ruby on rails - Mail attachment from form file field and send mail through sidekiq -


in rails, want send email using action mailer attachment obtained form file field , want delay through sidekiq.

and have written code below.

in view:

<%= form_tag({ controller: 'my_controller', action: 'my_mail', method: 'post' }, { multipart: true }) %>     <%= form_field_tag(:attachment) %> <% end %>

in controller:

def my_mail     mymailer.delay.my_mail(params) end

in mailer:

def my_mail(message)     attachments['attachment'] = file.read(message[:attachment].tempfile)     mail(from: env['my_mail'], to: env['mail_reciver'], subject: 'this subject') end

but, ioerror raised due inaccessibility file.

and, perform file read operation in controller as

def my_mail    mymailer.delay.my_mail(file.read(params[:attachment].tempfile)) end

now, can make attachment in mailer as

attachments['attachment'] = message

and now, work want it's bad read file in controller due security reason.

so, want know best way attach file obtained form , send through sidekiq.

in controller:
not send bulk objects params , file object in redis-server via sidekiq. lets make simple

def my_mail     # absolute path of temporary location uploaded file     attachment_tmp_path = file.absolute_path(params[:attachment].tempfile)     mymailer.delay.my_mail(attachment_tmp_path) end

in mailer:

def my_mail(attachment_tmp_path)     attachments['attachment'] = file.read(attachment_tmp_path)     mail(from: env['my_mail'], to: env['mail_reciver'], subject: 'this subject') end

why security issue warned?
not considered directly use params without using strong params limit permitted attributes.

note:
tmp uploaded files may not available have used sidekiq background processing file uploaded sidekiq-client may not available when sidekiq-server (background version) tries access tmp file when sidekiq-server being busy processed task after long long time.

conditions approach may not work:

  • when goto production , need run multiple instance. lets need separate utility instance run sidekiq , redis. sidekiq-server cannot locate tmp location of application_master.

  • when sidekiq-server busy in processing or down time , resumes after long long time


Comments

Post a Comment