openproject/app/services/attachments/create_service.rb

#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) 2012-2022 the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
#
# See COPYRIGHT and LICENSE files for more details.
#++

module Attachments
  class CreateService < BaseService
    include TouchContainer

    around_call :error_wrapped_call

    def persist(call)
      attachment = call.result
      if attachment.container
        in_container_mutex(attachment.container) { super }
      else
        super
      end
    end

    def in_container_mutex(container)
      OpenProject::Mutex.with_advisory_lock_transaction(container) do
        yield.tap do
          # Get the latest attachments to ensure having them all for journalization.
          # We just created an attachment and a different worker might have added attachments
          # in the meantime, e.g when bulk uploading.
          container.attachments.reload
        end
      end
    end

    def after_perform(call)
      attachment = call.result
      container = attachment.container

      touch(container) unless container.nil?

      OpenProject::Notifications.send(
        OpenProject::Events::ATTACHMENT_CREATED,
        attachment: attachment
      )

      call
    end

    def error_wrapped_call
      yield
    rescue StandardError => e
      log_attachment_saving_error(e)

      message =
        if e&.class&.to_s == 'Errno::EACCES'
          I18n.t('api_v3.errors.unable_to_create_attachment_permissions')
        else
          I18n.t('api_v3.errors.unable_to_create_attachment')
        end
      raise message
    end

    def log_attachment_saving_error(error)
      message = "Failed to save attachment: #{error&.class} - #{error&.message || 'Unknown error'}"

      OpenProject.logger.error message
    end
  end
end
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago			`#-- copyright`
Update copyright notice 5 years ago			`# OpenProject is an open source project management software.`
update copyright information for 2022 3 years ago			`# Copyright (C) 2012-2022 the OpenProject GmbH`
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of the GNU General Public License version 3.`
			`#`
			`# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:`
update copyright to 2021 (#8925) Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded. Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013 4 years ago			`# Copyright (C) 2006-2013 Jean-Philippe Lang`
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago			`# Copyright (C) 2010-2013 the ChiliProject Team`
			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of the GNU General Public License`
			`# as published by the Free Software Foundation; either version 2`
			`# of the License, or (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with this program; if not, write to the Free Software`
			`# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`#`
Move license and copyright docs to root, fix names and references 3 years ago			`# See COPYRIGHT and LICENSE files for more details.`
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago			`#++`

Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`module Attachments`
			`class CreateService < BaseService`
			`include TouchContainer`
Fix/attachment journalizing (#9292) * update the container timestamp upon attachment creation That way, the journal subsequently created on the journalized container will bear the expected timestamp * update container timestamp on attachment deletion Without it, the journal created after the deletion will bear the wrong timestamp * avoid bumping lock_version on attachment adding/destroy 4 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`around_call :error_wrapped_call`
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`def persist(call)`
			`attachment = call.result`
			`if attachment.container`
			`in_container_mutex(attachment.container) { super }`
			`else`
			`super`
			`end`
employ advisory lock for journal creation on attachment uploading 5 years ago			`end`
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`def in_container_mutex(container)`
			`OpenProject::Mutex.with_advisory_lock_transaction(container) do`
			`yield.tap do`
			`# Get the latest attachments to ensure having them all for journalization.`
			`# We just created an attachment and a different worker might have added attachments`
			`# in the meantime, e.g when bulk uploading.`
			`container.attachments.reload`
			`end`
Fix/attachment journalizing (#9292) * update the container timestamp upon attachment creation That way, the journal subsequently created on the journalized container will bear the expected timestamp * update container timestamp on attachment deletion Without it, the journal created after the deletion will bear the wrong timestamp * avoid bumping lock_version on attachment adding/destroy 4 years ago			`end`
employ advisory lock for journal creation on attachment uploading 5 years ago			`end`
wp create/update/destroy via services 7 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`def after_perform(call)`
			`attachment = call.result`
			`container = attachment.container`
extract method 6 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`touch(container) unless container.nil?`
have a delete service for attachments 5 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`OpenProject::Notifications.send(`
			`OpenProject::Events::ATTACHMENT_CREATED,`
			`attachment: attachment`
			`)`
[37868] Whitelist for attachment mime types and extensions on upload (#9431) * Add setting for whitelist * Make attachments API BaseServices compatible * Add prepare service and contract * Correctly pass the filename to the UploadedFile * Add presence check to filename * Fix expected validation message * We no longer raise a multipart error when metadata is empty * Fix filesize validation on prepared uploads * Add parser error if invalid metadata json * When attachment is not saved, use filename property * Return correct error message on JSON parser erroro * Fix specs * Use attachment upload representer * Fix direct uploads mocks with new service layer * Lint * Fix export job using attachment service * Fix IFC controller using attachment prepare service * Fix export job * RenameRename params_getter to params_source * Fix mail handler using attachment service * Fix usage of attachment create service in documents * Reuse shared examples for document attachment spec * Fix stubbed attachment service in export job spec * Use admin user in backup spec * Fix export job for bim * Fix attachment integration spec * Fix issues_controller spec * Make budget resource spec reuse common examples * Fix attachment parsing representer spec * Replace prepare part of attachment spec into separate service spec * Clear cache for login spec * Convert document create/update into services * Budget services * Allow options to be passed to property twin * Remove setting author on budget initialize * Replace meetings update with services * Replace ifc models attachment handling with services * Don't check uploader if changed by system * Fix uploader being changed by system * Replace wiki page attach_files with attachable services * Replace avatar saving * Replace snapshot attach_files * Skip double validation when container present * Set snapshot through attachment service * Remove attach_files * Validate content type in contract * Enforce writing the content type without accepting user input * Expect changed content_type * Fix content of viewpoint image to get correct content type * Fix tsv spec * Add create contract spec * Bypass whitelist in internal services when conflicting with user * Fix expects in specs after whitelist bypass * Render contract errors for wiki * Add before_hook to bodied to allow to pre-authorize permissions * Budget errors from contract * Document errors from contract 3 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`call`
			`end`
[37868] Whitelist for attachment mime types and extensions on upload (#9431) * Add setting for whitelist * Make attachments API BaseServices compatible * Add prepare service and contract * Correctly pass the filename to the UploadedFile * Add presence check to filename * Fix expected validation message * We no longer raise a multipart error when metadata is empty * Fix filesize validation on prepared uploads * Add parser error if invalid metadata json * When attachment is not saved, use filename property * Return correct error message on JSON parser erroro * Fix specs * Use attachment upload representer * Fix direct uploads mocks with new service layer * Lint * Fix export job using attachment service * Fix IFC controller using attachment prepare service * Fix export job * RenameRename params_getter to params_source * Fix mail handler using attachment service * Fix usage of attachment create service in documents * Reuse shared examples for document attachment spec * Fix stubbed attachment service in export job spec * Use admin user in backup spec * Fix export job for bim * Fix attachment integration spec * Fix issues_controller spec * Make budget resource spec reuse common examples * Fix attachment parsing representer spec * Replace prepare part of attachment spec into separate service spec * Clear cache for login spec * Convert document create/update into services * Budget services * Allow options to be passed to property twin * Remove setting author on budget initialize * Replace meetings update with services * Replace ifc models attachment handling with services * Don't check uploader if changed by system * Fix uploader being changed by system * Replace wiki page attach_files with attachable services * Replace avatar saving * Replace snapshot attach_files * Skip double validation when container present * Set snapshot through attachment service * Remove attach_files * Validate content type in contract * Enforce writing the content type without accepting user input * Expect changed content_type * Fix content of viewpoint image to get correct content type * Fix tsv spec * Add create contract spec * Bypass whitelist in internal services when conflicting with user * Fix expects in specs after whitelist bypass * Render contract errors for wiki * Add before_hook to bodied to allow to pre-authorize permissions * Budget errors from contract * Document errors from contract 3 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`def error_wrapped_call`
			`yield`
			`rescue StandardError => e`
			`log_attachment_saving_error(e)`
[37868] Whitelist for attachment mime types and extensions on upload (#9431) * Add setting for whitelist * Make attachments API BaseServices compatible * Add prepare service and contract * Correctly pass the filename to the UploadedFile * Add presence check to filename * Fix expected validation message * We no longer raise a multipart error when metadata is empty * Fix filesize validation on prepared uploads * Add parser error if invalid metadata json * When attachment is not saved, use filename property * Return correct error message on JSON parser erroro * Fix specs * Use attachment upload representer * Fix direct uploads mocks with new service layer * Lint * Fix export job using attachment service * Fix IFC controller using attachment prepare service * Fix export job * RenameRename params_getter to params_source * Fix mail handler using attachment service * Fix usage of attachment create service in documents * Reuse shared examples for document attachment spec * Fix stubbed attachment service in export job spec * Use admin user in backup spec * Fix export job for bim * Fix attachment integration spec * Fix issues_controller spec * Make budget resource spec reuse common examples * Fix attachment parsing representer spec * Replace prepare part of attachment spec into separate service spec * Clear cache for login spec * Convert document create/update into services * Budget services * Allow options to be passed to property twin * Remove setting author on budget initialize * Replace meetings update with services * Replace ifc models attachment handling with services * Don't check uploader if changed by system * Fix uploader being changed by system * Replace wiki page attach_files with attachable services * Replace avatar saving * Replace snapshot attach_files * Skip double validation when container present * Set snapshot through attachment service * Remove attach_files * Validate content type in contract * Enforce writing the content type without accepting user input * Expect changed content_type * Fix content of viewpoint image to get correct content type * Fix tsv spec * Add create contract spec * Bypass whitelist in internal services when conflicting with user * Fix expects in specs after whitelist bypass * Render contract errors for wiki * Add before_hook to bodied to allow to pre-authorize permissions * Budget errors from contract * Document errors from contract 3 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`message =`
			`if e&.class&.to_s == 'Errno::EACCES'`
			`I18n.t('api_v3.errors.unable_to_create_attachment_permissions')`
			`else`
			`I18n.t('api_v3.errors.unable_to_create_attachment')`
			`end`
			`raise message`
			`end`
[37868] Whitelist for attachment mime types and extensions on upload (#9431) * Add setting for whitelist * Make attachments API BaseServices compatible * Add prepare service and contract * Correctly pass the filename to the UploadedFile * Add presence check to filename * Fix expected validation message * We no longer raise a multipart error when metadata is empty * Fix filesize validation on prepared uploads * Add parser error if invalid metadata json * When attachment is not saved, use filename property * Return correct error message on JSON parser erroro * Fix specs * Use attachment upload representer * Fix direct uploads mocks with new service layer * Lint * Fix export job using attachment service * Fix IFC controller using attachment prepare service * Fix export job * RenameRename params_getter to params_source * Fix mail handler using attachment service * Fix usage of attachment create service in documents * Reuse shared examples for document attachment spec * Fix stubbed attachment service in export job spec * Use admin user in backup spec * Fix export job for bim * Fix attachment integration spec * Fix issues_controller spec * Make budget resource spec reuse common examples * Fix attachment parsing representer spec * Replace prepare part of attachment spec into separate service spec * Clear cache for login spec * Convert document create/update into services * Budget services * Allow options to be passed to property twin * Remove setting author on budget initialize * Replace meetings update with services * Replace ifc models attachment handling with services * Don't check uploader if changed by system * Fix uploader being changed by system * Replace wiki page attach_files with attachable services * Replace avatar saving * Replace snapshot attach_files * Skip double validation when container present * Set snapshot through attachment service * Remove attach_files * Validate content type in contract * Enforce writing the content type without accepting user input * Expect changed content_type * Fix content of viewpoint image to get correct content type * Fix tsv spec * Add create contract spec * Bypass whitelist in internal services when conflicting with user * Fix expects in specs after whitelist bypass * Render contract errors for wiki * Add before_hook to bodied to allow to pre-authorize permissions * Budget errors from contract * Document errors from contract 3 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`def log_attachment_saving_error(error)`
			`message = "Failed to save attachment: #{error&.class} - #{error&.message \|\| 'Unknown error'}"`
[37868] Whitelist for attachment mime types and extensions on upload (#9431) * Add setting for whitelist * Make attachments API BaseServices compatible * Add prepare service and contract * Correctly pass the filename to the UploadedFile * Add presence check to filename * Fix expected validation message * We no longer raise a multipart error when metadata is empty * Fix filesize validation on prepared uploads * Add parser error if invalid metadata json * When attachment is not saved, use filename property * Return correct error message on JSON parser erroro * Fix specs * Use attachment upload representer * Fix direct uploads mocks with new service layer * Lint * Fix export job using attachment service * Fix IFC controller using attachment prepare service * Fix export job * RenameRename params_getter to params_source * Fix mail handler using attachment service * Fix usage of attachment create service in documents * Reuse shared examples for document attachment spec * Fix stubbed attachment service in export job spec * Use admin user in backup spec * Fix export job for bim * Fix attachment integration spec * Fix issues_controller spec * Make budget resource spec reuse common examples * Fix attachment parsing representer spec * Replace prepare part of attachment spec into separate service spec * Clear cache for login spec * Convert document create/update into services * Budget services * Allow options to be passed to property twin * Remove setting author on budget initialize * Replace meetings update with services * Replace ifc models attachment handling with services * Don't check uploader if changed by system * Fix uploader being changed by system * Replace wiki page attach_files with attachable services * Replace avatar saving * Replace snapshot attach_files * Skip double validation when container present * Set snapshot through attachment service * Remove attach_files * Validate content type in contract * Enforce writing the content type without accepting user input * Expect changed content_type * Fix content of viewpoint image to get correct content type * Fix tsv spec * Add create contract spec * Bypass whitelist in internal services when conflicting with user * Fix expects in specs after whitelist bypass * Render contract errors for wiki * Add before_hook to bodied to allow to pre-authorize permissions * Budget errors from contract * Document errors from contract 3 years ago
Give access to the issue project when trying to save a viewpoint (#9707) 3 years ago			`OpenProject.logger.error message`
			`end`
employ advisory lock for journal creation on attachment uploading 5 years ago			`end`
extract attachment storing into service - service cares about adding a journal too - only store the attachment when the journal can be saved (i.e. the WP is valid) 9 years ago			`end`