rescue "" + @filename = @path.split("/").last + @ext = @path.split("/").last.to_s.split(".").last + if @ext == "png" || @ext == "jpg" || @ext == "bmp" || @ext == "pdf" + render "archives/download_file.html",:layout=>false + else + send_file(@path) + end + else + render :file => "#{Rails.root}/app/views/errors/403.html", :layout => false, :status => :not_found, :content_type => 'text/html' + end + rescue + render :file => "#{Rails.root}/app/views/errors/404.html", :layout => false, :status => :not_found, :content_type => 'text/html' + end + end def show_local_announcement(uid, is_preview) locale = OrbitHelper.get_site_locale.to_s if is_preview @@ -234,8 +254,8 @@ class AnnouncementsController < ApplicationController "url" => OrbitHelper.page_for_tag(tag) } } rescue [] files = announcement.bulletin_files.map do |file| - { "file_url" => file.file.url, - "file_title" => (file.title.blank? ? URI.unescape(File.basename(file.file.path)) : file.title rescue '') } if file.enabled_for?(locale) and file.can_access?(OrbitHelper.current_user) + { "file_url" => "/xhr/announcements/file/#{file.id}/#{file['file']}", + "file_title" => (file.title.blank? ? URI.unescape(File.basename(file.file.path)) : file.title rescue '') } if file.enabled_for?(locale) end rescue [] files.delete(nil) files.each do |file| diff --git a/app/views/admin/announcements/_form.html.erb b/app/views/admin/announcements/_form.html.erb index 27c25a3..fced971 100644 --- a/app/views/admin/announcements/_form.html.erb +++ b/app/views/admin/announcements/_form.html.erb @@ -494,7 +494,21 @@ if(obj<10) return "0" +""+ obj; else return obj; } - + function add_click_for_privacy() + { + $(".privacy-changer-btn").off('click') + $(".privacy-changer-btn").click(function(){ + var val = $(this).attr('for') + var parent_node = $(this).parents('.add-on.btn-group').eq(0) + parent_node.find('.privacy_type').val(val) + parent_node.find('i').eq(0).attr('class',$(this).find('i').attr('class')) + parent_node.find('.dropdown-menu').hide() + window.setTimeout(function(){ + parent_node.find('.dropdown-menu').css('display','') + },1000) + + }) + } $(function() { $('#bulletin_open_comment').change(function(){ $(this).prop('checked') ? $('div[data-for="open_comment"]').removeClass('hide') : $('div[data-for="open_comment"]').addClass('hide') @@ -544,6 +558,7 @@ $(this).children('.tab-pane').eq(on).addClass('in active').siblings().removeClass('in active'); }); formTip(); + add_click_for_privacy(); }); $(document).on('click', '.delete_link', function(){ $(this).parents('.input-prepend').remove(); @@ -618,17 +633,6 @@ $("#external_link_box").hide(); } }) - + add_click_for_privacy() }); - $(".privacy-changer-btn").click(function(){ - var val = $(this).attr('for') - var parent_node = $(this).parents('.add-on.btn-group').eq(0) - parent_node.find('.privacy_type').val(val) - parent_node.find('i').eq(0).attr('class',$(this).find('i').attr('class')) - parent_node.find('.dropdown-menu').hide() - window.setTimeout(function(){ - parent_node.find('.dropdown-menu').css('display','') - },1000) - - }) diff --git a/config/routes.rb b/config/routes.rb index e21e3a3..e45f4d0 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -39,6 +39,7 @@ Rails.application.routes.draw do get '/xhr/announcements/announcement.json', to: 'bulletins#get_bulletins' get '/xhr/panel/announcement/widget/sync_data' => 'announcements#show_widget' get '/xhr/announcements/:slug_title-:uid/comment', to: 'announcements#comment' + get '/xhr/announcements/file/:id/:f_name' => 'announcements#get_file' end end