active_storage_validations 1.4.0 → 2.0.0

data/lib/active_storage_validations/shared/asv_attachable.rb

@@ -16,22 +16,37 @@ module ActiveStorageValidations
     # Loop through the newly submitted attachables to validate them. Using
     # attachables is the only way to get the attached file io that is necessary
     # to perform file analyses.
-    def validate_changed_files_from_metadata(record, attribute)
-      attachables_from_changes(record, attribute).each do |attachable|
-        is_valid?(record, attribute, attachable, metadata_for(attachable))
+    def validate_changed_files_from_metadata(record, attribute, metadata_keys)
+      attachables_and_blobs(record, attribute).each do |attachable, blob|
+        is_valid?(record, attribute, attachable, metadata_for(blob, attachable, metadata_keys))
       end
     end
 
-    # Retrieve an array of newly submitted attachables. Some file could be passed
-    # several times, we just need to perform the analysis once on the file,
-    # therefore the use of #uniq.
-    def attachables_from_changes(record, attribute)
-      changes = record.attachment_changes[attribute.to_s]
-      return [] if changes.blank?
+    # Retrieve an array-like of attachables and blobs. Unlike its name suggests,
+    # getting attachables from attachment_changes is not getting the changed
+    # attachables but all attachables from the `has_many_attached` relation.
+    # For the `has_one_attached` relation, it only yields the new attachable,
+    # but if we are validating previously attached file, we need to use the blob
+    # See #attach at: https://github.com/rails/rails/blob/main/activestorage/lib/active_storage/attached/many.rb
+    #
+    # Some file could be passed several times, we just need to perform the
+    # analysis once on the file, therefore the use of #uniq.
+    def attachables_and_blobs(record, attribute)
+      changes = if record.public_send(attribute).is_a?(ActiveStorage::Attached::One)
+        record.attachment_changes[attribute.to_s].presence || record.public_send(attribute)
+      else
+        record.attachment_changes[attribute.to_s]
+      end
 
-      Array.wrap(
-        changes.is_a?(ActiveStorage::Attached::Changes::CreateMany) ? changes.attachables : changes.attachable
-      ).uniq
+      return to_enum(:attachables_and_blobs, record, attribute) if changes.blank? || !block_given?
+
+      if changes.is_a?(ActiveStorage::Attached::Changes::CreateMany)
+        changes.attachables.uniq.zip(changes.blobs.uniq).each do |attachable, blob|
+          yield attachable, blob
+        end
+      else
+        yield changes.is_a?(ActiveStorage::Attached::Changes::CreateOne) ? changes.attachable : changes.blob, changes.blob
+      end
     end
 
     # Retrieve the full declared content_type from attachable.
@@ -60,9 +75,15 @@ module ActiveStorageValidations
     # Retrieve the declared content_type from attachable without potential mime
     # type parameters (e.g. 'application/x-rar-compressed;version=5')
     def attachable_content_type(attachable)
-      full_attachable_content_type(attachable) && full_attachable_content_type(attachable).downcase.split(/[;,\s]/, 2).first
+      full_attachable_content_type(attachable) && content_type_without_parameters(full_attachable_content_type(attachable))
+    end
+
+    # Remove the potential mime type parameters from the content_type (e.g.
+    # 'application/x-rar-compressed;version=5')
+    def content_type_without_parameters(content_type)
+      content_type && content_type.downcase.split(/[;,\s]/, 2).first
     end
-      
+
     # Retrieve the content_type from attachable using the same logic as Rails
     # ActiveStorage::Blob::Identifiable#identify_content_type
     def attachable_content_type_rails_like(attachable)
@@ -79,7 +100,7 @@ module ActiveStorageValidations
     def attachable_media_type(attachable)
       (full_attachable_content_type(attachable) || marcel_content_type_from_filename(attachable)).split("/").first
     end
-    
+
     # Retrieve the io from attachable.
     def attachable_io(attachable, max_byte_size: nil)
       io = case attachable

data/lib/active_storage_validations/size_validator.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
-require_relative 'base_size_validator'
+require_relative 'base_comparison_validator'
 
 module ActiveStorageValidations
-  class SizeValidator < BaseSizeValidator
+  class SizeValidator < BaseComparisonValidator
     ERROR_TYPES = %i[
       file_size_not_less_than
       file_size_not_less_than_or_equal_to
@@ -12,6 +12,8 @@ module ActiveStorageValidations
       file_size_not_between
     ].freeze
 
+    delegate :number_to_human_size, to: ActiveSupport::NumberHelper
+
     def validate_each(record, attribute, _value)
       return if no_attachments?(record, attribute)
 
@@ -22,7 +24,7 @@ module ActiveStorageValidations
 
         errors_options = initialize_error_options(options, file)
         populate_error_options(errors_options, flat_options)
-        errors_options[:file_size] = number_to_human_size(file.blob.byte_size)
+        errors_options[:file_size] = format_bound_value(file.blob.byte_size)
 
         keys = AVAILABLE_CHECKS & flat_options.keys
         error_type = "file_size_not_#{keys.first}".to_sym
@@ -30,5 +32,11 @@ module ActiveStorageValidations
         add_error(record, attribute, error_type, **errors_options)
       end
     end
+
+    private
+
+    def format_bound_value(value)
+      number_to_human_size(value)
+    end
   end
 end

data/lib/active_storage_validations/total_size_validator.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
-require_relative 'base_size_validator'
+require_relative 'base_comparison_validator'
 
 module ActiveStorageValidations
-  class TotalSizeValidator < BaseSizeValidator
+  class TotalSizeValidator < BaseComparisonValidator
     ERROR_TYPES = %i[
       total_file_size_not_less_than
       total_file_size_not_less_than_or_equal_to
@@ -12,6 +12,8 @@ module ActiveStorageValidations
       total_file_size_not_between
     ].freeze
 
+    delegate :number_to_human_size, to: ActiveSupport::NumberHelper
+
     def validate_each(record, attribute, _value)
       custom_check_validity!(record, attribute)
 
@@ -24,7 +26,7 @@ module ActiveStorageValidations
 
       errors_options = initialize_error_options(options, nil)
       populate_error_options(errors_options, flat_options)
-      errors_options[:total_file_size] = number_to_human_size(total_file_size)
+      errors_options[:total_file_size] = format_bound_value(total_file_size)
 
       keys = AVAILABLE_CHECKS & flat_options.keys
       error_type = "total_file_size_not_#{keys.first}".to_sym
@@ -41,5 +43,9 @@ module ActiveStorageValidations
         raise ArgumentError, 'This validator is only available for has_many_attached relations'
       end
     end
+
+    def format_bound_value(value)
+      number_to_human_size(value)
+    end
   end
 end

data/lib/active_storage_validations/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ActiveStorageValidations
-  VERSION = '1.4.0'
+  VERSION = '2.0.0'
 end

data/lib/active_storage_validations.rb

@@ -8,6 +8,11 @@ require 'active_storage_validations/analyzer/image_analyzer'
 require 'active_storage_validations/analyzer/image_analyzer/image_magick'
 require 'active_storage_validations/analyzer/image_analyzer/vips'
 require 'active_storage_validations/analyzer/null_analyzer'
+require 'active_storage_validations/analyzer/video_analyzer'
+require 'active_storage_validations/analyzer/audio_analyzer'
+
+require 'active_storage_validations/extensors/asv_blob_metadatable'
+require 'active_storage_validations/extensors/asv_marcelable'
 
 require 'active_storage_validations/railtie'
 require 'active_storage_validations/engine'
@@ -15,13 +20,12 @@ require 'active_storage_validations/attached_validator'
 require 'active_storage_validations/content_type_validator'
 require 'active_storage_validations/limit_validator'
 require 'active_storage_validations/dimension_validator'
+require 'active_storage_validations/duration_validator'
 require 'active_storage_validations/aspect_ratio_validator'
-require 'active_storage_validations/processable_image_validator'
+require 'active_storage_validations/processable_file_validator'
 require 'active_storage_validations/size_validator'
 require 'active_storage_validations/total_size_validator'
 
-require 'active_storage_validations/marcel_extensor'
-
 ActiveSupport.on_load(:active_record) do
   send :include, ActiveStorageValidations
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: active_storage_validations
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Igor Kasyanchuk
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-12-21 00:00:00.000000000 Z
+date: 2025-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activejob
@@ -260,27 +260,33 @@ files:
 - config/locales/zh-CN.yml
 - lib/active_storage_validations.rb
 - lib/active_storage_validations/analyzer.rb
+- lib/active_storage_validations/analyzer/audio_analyzer.rb
+- lib/active_storage_validations/analyzer/content_type_analyzer.rb
 - lib/active_storage_validations/analyzer/image_analyzer.rb
 - lib/active_storage_validations/analyzer/image_analyzer/image_magick.rb
 - lib/active_storage_validations/analyzer/image_analyzer/vips.rb
 - lib/active_storage_validations/analyzer/null_analyzer.rb
+- lib/active_storage_validations/analyzer/shared/asv_ff_probable.rb
+- lib/active_storage_validations/analyzer/video_analyzer.rb
 - lib/active_storage_validations/aspect_ratio_validator.rb
 - lib/active_storage_validations/attached_validator.rb
-- lib/active_storage_validations/base_size_validator.rb
-- lib/active_storage_validations/content_type_spoof_detector.rb
+- lib/active_storage_validations/base_comparison_validator.rb
 - lib/active_storage_validations/content_type_validator.rb
 - lib/active_storage_validations/dimension_validator.rb
+- lib/active_storage_validations/duration_validator.rb
 - lib/active_storage_validations/engine.rb
+- lib/active_storage_validations/extensors/asv_blob_metadatable.rb
+- lib/active_storage_validations/extensors/asv_marcelable.rb
 - lib/active_storage_validations/limit_validator.rb
-- lib/active_storage_validations/marcel_extensor.rb
 - lib/active_storage_validations/matchers.rb
 - lib/active_storage_validations/matchers/aspect_ratio_validator_matcher.rb
 - lib/active_storage_validations/matchers/attached_validator_matcher.rb
-- lib/active_storage_validations/matchers/base_size_validator_matcher.rb
+- lib/active_storage_validations/matchers/base_comparison_validator_matcher.rb
 - lib/active_storage_validations/matchers/content_type_validator_matcher.rb
 - lib/active_storage_validations/matchers/dimension_validator_matcher.rb
+- lib/active_storage_validations/matchers/duration_validator_matcher.rb
 - lib/active_storage_validations/matchers/limit_validator_matcher.rb
-- lib/active_storage_validations/matchers/processable_image_validator_matcher.rb
+- lib/active_storage_validations/matchers/processable_file_validator_matcher.rb
 - lib/active_storage_validations/matchers/shared/asv_active_storageable.rb
 - lib/active_storage_validations/matchers/shared/asv_allow_blankable.rb
 - lib/active_storage_validations/matchers/shared/asv_attachable.rb
@@ -290,7 +296,7 @@ files:
 - lib/active_storage_validations/matchers/shared/asv_validatable.rb
 - lib/active_storage_validations/matchers/size_validator_matcher.rb
 - lib/active_storage_validations/matchers/total_size_validator_matcher.rb
-- lib/active_storage_validations/processable_image_validator.rb
+- lib/active_storage_validations/processable_file_validator.rb
 - lib/active_storage_validations/railtie.rb
 - lib/active_storage_validations/shared/asv_active_storageable.rb
 - lib/active_storage_validations/shared/asv_analyzable.rb

data/lib/active_storage_validations/content_type_spoof_detector.rb

@@ -1,96 +0,0 @@
-# frozen_string_literal: true
-
-require_relative 'shared/asv_analyzable'
-require_relative 'shared/asv_attachable'
-require_relative 'shared/asv_loggable'
-require 'open3'
-
-module ActiveStorageValidations
-  class ContentTypeSpoofDetector
-    class FileCommandLineToolNotInstalledError < StandardError; end
-
-    include ASVAnalyzable
-    include ASVAttachable
-    include ASVLoggable
-
-    def initialize(record, attribute, attachable)
-      @record = record
-      @attribute = attribute
-      @attachable = attachable
-    end
-
-    def spoofed?
-      if supplied_content_type_vs_open3_analizer_mismatch?
-        logger.info "Content Type Spoofing detected for file '#{filename}'. The supplied content type is '#{supplied_content_type}' but the content type discovered using open3 is '#{content_type_from_analyzer}'."
-        true
-      else
-        false
-      end
-    end
-
-    private
-
-    def filename
-      @filename ||= attachable_filename(@attachable).to_s
-    end
-
-    def supplied_content_type
-      @supplied_content_type ||= attachable_content_type(@attachable)
-    end
-
-    def io
-      @io ||= attachable_io(@attachable)
-    end
-
-    # Return the content_type found by Open3 analysis.
-    #
-    # Using Open3 is a better alternative than Marcel (Marcel::MimeType.for(io))
-    # for analyzing content type solely based on the file io.
-    def content_type_from_analyzer
-      @content_type_from_analyzer ||= open3_mime_type_for_io
-    end
-
-    def open3_mime_type_for_io
-      return nil if io.bytesize == 0
-
-      Tempfile.create do |tempfile|
-        tempfile.binmode
-        tempfile.write(io)
-        tempfile.rewind
-
-        command = "file -b --mime-type #{tempfile.path}"
-        output, status = Open3.capture2(command)
-
-        if status.success?
-          mime_type = output.strip
-          return mime_type
-        else
-          raise "Error determining MIME type: #{output}"
-        end
-
-      rescue Errno::ENOENT
-        raise FileCommandLineToolNotInstalledError, 'file command-line tool is not installed'
-      end
-    end
-
-    def supplied_content_type_vs_open3_analizer_mismatch?
-      supplied_content_type.present? &&
-        !supplied_content_type_intersects_content_type_from_analyzer?
-    end
-
-    def supplied_content_type_intersects_content_type_from_analyzer?
-      # Ruby intersects? method is only available from 3.1
-      enlarged_content_type(supplied_content_type).any? do |item|
-        enlarged_content_type(content_type_from_analyzer).include?(item)
-      end
-    end
-
-    def enlarged_content_type(content_type)
-      [content_type, *parent_content_types(content_type)].compact.uniq
-    end
-
-    def parent_content_types(content_type)
-      Marcel::TYPE_PARENTS[content_type] || []
-    end
-  end
-end