projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'master' into 3618-column-ordering
[arvados.git]
/
apps
/
workbench
/
app
/
controllers
/
collections_controller.rb
diff --git
a/apps/workbench/app/controllers/collections_controller.rb
b/apps/workbench/app/controllers/collections_controller.rb
index 4e0008d93cf63887926c7d3ef7907d4f1f377bd3..e869824be415d57cc0eddc8d1ee15fa50698eb04 100644
(file)
--- a/
apps/workbench/app/controllers/collections_controller.rb
+++ b/
apps/workbench/app/controllers/collections_controller.rb
@@
-145,9
+145,11
@@
class CollectionsController < ApplicationController
usable_token = find_usable_token(tokens) do
coll = Collection.find(params[:uuid])
end
usable_token = find_usable_token(tokens) do
coll = Collection.find(params[:uuid])
end
+
+ file_name = params[:file].andand.sub(/^(\.\/|\/|)/, './')
if usable_token.nil?
return # Response already rendered.
if usable_token.nil?
return # Response already rendered.
- elsif
params[:file].nil? or not coll.manifest.has_file?(params[:file]
)
+ elsif
file_name.nil? or not coll.manifest.has_file?(file_name
)
return render_not_found
end
return render_not_found
end