From 7711eea9891fc8627e799d31b0b3ee196770dc25 Mon Sep 17 00:00:00 2001 From: Andrew White Date: Fri, 20 Dec 2024 00:33:28 +0000 Subject: [PATCH] Redirect to uploads url This is the first step in adding signed cookies. --- .env.example | 1 + .env.test | 1 + app/helpers/document_helper.rb | 1 - app/models/document.rb | 19 ++++++++++++++++++- config/application.yml | 1 + .../bops_uploads/redirects_controller.rb | 19 +++++++++++++++++++ engines/bops_uploads/config/routes.rb | 6 +++++- spec/requests/api/document_show_spec.rb | 2 +- spec/requests/api/oas3_spec.rb | 2 +- .../api/planning_application_show_spec.rb | 2 +- ...cement_document_validation_request_spec.rb | 18 +++++++++--------- 11 files changed, 57 insertions(+), 15 deletions(-) create mode 100644 engines/bops_uploads/app/controllers/bops_uploads/redirects_controller.rb diff --git a/.env.example b/.env.example index 8977c107f9..5faf122168 100644 --- a/.env.example +++ b/.env.example @@ -1,3 +1,4 @@ +DOMAIN=bops.localhost:3000 PAAPI_HOST=paapi.services OS_VECTOR_TILES_API_KEY=xxxxx OTP_SECRET_ENCRYPTION_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx diff --git a/.env.test b/.env.test index ba4332a0de..8c37e8cb7e 100644 --- a/.env.test +++ b/.env.test @@ -1,3 +1,4 @@ +DOMAIN="example.com" STAGING_API_URL="bops-staging.services" STAGING_API_BEARER="fjisdfjsdiofjdsoi" OS_VECTOR_TILES_API_KEY="testtest" diff --git a/app/helpers/document_helper.rb b/app/helpers/document_helper.rb index 4593dc8b75..f1b5c7dc18 100644 --- a/app/helpers/document_helper.rb +++ b/app/helpers/document_helper.rb @@ -40,7 +40,6 @@ def link_to_document(link_text, document, **args) link_text, url_for_document(document), new_tab:, - download: reference_or_file_name(document), **args ) end diff --git a/app/models/document.rb b/app/models/document.rb index f179ea307e..97e079f8f1 100644 --- a/app/models/document.rb +++ b/app/models/document.rb @@ -4,6 +4,22 @@ class Document < ApplicationRecord class Routing include Rails.application.routes.url_helpers include Rails.application.routes.mounted_helpers + + def initialize(subdomain) + @subdomain = subdomain + end + + def default_url_options + {host: "#{subdomain}.#{domain}"} + end + + private + + attr_reader :subdomain + + def domain + Rails.configuration.domain + end end class NotArchiveableError < StandardError; end @@ -29,6 +45,7 @@ class NotArchiveableError < StandardError; end inverse_of: false delegate :audits, to: :planning_application + delegate :local_authority, to: :planning_application delegate :blob, :representable?, to: :file include Auditable @@ -359,7 +376,7 @@ def representation_url(transformations = {resize_to_limit: [1000, 1000]}) private def routes - @_routes ||= Routing.new + @_routes ||= Routing.new(local_authority.subdomain) end def no_open_replacement_request diff --git a/config/application.yml b/config/application.yml index 1bb0d4867a..939da79115 100644 --- a/config/application.yml +++ b/config/application.yml @@ -12,3 +12,4 @@ shared: staging_api_url: <%= ENV["STAGING_API_URL"] %> uploads_hostname: <%= ENV.fetch("UPLOADS_HOSTNAME", "uploads.bops.localhost:3000") %> uploads_base_url: <%= ENV.fetch("UPLOADS_BASE_URL", "http://uploads.bops.localhost:3000") %> + domain: <%= ENV.fetch("DOMAIN", "bops.localhost:3000") %> diff --git a/engines/bops_uploads/app/controllers/bops_uploads/redirects_controller.rb b/engines/bops_uploads/app/controllers/bops_uploads/redirects_controller.rb new file mode 100644 index 0000000000..58722d8cbf --- /dev/null +++ b/engines/bops_uploads/app/controllers/bops_uploads/redirects_controller.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module BopsUploads + class RedirectsController < ApplicationController + def show + redirect_to redirect_url, allow_other_host: true + end + + private + + def redirect_url + file_url(params[:key], host: uploads_base_url) + end + + def uploads_base_url + Rails.configuration.uploads_base_url + end + end +end diff --git a/engines/bops_uploads/config/routes.rb b/engines/bops_uploads/config/routes.rb index f413d443d1..41805142ad 100644 --- a/engines/bops_uploads/config/routes.rb +++ b/engines/bops_uploads/config/routes.rb @@ -3,6 +3,10 @@ BopsUploads::Engine.routes.draw do extend BopsCore::Routing + local_authority_subdomain do + get "/files/:key", to: "redirects#show", as: "redirect" + end + uploads_subdomain do get "/:key", to: "files#show", as: "file" end @@ -12,7 +16,7 @@ direct :uploaded_file do |blob, options| next "" if blob.blank? - bops_uploads.file_url(blob.key, host: Rails.configuration.uploads_base_url) + bops_uploads.redirect_url(blob.key) end resolve("ActiveStorage::Attachment") { |attachment, options| route_for(:uploaded_file, attachment.blob, options) } diff --git a/spec/requests/api/document_show_spec.rb b/spec/requests/api/document_show_spec.rb index 40b1423043..6824d85306 100644 --- a/spec/requests/api/document_show_spec.rb +++ b/spec/requests/api/document_show_spec.rb @@ -45,7 +45,7 @@ it "redirects to blob url" do get "/api/v1/planning_applications/#{planning_application.reference}/documents/#{document.id}" - expect(response).to redirect_to("http://uploads.example.com/#{document.blob.key}") + expect(response).to redirect_to("http://planx.example.com/files/#{document.blob.key}") end end end diff --git a/spec/requests/api/oas3_spec.rb b/spec/requests/api/oas3_spec.rb index bf4cc5846c..987caabd97 100644 --- a/spec/requests/api/oas3_spec.rb +++ b/spec/requests/api/oas3_spec.rb @@ -61,7 +61,7 @@ def example_response_hash_for(*) expected_response = example_response_hash_for("/api/v1/planning_applications/{id}", "get", 200, "ldc_proposed") expected_response["status"] = "in_assessment" expected_response["documents"].first["url"] = "http://planx.example.com/api/v1/planning_applications/#{planning_application.reference}/documents/#{planning_application_document.id}" - expected_response["documents"].first["blob_url"] = "http://uploads.example.com/#{planning_application_document.representation.key}" + expected_response["documents"].first["blob_url"] = "http://planx.example.com/files/#{planning_application_document.representation.key}" get("/api/v1/planning_applications/#{planning_application_hash["id"]}", headers: {"CONTENT-TYPE": "application/json", Authorization: "Bearer #{api_user.token}"}) expect(JSON.parse(response.body)).to eq(expected_response) diff --git a/spec/requests/api/planning_application_show_spec.rb b/spec/requests/api/planning_application_show_spec.rb index 97e6f36307..18be534d4f 100644 --- a/spec/requests/api/planning_application_show_spec.rb +++ b/spec/requests/api/planning_application_show_spec.rb @@ -145,7 +145,7 @@ planning_application_json["documents"].first.tap do |document_json| expect(document_json["url"]).to eq("http://planx.example.com/api/v1/planning_applications/#{planning_application.reference}/documents/#{document_with_number.id}") - expect(document_json["blob_url"]).to eq("http://uploads.example.com/#{document_with_number.representation.key}") + expect(document_json["blob_url"]).to eq("http://planx.example.com/files/#{document_with_number.representation.key}") expect(document_json["created_at"]).to eq(json_time_format(document_with_number.created_at)) expect(document_json["archived_at"]).to eq(json_time_format(document_with_number.archived_at)) expect(document_json["archive_reason"]).to eq(document_with_number.archive_reason) diff --git a/spec/requests/api/replacement_document_validation_request_spec.rb b/spec/requests/api/replacement_document_validation_request_spec.rb index bab5051609..1ba3db9eaa 100644 --- a/spec/requests/api/replacement_document_validation_request_spec.rb +++ b/spec/requests/api/replacement_document_validation_request_spec.rb @@ -6,7 +6,7 @@ let!(:default_local_authority) { create(:local_authority, :default) } let!(:api_user) { create(:api_user, local_authority: default_local_authority) } let!(:planning_application) { create(:planning_application, :invalidated, local_authority: default_local_authority) } - let(:old_document) { create(:document) } + let(:old_document) { create(:document, planning_application:) } let!(:replacement_document_validation_request) do create( @@ -20,8 +20,8 @@ let(:token) { "Bearer #{api_user.token}" } describe "#index" do - let(:old_document2) { create(:document) } - let(:old_document3) { create(:document) } + let(:old_document2) { create(:document, planning_application:) } + let(:old_document3) { create(:document, planning_application:) } let(:path) do api_v1_planning_application_replacement_document_validation_requests_path( @@ -50,7 +50,7 @@ ) end - let!(:new_document) { create(:document, owner: replacement_document_validation_request2) } + let!(:new_document) { create(:document, planning_application:, owner: replacement_document_validation_request2) } context "when the request is valid" do it "is successful" do @@ -83,7 +83,7 @@ old_document: { name: "proposed-floorplan.png", invalid_document_reason: "Document is invalid", - url: "http://uploads.example.com/#{old_document.representation.key}" + url: "http://planx.example.com/files/#{old_document.representation.key}" } }.deep_stringify_keys, { @@ -96,11 +96,11 @@ old_document: { name: "proposed-floorplan.png", invalid_document_reason: "Document is invalid", - url: "http://uploads.example.com/#{old_document2.representation.key}" + url: "http://planx.example.com/files/#{old_document2.representation.key}" }, new_document: { name: "proposed-floorplan.png", - url: "http://uploads.example.com/#{new_document.representation.key}" + url: "http://planx.example.com/files/#{new_document.representation.key}" } }.deep_stringify_keys, { @@ -113,7 +113,7 @@ old_document: { name: "proposed-floorplan.png", invalid_document_reason: nil, - url: "http://uploads.example.com/#{old_document3.representation.key}" + url: "http://planx.example.com/files/#{old_document3.representation.key}" } }.deep_stringify_keys ) @@ -172,7 +172,7 @@ old_document: { name: "proposed-floorplan.png", invalid_document_reason: "Document is invalid", - url: "http://uploads.example.com/#{old_document.representation.key}" + url: "http://planx.example.com/files/#{old_document.representation.key}" } }.deep_stringify_keys )