Class: ActiveStorageEncryption::EncryptedBlobProxyController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• ActiveStorageEncryption::EncryptedBlobProxyController

Includes:

ActiveStorage::SetCurrent

Defined in:

lib/active_storage_encryption/encrypted_blob_proxy_controller.rb

Overview

This controller is analogous to the ActiveStorage::ProxyController

Defined Under Namespace

Classes: InvalidParams

Constant Summary

DEFAULT_BLOB_STREAMING_DISPOSITION =

"inline"

Instance Method Summary

• #show ⇒ Object

  Streams the decrypted contents of an encrypted blob.

Instance Method Details

#show ⇒ Object

Streams the decrypted contents of an encrypted blob

# File 'lib/active_storage_encryption/encrypted_blob_proxy_controller.rb', line 18

def show
  params = read_params_from_token_and_headers_for_get
  service = lookup_service(params[:service_name])
  raise InvalidParams, "#{service.name} does not allow private URLs" if service.private_url_policy == :disable

  # Test the encryption key beforehand, so that the exception does not get raised when serving the actual body
  service.download_chunk(params[:key], 0..0, encryption_key: params[:encryption_key])

  stream_blob(service:,
    key: params[:key],
    encryption_key: params[:encryption_key],
    blob_byte_size: params[:blob_byte_size],
    filename: params[:filename],
    disposition: params[:disposition] || DEFAULT_BLOB_STREAMING_DISPOSITION,
    type: params[:content_type])
rescue ActiveStorage::FileNotFoundError
  head :not_found
rescue InvalidParams, ActiveStorageEncryption::StreamingTokenInvalidOrExpired, ActiveSupport::MessageEncryptor::InvalidMessage, ActiveStorageEncryption::IncorrectEncryptionKey
  head :forbidden
end