48 lines
1.9 KiB
Ruby
48 lines
1.9 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class UpdateMediaAttachmentsPermissionsService < BaseService
|
|
def call(media_attachments_scope, direction)
|
|
# Only s3 and filesystem storage systems support modifying permissions
|
|
return unless %i(s3 filesystem).include?(Paperclip::Attachment.default_options[:storage])
|
|
|
|
# Prevent useless S3 calls if ACLs are disabled
|
|
return if Paperclip::Attachment.default_options[:storage] == :s3 && ENV['S3_PERMISSION'] == ''
|
|
|
|
attachment_names = MediaAttachment.attachment_definitions.keys
|
|
|
|
media_attachments_scope.find_each do |media_attachment|
|
|
attachment_names.each do |attachment_name|
|
|
attachment = media_attachment.public_send(attachment_name)
|
|
styles = MediaAttachment::DEFAULT_STYLES | attachment.styles.keys
|
|
|
|
next if attachment.blank?
|
|
|
|
styles.each do |style|
|
|
case Paperclip::Attachment.default_options[:storage]
|
|
when :s3
|
|
acl = direction == :public ? Paperclip::Attachment.default_options[:s3_permissions] : 'private'
|
|
|
|
begin
|
|
attachment.s3_object(style).acl.put(acl: acl)
|
|
rescue Aws::S3::Errors::NoSuchKey
|
|
Rails.logger.warn "Tried to change acl on non-existent key #{attachment.s3_object(style).key}"
|
|
rescue Aws::S3::Errors::NotImplemented => e
|
|
Rails.logger.error "Error trying to change ACL on #{attachment.s3_object(style).key}: #{e.message}"
|
|
end
|
|
when :filesystem
|
|
mask = direction == :public ? 0o666 : 0o600
|
|
|
|
begin
|
|
FileUtils.chmod(mask & ~File.umask, attachment.path(style)) unless attachment.path(style).nil?
|
|
rescue Errno::ENOENT
|
|
Rails.logger.warn "Tried to change permission on non-existent file #{attachment.path(style)}"
|
|
end
|
|
end
|
|
|
|
CacheBusterWorker.perform_async(attachment.url(style)) if Rails.configuration.x.cache_buster.enabled
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|