blob: f652f5acef9964878a7d8250b57fa688b9b01aa8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# frozen_string_literal: true
class MediaController < ApplicationController
include Authorization
before_action :verify_permitted_status
def show
redirect_to media_attachment.file.url(:original)
end
private
def media_attachment
MediaAttachment.attached.find_by!(shortcode: params[:id])
end
def verify_permitted_status
authorize media_attachment.status, :show?
rescue Mastodon::NotPermittedError
# Reraise in order to get a 404 instead of a 403 error code
raise ActiveRecord::RecordNotFound
end
end
|
