class CollectionsController < ApplicationController
- skip_around_filter :thread_with_mandatory_api_token, only: [:show_file]
- skip_before_filter :find_object_by_uuid, only: [:provenance, :show_file]
- skip_before_filter :check_user_agreements, only: [:show_file]
+ skip_around_filter(:thread_with_mandatory_api_token,
+ only: [:show_file, :show_file_links])
+ skip_before_filter(:find_object_by_uuid,
+ only: [:provenance, :show_file, :show_file_links])
RELATION_LIMIT = 5
@request_url = request.url
end
+ def show_file_links
+ Thread.current[:reader_tokens] = [params[:reader_token]]
+ find_object_by_uuid
+ show
+ render 'show'
+ end
+
def show_file
# We pipe from arv-get to send the file to the user. Before we start it,
# we ask the API server if the file actually exists. This serves two
resources :collections do
post 'set_persistent', on: :member
end
- get '/collections/:uuid/*file' => 'collections#show_file', :format => false
get('/collections/download/:uuid/:reader_token/*file' => 'collections#show_file',
format: false)
+ get '/collections/download/:uuid/:reader_token' => 'collections#show_file_links'
+ get '/collections/:uuid/*file' => 'collections#show_file', :format => false
resources :folders do
match 'remove/:item_uuid', on: :member, via: :delete, action: :remove_item
end
end
test "viewing collection files with a reader token" do
- skip # Need a new route+view for this.
params = collection_params(:foo_file)
params[:reader_token] =
api_fixture('api_client_authorizations')['active']['api_token']
- get(:show, params)
+ get(:show_file_links, params)
assert_response :success
assert_equal([['.', 'foo', 3]], assigns(:object).files)
assert_no_session