Make human readable short urls (#92)

* Add album image model

* Add image controller

* fix image metadata issue

* upgrade data migration rake task

* update controllers to use new model

* run rubocop

* update migration task

* Update model slug creation

* update rubocop

* fix public image not avalable outside application bug

Author: bbucsy

.gitignore

@@ -35,3 +35,5 @@
 yarn-debug.log*
 .yarn-integrity
 .env
+
+.idea

.rubocop.yml

@@ -11,6 +11,7 @@ AllCops:
     - 'vendor/**/*'
     - '.git/**/*'
     - '.github/**/*'
+    - 'lib/tasks/data_migration.rake'
 # Cop specific settings
 Style/GuardClause:
   MinBodyLength: 3

Gemfile

@@ -25,6 +25,9 @@ gem 'jbuilder', '~> 2.7'
 # Use Active Storage variant
 gem 'image_processing', '~> 1.2'
 
+# Use for shorter urls
+gem 'friendly_id', '~> 5.4.0'
+
 # Reduces boot times through caching; required in config/boot.rb
 gem 'bootsnap', '>= 1.4.2', require: false
 

Gemfile.lock

@@ -87,6 +87,8 @@ GEM
     faraday (1.0.1)
       multipart-post (>= 1.2, < 3)
     ffi (1.15.5)
+    friendly_id (5.4.2)
+      activerecord (>= 4.0.0)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
     hashie (4.1.0)
@@ -262,6 +264,7 @@ DEPENDENCIES
   byebug
   capybara (>= 2.15)
   dotenv-rails
+  friendly_id (~> 5.4.0)
   i18n_generators (~> 2.2, >= 2.2.2)
   image_processing (~> 1.2)
   jbuilder (~> 2.7)

app/assets/stylesheets/album_image.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the AlbumImage controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: https://sass-lang.com/

app/controllers/album_image_controller.rb

@@ -0,0 +1,40 @@
+class AlbumImageController < ApplicationController
+  before_action :set_image
+
+  def show
+    http_cache_forever public: true do
+      content_headers_from @image.file.blob
+      stream @image.file.blob
+    end
+  end
+
+  private
+
+  def set_image
+    @image = AlbumImage.friendly.find(params[:id])
+    authorize_image
+  end
+
+  def authorize_image
+    return if @image.album.public?
+
+    unless current_user.present? && (current_user.site_admin? || logged_in_as_admin_of?(album.circle) || album.shared?)
+      redirect_to '/', notice: I18n.t('unauthorized', scope: 'album_images.errors')
+    end
+  end
+
+  def content_headers_from(blob)
+    response.headers['Content-Type']        = blob.content_type_for_serving
+    response.headers['Content-Disposition'] = ActionDispatch::Http::ContentDisposition.format \
+      disposition: blob.forced_disposition_for_serving || params[:disposition] || 'inline',
+      filename: blob.filename.sanitized
+  end
+
+  def stream(blob)
+    blob.download do |chunk|
+      response.stream.write chunk
+    end
+  ensure
+    response.stream.close
+  end
+end

app/controllers/albums_controller.rb

@@ -1,5 +1,5 @@
 class AlbumsController < ApplicationController
-  before_action :set_album, only: %i[edit update destroy delete_image add_image]
+  before_action :set_album, only: %i[edit update destroy delete_image add_image image]
   before_action :login_required
   before_action :admin_or_owner_required, only: %i[edit update destroy]
   before_action :admin_or_owner_or_shared_required, only: %i[delete_image add_image]
@@ -10,24 +10,24 @@ class AlbumsController < ApplicationController
   # GET /albums
   def index
     @albums = Album.all.order(created_at: :desc)
-    @title = 'Minden album'
+    @title  = 'Minden album'
   end
 
   # GET /albums/myalbums
   def myalbums
     @albums = Album.where(user: current_user).order(created_at: :desc)
-    @title = 'Albumaim'
+    @title  = 'Albumaim'
     render :index
   end
 
   # GET /albums/1
   def show
-    @album = Album.includes(:images_attachments).find(params[:id])
+    @album = Album.includes(:album_images).find(params[:id])
   end
 
   # GET /albums/new
   def new
-    @album = Album.new
+    @album   = Album.new
     @circles = current_user.memberships.where(accepted: true).map(&:circle)
 
     redirect_to circles_path, notice: 'Nincs körtagsága, nem hozhat létre kört!' if @circles.empty?
@@ -41,7 +41,7 @@ def create
     @render_target = :new
 
     @album = Album.new(album_params)
-    @album.images = params[:album][:images]
+    @album.build_images params[:album][:images]
     @album.user = current_user
 
     if @album.save
@@ -70,24 +70,27 @@ def destroy
 
   # GET /albums/1/image?image_id=1
   def image
+    image = @album.album_images.find_by(id: params[:image_id])
+    return render json: { status: 404 }, status: :not_found if image.blank?
+
     render json: {
-      url: url_for(ActiveStorage::Attachment.find(params[:image_id])),
-      filename: ActiveStorage::Attachment.find(params[:image_id]).blob.filename
+      url: url_for(image),
+      filename: image.file.blob.filename
     }
   end
 
   # DELETE one image of the album
   def delete_image
-    image = ActiveStorage::Attachment.find(params[:image_id])
-    image.purge
+    image = AlbumImage.find(params[:image_id])
+    image.destroy!
     redirect_to @album
   end
 
   # POST add image(s) to the album
   def add_image
     images = params[:images]
-    @album.images.attach(images) if images.present?
-
+    @album.build_images(images) if images.present?
+    @album.save
     redirect_to @album, notice: 'Album sikeresen módosítva.'
   end
 
@@ -100,7 +103,7 @@ def set_album
 
   # Analyze all the images for their width and height
   def analyze_album
-    @album.images.each { |i| i.analyze unless i.analyzed? }
+    @album.images.map(&:file).each { |i| i.analyze unless i.analyzed? }
   end
 
   # Allow only owner or admin

app/controllers/application_controller.rb

@@ -1,34 +1,42 @@
 class ApplicationController < ActionController::Base
+  rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
+
   protected
 
   def logged_in?
     session[:user_id]
   end
+
   helper_method :logged_in?
 
   def in_circle?(circle)
     Membership.exists?(user: current_user, circle: circle)
   end
+
   helper_method :in_circle?
 
   def accepted_in_circle?(circle)
     Membership.exists?(user: current_user, circle: circle, accepted: true)
   end
+
   helper_method :accepted_in_circle?
 
   def logged_in_as_site_admin?
     current_user&.site_admin?
   end
+
   helper_method :logged_in_as_site_admin?
 
   def logged_in_as_admin_of?(circle)
     Membership.exists?(user: current_user, circle: circle, admin: true)
   end
+
   helper_method :logged_in_as_admin_of?
 
   def current_user
     @current_user ||= User.find(session[:user_id]) if logged_in?
   end
+
   helper_method :current_user
 
   # Function used in derived classes as before actions
@@ -40,4 +48,8 @@ def login_required
   def site_admin_required
     redirect_to root_path, notice: 'Nincs jogosultságod az oldalhoz!' unless logged_in_as_site_admin?
   end
+
+  def record_not_found
+    redirect_to root_url, notice: 'Erőforrás nem találva'
+  end
 end

app/extensions/secure_blob_extension.rb

@@ -0,0 +1,2 @@
+module AlbumImageHelper
+end

app/helpers/album_image_helper.rb

@@ -1,19 +1,27 @@
 class Album < ApplicationRecord
-  has_many_attached :images
   validates :title, presence: true, length: { minimum: 3, maximum: 128 }
   validates :desc, length: { maximum: 255 }
   belongs_to :user
   belongs_to :circle
+  has_many :album_images, dependent: :destroy, autosave: true
 
   def thumbnail
-    if images.empty?
+    if album_images.empty?
       ActionController::Base.helpers.image_url('album-blank.jpg')
     else
-      images.first.variant gravity: 'Center', resize: '300x200^', crop: '300x200+0+0'
+      album_images.first.file.variant gravity: 'Center', resize: '300x200^', crop: '300x200+0+0'
     end
   end
 
-  def self.find_blob_owner(blob_id)
-    Album.joins(:images_blobs).find_by(active_storage_blobs: { id: blob_id })
+  def images
+    album_images
+  end
+
+  def build_images(images)
+    return if images.blank?
+
+    images.each do |image|
+      album_images.build(file: image)
+    end
   end
 end

app/models/album.rb

@@ -0,0 +1,33 @@
+class AlbumImage < ApplicationRecord
+  extend FriendlyId
+  belongs_to :album
+  has_one_attached :file
+  friendly_id :slug_candidates, use: :slugged
+
+  private
+
+  def slug_candidates
+    [
+      :filename,
+      %i[filename extension],
+      %i[album_name filename extension],
+      %i[circle_name album_name filename extension]
+    ]
+  end
+
+  def filename
+    file.filename.base.to_s
+  end
+
+  def extension
+    file.filename.extension_without_delimiter.to_s
+  end
+
+  def circle_name
+    album.circle.name
+  end
+
+  def album_name
+    album.title
+  end
+end

app/models/album_image.rb

@@ -10,8 +10,8 @@
         </span>
       <% end %>
       <% unless @album.public? %>
-        <span 
-          class="tag is-warning is-medium ml-1" 
+        <span
+          class="tag is-warning is-medium ml-1"
           title="Az album képei nem elérhetőek a weboldalon kívülről"
         >
           Nem publikus<sup class="is-align-self-flex-start">?</sup>
@@ -26,7 +26,7 @@
     <%= @album.desc %>
   </p>
   <p class="is-size-6 mt-5">
-    Használd a 
+    Használd a
     <svg xmlns="http://www.w3.org/2000/svg" height="20" fill="none" viewBox="0 2 24 20" stroke="currentColor">
       <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 5H6a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2v-1M8 5a2 2 0 002 2h2a2 2 0 002-2M8 5a2 2 0 012-2h2a2 2 0 012 2m0 0h2a2 2 0 012 2v3m2 4H10m0 0l3-3m-3 3l3 3" />
     </svg>
@@ -110,7 +110,7 @@
 
   <script>
     images = <%= @album.images.map { |i|
-      { src: url_for(i), w: i.metadata["width"], h: i.metadata["height"] }
+      { src: url_for(i), w: i.file.metadata["width"], h: i.file.metadata["height"] }
     }.to_json.html_safe %>
   </script>
   <script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/masonry.pkgd.min.js"></script>