Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##
- # Send a protected file using the web server (via the x-sendfile header).
- # Takes the absolute file system path to the file and, optionally, a MIME type.
- #
- def send_file(filepath, options = {})
- options[:content_type] ||= "application/force-download"
- response.headers['Content-Type'] = options[:content_type]
- response.headers['Content-Disposition'] = "attachment; filename="#{File.basename(filepath)}""
- response.headers['X-Sendfile'] = filepath
- response.headers['Content-length'] = File.size(filepath)
- render :nothing => true
- end
- ##
- # Private file download: check permission first.
- #
- def download
- product = Product.find_by_filename!(params[:filename])
- if current_user.has_bought?(product) or current_user.is_superuser?
- if File.exist?(path = product.filepath)
- send_file path, :content_type => "application/pdf"
- else
- not_found
- end
- else
- not_authorized
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement