class ActiveStorage::VariantsController

Take a signed permanent reference for a variant and turn it into an expiring service URL for download. Note: These URLs are publicly accessible. If you need to enforce access protection beyond the security-through-obscurity factor of the signed blob and variation reference, you'll need to implement your own authenticated redirection controller.

Public Instance Methods

show() click to toggle source
# File activestorage/app/controllers/active_storage/variants_controller.rb, line 8
def show
  if blob = find_signed_blob
    expires_in 5.minutes # service_url defaults to 5 minutes
    redirect_to ActiveStorage::Variant.new(blob, decoded_variation).processed.service_url(disposition: disposition_param)
  else
    head :not_found
  end
end

Private Instance Methods

decoded_variation() click to toggle source
# File activestorage/app/controllers/active_storage/variants_controller.rb, line 22
def decoded_variation
  ActiveStorage::Variation.decode(params[:variation_key])
end
disposition_param() click to toggle source
# File activestorage/app/controllers/active_storage/variants_controller.rb, line 26
def disposition_param
  params[:disposition].presence_in(%w( inline attachment )) || "inline"
end
find_signed_blob() click to toggle source
# File activestorage/app/controllers/active_storage/variants_controller.rb, line 18
def find_signed_blob
  ActiveStorage::Blob.find_signed(params[:signed_blob_id])
end