WIP: Explore in Datasette

TODO: Tests for setting cors headers
TODO: Add DATASETTE_INSTANCE config item (so that we can use our own)
TODO: Add `explore_in_datasette` helper:

   # Something like this?
   def explore_in_datasette(attachment)
     return unless attachment.content_type == 'text/csv'

     link_to 'Explore in Datasette',
     datasette_url(attachment_url(attachment))
   end

app/controllers/attachments_controller.rb

@@ -15,6 +15,7 @@ class AttachmentsController < ApplicationController
 
   before_action :authenticate_attachment
   before_action :authenticate_attachment_as_html, only: :show_as_html
+  before_action :set_cors
 
   around_action :cache_attachments, only: :show_as_html
 
@@ -135,6 +136,14 @@ def authenticate_attachment_as_html
     raise ActiveRecord::RecordNotFound, 'Attachment HTML not found.'
   end
 
+  def set_cors
+    # Allow CSVs to be explored in a Datasette instance
+    if @attachment.content_type == 'text/csv'
+      headers['Access-Control-Allow-Origin'] = '*'
+      headers['Access-Control-Request-Method'] = 'GET'
+    end
+  end
+
   # special caching code so mime types are handled right
   def cache_attachments
     if !params[:skip_cache].nil?

app/views/request/_attachments.html.erb

@@ -32,6 +32,9 @@
               <% if a.has_body_as_html? && incoming_message.info_request.prominence(:decorate => true).is_public? %>
                 <%= link_to "View as HTML", attachment_path(a, :html => true) %>
               <% end %>
+              <% if a.content_type == 'text/csv' && incoming_message.info_request.prominence(:decorate => true).is_public? %>
+                <%= link_to _('Explore in Datasette'), "https://lite.datasette.io/?csv=#{attachment_url(a)}" %>
+              <% end %>
               <%= a.extra_note %>
             </p>
           <% end %>