handle attahcment with send_file

app/controllers/files_controller.rb

@@ -0,0 +1,8 @@
+class FilesController < ApplicationController
+  def download
+    uploader = Note.find(params[:id]).attachment
+    uploader.retrieve_from_store!(params[:filename])
+    send_file uploader.file.path, disposition: 'attachment'
+  end
+end
+

app/uploaders/attachment_uploader.rb

@@ -19,4 +19,8 @@ def image?
   rescue
     false
   end
+
+  def secure_url
+    "/files/#{model.class.to_s.underscore}/#{model.id}/#{file.filename}"
+  end
 end

app/views/events/event/_note.html.haml

@@ -26,7 +26,7 @@
     = markdown truncate(event.target.note, length: 70)
     - note = event.target
     - if note.attachment.url
-      = link_to note.attachment.url, target: "_blank", class: 'note-file-attach' do
+      = link_to note.attachment.secure_url, target: "_blank", class: 'note-file-attach' do
         - if note.attachment.image?
           = image_tag note.attachment.url, class: 'note-image-attach'
         - else

app/views/notes/_note.html.haml

@@ -31,7 +31,7 @@
     - if note.attachment.image?
       = image_tag note.attachment.url, class: 'note-image-attach'
     .attachment.pull-right
-      = link_to note.attachment.url, target: "_blank" do
+      = link_to note.attachment.secure_url, target: "_blank" do
         %i.icon-paper-clip
         = note.attachment_identifier
   .clear

config/routes.rb

@@ -45,6 +45,11 @@
     root to: "projects#index"
   end
 
+  #
+  # Attachments serving
+  #
+  get 'files/:type/:id/:filename' => 'files#download', constraints: { id: /\d+/, type: /[a-z]+/, filename: /[a-zA-Z.0-9_\-\+]+/ }
+
   #
   # Admin Area
   #