active_storage_validations 0.9.7 → 2.0.2

data/lib/active_storage_validations/content_type_validator.rb

@@ -1,51 +1,232 @@
 # frozen_string_literal: true
 
+require_relative 'shared/asv_active_storageable'
+require_relative 'shared/asv_analyzable'
+require_relative 'shared/asv_attachable'
+require_relative 'shared/asv_errorable'
+require_relative 'shared/asv_optionable'
+require_relative 'shared/asv_symbolizable'
+require_relative 'analyzer/content_type_analyzer'
+
 module ActiveStorageValidations
   class ContentTypeValidator < ActiveModel::EachValidator # :nodoc:
+    include ASVActiveStorageable
+    include ASVAnalyzable
+    include ASVAttachable
+    include ASVErrorable
+    include ASVOptionable
+    include ASVSymbolizable
+
+    AVAILABLE_CHECKS = %i[with in].freeze
+    ERROR_TYPES = %i[
+      content_type_invalid
+      content_type_spoofed
+    ].freeze
+    METADATA_KEYS = %i[content_type].freeze
+
+    def check_validity!
+      ensure_exactly_one_validator_option
+      ensure_content_types_validity
+    end
+
     def validate_each(record, attribute, _value)
-      return true if !record.send(attribute).attached? || types.empty?
+      return if no_attachments?(record, attribute)
+
+      @authorized_content_types = authorized_content_types_from_options(record)
+      return if @authorized_content_types.empty?
 
-      files = Array.wrap(record.send(attribute))
+      attachables_and_blobs(record, attribute).each do |attachable, blob|
+        set_attachable_cached_values(blob)
+        is_valid?(record, attribute, attachable, blob)
+      end
+    end
 
-      errors_options = { authorized_types: types_to_human_format }
-      errors_options[:message] = options[:message] if options[:message].present?
+    private
 
-      files.each do |file|
-        next if is_valid?(file)
+    def authorized_content_types_from_options(record)
+      flat_options = set_flat_options(record)
 
-        errors_options[:content_type] = content_type(file)
-        record.errors.add(attribute, :content_type_invalid, **errors_options)
-        break
+      (Array.wrap(flat_options[:with]) + Array.wrap(flat_options[:in])).compact.map do |type|
+        case type
+        when String, Symbol then Marcel::MimeType.for(declared_type: type.to_s, extension: type.to_s)
+        when Regexp then type
+        end
       end
     end
 
-    def types
-      return @types if defined? @types
+    def set_attachable_cached_values(blob)
+      @attachable_content_type = blob.content_type
+      @attachable_filename = blob.filename.to_s
+    end
+
+    # Check if the provided content_type is authorized and not spoofed against
+    # the file io.
+    def is_valid?(record, attribute, attachable, blob)
+      authorized_content_type?(record, attribute, attachable) &&
+        not_spoofing_content_type?(record, attribute, attachable, blob)
+    end
+
+    # Dead code that we keep here for some time, maybe we will find a solution
+    # to this check later? (November 2024)
+    #
+    # We do not perform any validations against the extension because it is an
+    # unreliable source of truth. For example, a `.csv` file could have its
+    # `text/csv` content_type changed to  `application/vnd.ms-excel` because
+    # it had been opened by Excel at some point, making the file extension vs
+    # file content_type check invalid.
+    # def extension_matches_content_type?(record, attribute, attachable)
+    #   return true if !@attachable_filename || !@attachable_content_type
+
+    #   extension = @attachable_filename.split('.').last
+    #   possible_extensions = Marcel::TYPE_EXTS[@attachable_content_type]
+    #   return true if possible_extensions && extension.downcase.in?(possible_extensions)
 
-      @types = (Array.wrap(options[:with]) + Array.wrap(options[:in])).compact.map do |type|
-        if type.is_a?(Regexp)
-          type
-        else
-          Marcel::MimeType.for(declared_type: type.to_s, extension: type.to_s)
+    #   errors_options = initialize_and_populate_error_options(options, attachable)
+    #   add_error(record, attribute, ERROR_TYPES.first, **errors_options)
+    #   false
+    # end
+
+    def authorized_content_type?(record, attribute, attachable)
+      attachable_content_type_is_authorized = @authorized_content_types.any? do |authorized_content_type|
+        case authorized_content_type
+        when String then authorized_content_type == marcel_attachable_content_type(attachable)
+        when Regexp then authorized_content_type.match?(marcel_attachable_content_type(attachable).to_s)
         end
       end
+
+      return true if attachable_content_type_is_authorized
+
+      errors_options = initialize_and_populate_error_options(options, attachable)
+      add_error(record, attribute, ERROR_TYPES.first, **errors_options)
+      false
+    end
+
+    def marcel_attachable_content_type(attachable)
+      Marcel::MimeType.for(declared_type: @attachable_content_type, name: @attachable_filename)
+    end
+
+    def not_spoofing_content_type?(record, attribute, attachable, blob)
+      return true unless enable_spoofing_protection?
+
+      @detected_content_type = metadata_for(blob, attachable, METADATA_KEYS)&.fetch(:content_type, nil)
+
+      if attachable_content_type_vs_detected_content_type_mismatch?
+        errors_options = initialize_and_populate_error_options(options, attachable)
+        errors_options[:detected_content_type] = @detected_content_type
+        errors_options[:detected_human_content_type] = content_type_to_human_format(@detected_content_type)
+        add_error(record, attribute, ERROR_TYPES.second, **errors_options)
+        false
+      else
+        true
+      end
+    end
+
+    def disable_spoofing_protection?
+      !enable_spoofing_protection?
+    end
+
+    def enable_spoofing_protection?
+      options[:spoofing_protection] == true
+    end
+
+    def attachable_content_type_vs_detected_content_type_mismatch?
+      @attachable_content_type.present? &&
+        !attachable_content_type_intersects_detected_content_type?
+    end
+
+    def attachable_content_type_intersects_detected_content_type?
+      # Ruby intersects? method is only available from 3.1
+      enlarged_content_type(content_type_without_parameters(@attachable_content_type)).any? do |item|
+        enlarged_content_type(content_type_without_parameters(@detected_content_type)).include?(item)
+      end
+    end
+
+    def enlarged_content_type(content_type)
+      [content_type, *parent_content_types(content_type)].compact.uniq
     end
 
-    def types_to_human_format
-      types
-        .map { |type| type.to_s.split('/').last.upcase }
+    def parent_content_types(content_type)
+      Marcel::TYPE_PARENTS[content_type] || []
+    end
+
+    def initialize_and_populate_error_options(options, attachable)
+      errors_options = initialize_error_options(options, attachable)
+      errors_options[:content_type] = @attachable_content_type
+      errors_options[:human_content_type] = content_type_to_human_format(@attachable_content_type)
+      errors_options[:authorized_human_content_types] = content_type_to_human_format(@authorized_content_types)
+      errors_options[:count] = @authorized_content_types.size
+      errors_options
+    end
+
+    def content_type_to_human_format(content_type)
+      Array(content_type)
+        .map do |content_type|
+          case content_type
+          when String, Symbol
+            content_type.to_s.match?(/\//) ? Marcel::TYPE_EXTS[content_type.to_s]&.first&.upcase : content_type.upcase
+          when Regexp
+            content_type.source
+          end
+        end
+        .flatten
+        .compact
         .join(', ')
     end
 
-    def content_type(file)
-      file.blob.present? && file.blob.content_type
+    def ensure_exactly_one_validator_option
+      unless AVAILABLE_CHECKS.one? { |argument| options.key?(argument) }
+        raise ArgumentError, 'You must pass either :with or :in to the validator'
+      end
+    end
+
+    def ensure_content_types_validity
+      return true if options[:with]&.is_a?(Proc) || options[:in]&.is_a?(Proc)
+
+      (Array(options[:with]) + Array(options[:in])).each do |content_type|
+        raise ArgumentError, invalid_content_type_option_message(content_type) if invalid_option?(content_type)
+      end
+    end
+
+    def invalid_content_type_option_message(content_type)
+      if content_type.to_s.match?(/\//)
+        <<~ERROR_MESSAGE
+          You must pass valid content types to the validator
+          '#{content_type}' is not found in Marcel content types (Marcel::TYPE_EXTS + Marcel::MAGIC)
+        ERROR_MESSAGE
+      else
+        <<~ERROR_MESSAGE
+          You must pass valid content types extensions to the validator
+          '#{content_type}' is not found in Marcel::EXTENSIONS
+        ERROR_MESSAGE
+      end
+    end
+
+    def invalid_option?(content_type)
+      case content_type
+      when String, Symbol
+        content_type.to_s.match?(/\//) ? invalid_content_type?(content_type) : invalid_extension?(content_type)
+      when Regexp
+        false # We always validate regexes
+      end
     end
 
-    def is_valid?(file)
-      file_type = content_type(file)
-      types.any? do |type|
-        type == file_type || (type.is_a?(Regexp) && type.match?(file_type.to_s))
+    def invalid_content_type?(content_type)
+      if content_type == 'image/jpg'
+        raise ArgumentError, "'image/jpg' is not a valid content type, you should use 'image/jpeg' instead"
       end
+
+      all_available_marcel_content_types.exclude?(content_type.to_s)
+    end
+
+    def all_available_marcel_content_types
+      @all_available_marcel_content_types ||= Marcel::TYPE_EXTS
+        .keys
+        .push(*Marcel::MAGIC.map(&:first))
+        .tap(&:uniq!)
+    end
+
+    def invalid_extension?(content_type)
+      Marcel::MimeType.for(extension: content_type.to_s) == 'application/octet-stream'
     end
   end
 end

data/lib/active_storage_validations/dimension_validator.rb

@@ -1,127 +1,150 @@
 # frozen_string_literal: true
 
-require_relative 'metadata.rb'
+require_relative 'shared/asv_active_storageable'
+require_relative 'shared/asv_analyzable'
+require_relative 'shared/asv_attachable'
+require_relative 'shared/asv_errorable'
+require_relative 'shared/asv_optionable'
+require_relative 'shared/asv_symbolizable'
 
 module ActiveStorageValidations
   class DimensionValidator < ActiveModel::EachValidator # :nodoc
+    include ASVActiveStorageable
+    include ASVAnalyzable
+    include ASVAttachable
+    include ASVErrorable
+    include ASVOptionable
+    include ASVSymbolizable
+
     AVAILABLE_CHECKS = %i[width height min max].freeze
+    ERROR_TYPES = %i[
+      dimension_min_not_included_in
+      dimension_max_not_included_in
+      dimension_width_not_included_in
+      dimension_height_not_included_in
+      dimension_width_not_greater_than_or_equal_to
+      dimension_height_not_greater_than_or_equal_to
+      dimension_width_not_less_than_or_equal_to
+      dimension_height_not_less_than_or_equal_to
+      dimension_width_not_equal_to
+      dimension_height_not_equal_to
+      media_metadata_missing
+    ].freeze
+    METADATA_KEYS = %i[width height].freeze
 
-    def initialize(options)
-      [:width, :height].each do |length|
-        if options[length] and options[length].is_a?(Hash)
-          if range = options[length][:in]
-            raise ArgumentError, ":in must be a Range" unless range.is_a?(Range)
-            options[length][:min], options[length][:max] = range.min, range.max
-          end
-        end
-      end
-      [:min, :max].each do |dim|
-        if range = options[dim]
-          raise ArgumentError, ":#{dim} must be a Range (width..height)" unless range.is_a?(Range)
-          options[:width] = { dim => range.first }
-          options[:height] = { dim => range.last }
-        end
+    def check_validity!
+      unless AVAILABLE_CHECKS.any? { |argument| options.key?(argument) }
+        raise ArgumentError, 'You must pass either :width, :height, :min or :max to the validator'
       end
-      super
     end
 
+    def validate_each(record, attribute, _value)
+      return if no_attachments?(record, attribute)
 
-    def check_validity!
-      return true if AVAILABLE_CHECKS.any? { |argument| options.key?(argument) }
-      raise ArgumentError, 'You must pass either :width, :height, :min or :max to the validator'
+      validate_changed_files_from_metadata(record, attribute, METADATA_KEYS)
     end
 
+    private
 
-    if Rails.gem_version >= Gem::Version.new('6.0.0')
-      def validate_each(record, attribute, _value)
-        return true unless record.send(attribute).attached?
-
-        changes = record.attachment_changes[attribute.to_s]
-        return true if changes.blank?
-
-        files = Array.wrap(changes.is_a?(ActiveStorage::Attached::Changes::CreateMany) ? changes.attachables : changes.attachable)
-        files.each do |file|
-          metadata = Metadata.new(file).metadata
-          next if is_valid?(record, attribute, metadata)
-          break
-        end
-      end
-    else
-      # Rails 5
-      def validate_each(record, attribute, _value)
-        return true unless record.send(attribute).attached?
-
-        files = Array.wrap(record.send(attribute))
-        files.each do |file|
-          # Analyze file first if not analyzed to get all required metadata.
-          file.analyze; file.reload unless file.analyzed?
-          metadata = file.metadata rescue {}
-          next if is_valid?(record, attribute, metadata)
-          break
-        end
-      end
-    end
-
+    def is_valid?(record, attribute, file, metadata)
+      flat_options = process_options(record)
+      errors_options = initialize_error_options(options, file)
 
-    def is_valid?(record, attribute, file_metadata)
       # Validation fails unless file metadata contains valid width and height.
-      if file_metadata[:width].to_i <= 0 || file_metadata[:height].to_i <= 0
-        add_error(record, attribute, options[:message].presence || :image_metadata_missing)
+      if metadata[:width].to_i <= 0 || metadata[:height].to_i <= 0
+        add_error(record, attribute, :media_metadata_missing, **errors_options)
         return false
       end
 
       # Validation based on checks :min and :max (:min, :max has higher priority to :width, :height).
-      if options[:min] || options[:max]
-        if options[:min] && (
-          (options[:width][:min] && file_metadata[:width] < options[:width][:min]) ||
-          (options[:height][:min] && file_metadata[:height] < options[:height][:min])
+      if flat_options[:min] || flat_options[:max]
+        if flat_options[:min] && (
+          (flat_options[:width][:min] && metadata[:width] < flat_options[:width][:min]) ||
+          (flat_options[:height][:min] && metadata[:height] < flat_options[:height][:min])
           )
-          add_error(record, attribute, options[:message].presence || :"dimension_min_inclusion", width: options[:width][:min], height: options[:height][:min])
+          errors_options[:width] = flat_options[:width][:min]
+          errors_options[:height] = flat_options[:height][:min]
+
+          add_error(record, attribute, :dimension_min_not_included_in, **errors_options)
           return false
         end
-        if options[:max] && (
-          (options[:width][:max] && file_metadata[:width] > options[:width][:max]) ||
-          (options[:height][:max] && file_metadata[:height] > options[:height][:max])
+        if flat_options[:max] && (
+          (flat_options[:width][:max] && metadata[:width] > flat_options[:width][:max]) ||
+          (flat_options[:height][:max] && metadata[:height] > flat_options[:height][:max])
           )
-          add_error(record, attribute, options[:message].presence || :"dimension_max_inclusion", width: options[:width][:max], height: options[:height][:max])
+          errors_options[:width] = flat_options[:width][:max]
+          errors_options[:height] = flat_options[:height][:max]
+
+          add_error(record, attribute, :dimension_max_not_included_in, **errors_options)
           return false
         end
 
       # Validation based on checks :width and :height.
       else
+        width_or_height_invalid = false
+
         [:width, :height].each do |length|
-          next unless options[length]
-          if options[length].is_a?(Hash)
-            if options[length][:in] && (file_metadata[length] < options[length][:min] || file_metadata[length] > options[length][:max])
-              add_error(record, attribute, options[:message].presence || :"dimension_#{length}_inclusion", min: options[length][:min], max: options[length][:max])
-              return false
+          next unless flat_options[length]
+          if flat_options[length].is_a?(Hash)
+            if flat_options[length][:in] && (metadata[length] < flat_options[length][:min] || metadata[length] > flat_options[length][:max])
+              error_type = :"dimension_#{length}_not_included_in"
+              errors_options[:min] = flat_options[length][:min]
+              errors_options[:max] = flat_options[length][:max]
+
+              add_error(record, attribute, error_type, **errors_options)
+              width_or_height_invalid = true
             else
-              if options[length][:min] && file_metadata[length] < options[length][:min]
-                add_error(record, attribute, options[:message].presence || :"dimension_#{length}_greater_than_or_equal_to", length: options[length][:min])
-                return false
-              end
-              if options[length][:max] && file_metadata[length] > options[length][:max]
-                add_error(record, attribute, options[:message].presence || :"dimension_#{length}_less_than_or_equal_to", length: options[length][:max])
-                return false
+              if flat_options[length][:min] && metadata[length] < flat_options[length][:min]
+                error_type = :"dimension_#{length}_not_greater_than_or_equal_to"
+                errors_options[:length] = flat_options[length][:min]
+
+                add_error(record, attribute, error_type, **errors_options)
+                width_or_height_invalid = true
+              elsif flat_options[length][:max] && metadata[length] > flat_options[length][:max]
+                error_type = :"dimension_#{length}_not_less_than_or_equal_to"
+                errors_options[:length] = flat_options[length][:max]
+
+                add_error(record, attribute, error_type, **errors_options)
+                width_or_height_invalid = true
               end
             end
           else
-            if file_metadata[length] != options[length]
-              add_error(record, attribute, options[:message].presence || :"dimension_#{length}_equal_to", length: options[length])
-              return false
+            if metadata[length] != flat_options[length]
+              error_type = :"dimension_#{length}_not_equal_to"
+              errors_options[:length] = flat_options[length]
+
+              add_error(record, attribute, error_type, **errors_options)
+              width_or_height_invalid = true
             end
           end
         end
+
+        return false if width_or_height_invalid
       end
 
       true # valid file
     end
 
-    def add_error(record, attribute, type, **attrs)
-      key = options[:message].presence || type
-      return if record.errors.added?(attribute, key)
-      record.errors.add(attribute, key, **attrs)
-    end
+    def process_options(record)
+      flat_options = set_flat_options(record)
+
+      [:width, :height].each do |length|
+        if flat_options[length] and flat_options[length].is_a?(Hash)
+          if (range = flat_options[length][:in])
+            raise ArgumentError, ":in must be a Range" unless range.is_a?(Range)
+            flat_options[length][:min], flat_options[length][:max] = range.min, range.max
+          end
+        end
+      end
+      [:min, :max].each do |dim|
+        if (range = flat_options[dim])
+          raise ArgumentError, ":#{dim} must be a Range (width..height)" unless range.is_a?(Range)
+          flat_options[:width] = { dim => range.first }
+          flat_options[:height] = { dim => range.last }
+        end
+      end
 
+      flat_options
+    end
   end
 end

data/lib/active_storage_validations/duration_validator.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require_relative 'base_comparison_validator'
+
+module ActiveStorageValidations
+  class DurationValidator < BaseComparisonValidator
+    include ASVAnalyzable
+    include ASVAttachable
+
+    ERROR_TYPES = %i[
+      duration_not_less_than
+      duration_not_less_than_or_equal_to
+      duration_not_greater_than
+      duration_not_greater_than_or_equal_to
+      duration_not_between
+    ].freeze
+    METADATA_KEYS = %i[duration].freeze
+
+    def validate_each(record, attribute, _value)
+      return if no_attachments?(record, attribute)
+
+      flat_options = set_flat_options(record)
+
+      attachables_and_blobs(record, attribute).each do |attachable, blob|
+        duration = metadata_for(blob, attachable, METADATA_KEYS)&.fetch(:duration, nil)
+
+        if duration.to_i <= 0
+          errors_options = initialize_error_options(options, attachable)
+          add_error(record, attribute, :media_metadata_missing, **errors_options)
+          next
+        end
+
+        next if is_valid?(duration, flat_options)
+
+        errors_options = initialize_error_options(options, attachable)
+        populate_error_options(errors_options, flat_options)
+        errors_options[:duration] = format_bound_value(duration)
+
+        keys = AVAILABLE_CHECKS & flat_options.keys
+        error_type = "duration_not_#{keys.first}".to_sym
+
+        add_error(record, attribute, error_type, **errors_options)
+      end
+    end
+
+    private
+
+    def format_bound_value(value)
+      return nil unless value
+
+      custom_value = value == value.to_i ? value.to_i : value
+      ActiveSupport::Duration.build(custom_value).inspect
+    end
+  end
+end

data/lib/active_storage_validations/extensors/asv_blob_metadatable.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module ActiveStorageValidations
+  module ASVBlobMetadatable
+    extend ActiveSupport::Concern
+
+    included do
+      # This method returns the metadata that has been set by our gem.
+      # The metadata is stored in the blob's custom metadata. All keys are prefixed with 'asv_'
+      # to avoid conflicts with other metadata.
+      # It is not to set a active_storage_validation key equal to a a hash of our gem's metadata,
+      # because this would result in errors down the road with services such as S3.
+      #
+      # Because of how the metadata is stored, we need to convert the values from String
+      # to Integer or Boolean.
+      def active_storage_validations_metadata
+        metadata.dig('custom')
+                &.select { |key, _| key.to_s.start_with?('asv_') }
+                &.transform_keys { |key| key.to_s.delete_prefix('asv_') }
+                &.transform_values do |value|
+                  case value
+                  when /\A\d+\z/ then value.to_i
+                  when /\A\d+\.\d+\z/ then value.to_f
+                  when 'true' then true
+                  when 'false' then false
+                  else value
+                  end
+                end || {}
+      end
+
+      # This method sets the metadata that has been detected by our gem.
+      # The metadata is stored in the blob's custom metadata. All keys are prefixed with 'asv_'.
+      # We need to store values as String, because services such as S3 will not accept other types.
+      def merge_into_active_storage_validations_metadata(hash)
+        aws_compatible_metadata = normalize_active_storage_validations_metadata_for_aws(hash)
+
+        metadata['custom'] ||= {}
+        metadata['custom'].merge!(aws_compatible_metadata)
+
+        active_storage_validations_metadata
+      end
+
+      def normalize_active_storage_validations_metadata_for_aws(hash)
+        hash.transform_keys { |key, _| key.to_s.start_with?('asv_') ? key : "asv_#{key}" }
+            .transform_values(&:to_s)
+      end
+    end
+  end
+end

data/lib/active_storage_validations/extensors/asv_marcelable.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "marcel"
+
+Marcel::MimeType.extend "application/x-rar-compressed", parents: %(application/x-rar)
+Marcel::MimeType.extend "audio/x-hx-aac-adts", parents: %(audio/x-aac)
+Marcel::MimeType.extend "audio/x-m4a", parents: %(audio/mp4)
+Marcel::MimeType.extend "text/xml", parents: %(application/xml) # alias
+Marcel::MimeType.extend "video/theora", parents: %(video/ogg)
+
+# Add empty content type
+Marcel::MimeType.extend "inode/x-empty", extensions: %w(empty)