activestorage 0.1 → 5.2.0.beta1

data/Rakefile

@@ -1,11 +0,0 @@
-require "bundler/setup"
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new do |test|
-  test.libs << "test"
-  test.test_files = FileList["test/**/*_test.rb"]
-  test.warning = false
-end
-
-task default: :test

data/activestorage.gemspec

@@ -1,21 +0,0 @@
-Gem::Specification.new do |s|
-  s.name     = "activestorage"
-  s.version  = "0.1"
-  s.authors  = "David Heinemeier Hansson"
-  s.email    = "david@basecamp.com"
-  s.summary  = "Attach cloud and local files in Rails applications"
-  s.homepage = "https://github.com/rails/activestorage"
-  s.license  = "MIT"
-
-  s.required_ruby_version = ">= 2.3.0"
-
-  s.add_dependency "activesupport", ">= 5.1"
-  s.add_dependency "activerecord", ">= 5.1"
-  s.add_dependency "actionpack", ">= 5.1"
-  s.add_dependency "activejob", ">= 5.1"
-
-  s.add_development_dependency "bundler", "~> 1.15"
-
-  s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- test/*`.split("\n")
-end

data/lib/active_storage/attachment.rb

@@ -1,30 +0,0 @@
-require "active_storage/blob"
-require "global_id"
-require "active_support/core_ext/module/delegation"
-
-# Schema: id, record_gid, blob_id, created_at
-class ActiveStorage::Attachment < ActiveRecord::Base
-  self.table_name = "active_storage_attachments"
-
-  belongs_to :blob, class_name: "ActiveStorage::Blob"
-
-  delegate_missing_to :blob
-
-  def record
-    @record ||= GlobalID::Locator.locate(record_gid)
-  end
-
-  def record=(record)
-    @record = record
-    self.record_gid = record&.to_gid
-  end
-
-  def purge
-    blob.purge
-    destroy
-  end
-
-  def purge_later
-    ActiveStorage::PurgeJob.perform_later(self)
-  end
-end

data/lib/active_storage/blob.rb

@@ -1,80 +0,0 @@
-require "active_storage/service"
-require "active_storage/filename"
-require "active_storage/purge_job"
-
-# Schema: id, key, filename, content_type, metadata, byte_size, checksum, created_at
-class ActiveStorage::Blob < ActiveRecord::Base
-  self.table_name = "active_storage_blobs"
-
-  has_secure_token :key
-  store :metadata, coder: JSON
-
-  class_attribute :service
-
-  class << self
-    def build_after_upload(io:, filename:, content_type: nil, metadata: nil)
-      new.tap do |blob|
-        blob.filename     = filename
-        blob.content_type = content_type
-        blob.metadata     = metadata
-
-        blob.upload io
-      end
-    end
-
-    def create_after_upload!(io:, filename:, content_type: nil, metadata: nil)
-      build_after_upload(io: io, filename: filename, content_type: content_type, metadata: metadata).tap(&:save!)
-    end
-  end
-
-  # We can't wait until the record is first saved to have a key for it
-  def key
-    self[:key] ||= self.class.generate_unique_secure_token
-  end
-
-  def filename
-    ActiveStorage::Filename.new(self[:filename])
-  end
-
-  def url(expires_in: 5.minutes, disposition: :inline)
-    service.url key, expires_in: expires_in, disposition: disposition, filename: filename
-  end
-
-
-  def upload(io)
-    self.checksum  = compute_checksum_in_chunks(io)
-    self.byte_size = io.size
-
-    service.upload(key, io, checksum: checksum)
-  end
-
-  def download
-    service.download key
-  end
-
-
-  def delete
-    service.delete key
-  end
-
-  def purge
-    delete
-    destroy
-  end
-
-  def purge_later
-    ActiveStorage::PurgeJob.perform_later(self)
-  end
-
-
-  private
-    def compute_checksum_in_chunks(io)
-      Digest::MD5.new.tap do |checksum|
-        while chunk = io.read(5.megabytes)
-          checksum << chunk
-        end
-
-        io.rewind
-      end.base64digest
-    end
-end

data/lib/active_storage/disk_controller.rb

@@ -1,28 +0,0 @@
-require "action_controller"
-require "active_storage/blob"
-require "active_storage/verified_key_with_expiration"
-
-require "active_support/core_ext/object/inclusion"
-
-class ActiveStorage::DiskController < ActionController::Base
-  def show
-    if key = decode_verified_key
-      blob = ActiveStorage::Blob.find_by!(key: key)
-      
-      if stale?(etag: blob.checksum)
-        send_data blob.download, filename: blob.filename, type: blob.content_type, disposition: disposition_param
-      end
-    else
-      head :not_found
-    end
-  end
-
-  private
-    def decode_verified_key
-      ActiveStorage::VerifiedKeyWithExpiration.decode(params[:encoded_key])
-    end
-
-    def disposition_param
-      params[:disposition].presence_in(%w( inline attachment )) || 'inline'
-    end
-end

data/lib/active_storage/download.rb

@@ -1,90 +0,0 @@
-class ActiveStorage::Download
-  # Sending .ai files as application/postscript to Safari opens them in a blank, grey screen.
-  # Downloading .ai as application/postscript files in Safari appends .ps to the extension.
-  # Sending HTML, SVG, XML and SWF files as binary closes XSS vulnerabilities.
-  # Sending JS files as binary avoids InvalidCrossOriginRequest without compromising security.
-  CONTENT_TYPES_TO_RENDER_AS_BINARY = %w(
-    text/html
-    text/javascript
-    image/svg+xml
-    application/postscript
-    application/x-shockwave-flash
-    text/xml
-    application/xml
-    application/xhtml+xml
-  )
-
-  BINARY_CONTENT_TYPE = 'application/octet-stream'
-
-  def initialize(stored_file)
-    @stored_file = stored_file
-  end
-
-  def headers(force_attachment: false)
-    {
-      x_accel_redirect:    '/reproxy',
-      x_reproxy_url:       reproxy_url,
-      content_type:        content_type,
-      content_disposition: content_disposition(force_attachment),
-      x_frame_options:     'SAMEORIGIN'
-    }
-  end
-
-  private
-    def reproxy_url
-      @stored_file.depot_location.paths.first
-    end
-
-    def content_type
-      if @stored_file.content_type.in? CONTENT_TYPES_TO_RENDER_AS_BINARY
-        BINARY_CONTENT_TYPE
-      else
-        @stored_file.content_type
-      end
-    end
-
-    def content_disposition(force_attachment = false)
-      if force_attachment || content_type == BINARY_CONTENT_TYPE
-        "attachment; #{escaped_filename}"
-      else
-        "inline; #{escaped_filename}"
-      end
-    end
-
-    # RFC2231 encoding for UTF-8 filenames, with an ASCII fallback
-    # first for unsupported browsers (IE < 9, perhaps others?).
-    # http://greenbytes.de/tech/tc2231/#encoding-2231-fb
-    def escaped_filename
-      filename = @stored_file.filename.sanitized
-      ascii_filename = encode_ascii_filename(filename)
-      utf8_filename = encode_utf8_filename(filename)
-      "#{ascii_filename}; #{utf8_filename}"
-    end
-
-    TRADITIONAL_PARAMETER_ESCAPED_CHAR = /[^ A-Za-z0-9!#$+.^_`|~-]/
-
-    def encode_ascii_filename(filename)
-      # There is no reliable way to escape special or non-Latin characters
-      # in a traditionally quoted Content-Disposition filename parameter.
-      # Settle for transliterating to ASCII, then percent-escaping special
-      # characters, excluding spaces.
-      filename = I18n.transliterate(filename)
-      filename = percent_escape(filename, TRADITIONAL_PARAMETER_ESCAPED_CHAR)
-      %(filename="#{filename}")
-    end
-
-    RFC5987_PARAMETER_ESCAPED_CHAR = /[^A-Za-z0-9!#$&+.^_`|~-]/
-
-    def encode_utf8_filename(filename)
-      # RFC2231 filename parameters can simply be percent-escaped according
-      # to RFC5987.
-      filename = percent_escape(filename, RFC5987_PARAMETER_ESCAPED_CHAR)
-      %(filename*=UTF-8''#{filename})
-    end
-
-    def percent_escape(string, pattern)
-      string.gsub(pattern) do |char|
-        char.bytes.map { |byte| "%%%02X" % byte }.join("")
-      end
-    end
-end

data/lib/active_storage/filename.rb

@@ -1,31 +0,0 @@
-class ActiveStorage::Filename
-  include Comparable
-
-  def initialize(filename)
-    @filename = filename
-  end
-
-  def extname
-    File.extname(@filename)
-  end
-
-  def extension
-    extname.from(1)
-  end
-
-  def base
-    File.basename(@filename, extname)
-  end
-
-  def sanitized
-    @filename.encode(Encoding::UTF_8, invalid: :replace, undef: :replace, replace: "�").strip.tr("\u{202E}%$|:;/\t\r\n\\", "-")
-  end
-
-  def to_s
-    sanitized.to_s
-  end
-
-  def <=>(other)
-    to_s.downcase <=> other.to_s.downcase
-  end
-end

data/lib/active_storage/migration.rb

@@ -1,28 +0,0 @@
-class ActiveStorage::CreateTables < ActiveRecord::Migration[5.1]
-  def change
-    create_table :active_storage_blobs do |t|
-      t.string  :key
-      t.string  :filename
-      t.string  :content_type
-      t.text    :metadata
-      t.integer :byte_size
-      t.string  :checksum
-      t.time    :created_at
-
-      t.index [ :key ], unique: true
-    end
-
-    create_table :active_storage_attachments do |t|
-      t.string  :name
-      t.string  :record_gid
-      t.integer :blob_id
-
-      t.time :created_at
-
-      t.index :record_gid
-      t.index :blob_id
-      t.index [ :record_gid, :name ]
-      t.index [ :record_gid, :blob_id ], unique: true
-    end
-  end
-end

data/lib/active_storage/purge_job.rb

@@ -1,10 +0,0 @@
-require "active_job"
-
-class ActiveStorage::PurgeJob < ActiveJob::Base
-  # FIXME: Limit this to a custom ActiveStorage error
-  retry_on StandardError
-
-  def perform(attachment_or_blob)
-    attachment_or_blob.purge
-  end
-end

data/lib/active_storage/railtie.rb

@@ -1,56 +0,0 @@
-require "rails/railtie"
-
-module ActiveStorage
-  class Engine < Rails::Engine # :nodoc:
-    config.active_storage = ActiveSupport::OrderedOptions.new
-
-    config.eager_load_namespaces << ActiveStorage
-
-    initializer "active_storage.routes" do
-      require "active_storage/disk_controller"
-
-      config.after_initialize do |app|
-        app.routes.prepend do
-          get "/rails/blobs/:encoded_key" => "active_storage/disk#show", as: :rails_disk_blob
-        end
-      end
-    end
-
-    initializer "active_storage.attached" do
-      require "active_storage/attached"
-
-      ActiveSupport.on_load(:active_record) do
-        extend ActiveStorage::Attached::Macros
-      end
-    end
-
-    config.after_initialize do |app|
-      config_choice = app.config.active_storage.service
-      config_file   = Pathname.new(Rails.root.join("config/storage_services.yml"))
-
-      if config_choice
-        raise("Couldn't find Active Storage configuration in #{config_file}") unless config_file.exist?
-
-        begin
-          require "yaml"
-          require "erb"
-          configs = YAML.load(ERB.new(config_file.read).result) || {}
-
-          if service_configuration = configs[config_choice.to_s].symbolize_keys
-            service_name = service_configuration.delete(:service)
-
-            ActiveStorage::Blob.service = ActiveStorage::Service.configure(service_name, service_configuration)
-          else
-            raise "Couldn't configure Active Storage as #{config_choice} was not found in #{config_file}"
-          end
-        rescue Psych::SyntaxError => e
-          raise "YAML syntax error occurred while parsing #{config_file}. " \
-                "Please note that YAML must be consistently indented using spaces. Tabs are not allowed. " \
-                "Error: #{e.message}"
-        rescue => e
-          raise e, "Cannot load `Rails.config.active_storage.service`:\n#{e.message}", e.backtrace
-        end
-      end
-    end
-  end
-end

data/lib/active_storage/storage_services.yml

@@ -1,27 +0,0 @@
-test:
-  service: Disk
-  root: <%= Rails.root.join("tmp/storage") %>
-
-local:
-  service: Disk
-  root: <%= Rails.root.join("storage") %>
-
-# Use rails secrets:edit to set the AWS secrets (as shared:aws:access_key_id|secret_access_key)
-amazon:
-  service: S3
-  access_key_id: <%= Rails.application.secrets.aws[:access_key_id] %>
-  secret_access_key: <%= Rails.application.secrets.aws[:secret_access_key] %>
-  region: us-east-1
-  bucket: your_own_bucket
-
-# Remember not to checkin your GCS keyfile to a repository
-google:
-  service: GCS
-  project: your_project
-  keyfile: <%= Rails.root.join("path/to/gcs.keyfile") %>
-  bucket: your_own_bucket
-
-mirror:
-  service: Mirror
-  primary: local
-  secondaries: [ amazon, google ]

data/lib/active_storage/verified_key_with_expiration.rb

@@ -1,24 +0,0 @@
-class ActiveStorage::VerifiedKeyWithExpiration
-  class_attribute :verifier, default: defined?(Rails) ? Rails.application.message_verifier('ActiveStorage') : nil
-
-  class << self
-    def encode(key, expires_in: nil)
-      verifier.generate([ key, expires_at(expires_in) ])
-    end
-
-    def decode(encoded_key)
-      key, expires_at = verifier.verified(encoded_key)
-
-      key if key && fresh?(expires_at)
-    end
-
-    private
-      def expires_at(expires_in)
-        expires_in ? Time.now.utc.advance(seconds: expires_in) : nil
-      end
-
-      def fresh?(expires_at)
-        expires_at.nil? || Time.now.utc < expires_at
-      end
-  end
-end