activestorage 5.2.8.1 → 6.1.6.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activestorage might be problematic. Click here for more details.

Files changed (78) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +245 -94
  3. data/MIT-LICENSE +1 -1
  4. data/README.md +43 -8
  5. data/app/assets/javascripts/activestorage.js +5 -2
  6. data/app/controllers/active_storage/base_controller.rb +13 -4
  7. data/app/controllers/active_storage/blobs/proxy_controller.rb +14 -0
  8. data/app/controllers/active_storage/{blobs_controller.rb → blobs/redirect_controller.rb} +3 -3
  9. data/app/controllers/active_storage/direct_uploads_controller.rb +2 -2
  10. data/app/controllers/active_storage/disk_controller.rb +13 -22
  11. data/app/controllers/active_storage/representations/base_controller.rb +14 -0
  12. data/app/controllers/active_storage/representations/proxy_controller.rb +13 -0
  13. data/app/controllers/active_storage/{representations_controller.rb → representations/redirect_controller.rb} +3 -5
  14. data/app/controllers/concerns/active_storage/file_server.rb +18 -0
  15. data/app/controllers/concerns/active_storage/set_blob.rb +1 -1
  16. data/app/controllers/concerns/active_storage/set_current.rb +15 -0
  17. data/app/controllers/concerns/active_storage/set_headers.rb +12 -0
  18. data/app/javascript/activestorage/blob_record.js +7 -2
  19. data/app/jobs/active_storage/analyze_job.rb +5 -0
  20. data/app/jobs/active_storage/base_job.rb +0 -1
  21. data/app/jobs/active_storage/mirror_job.rb +15 -0
  22. data/app/jobs/active_storage/purge_job.rb +3 -0
  23. data/app/models/active_storage/attachment.rb +35 -16
  24. data/app/models/active_storage/blob/analyzable.rb +6 -2
  25. data/app/models/active_storage/blob/identifiable.rb +7 -6
  26. data/app/models/active_storage/blob/representable.rb +36 -6
  27. data/app/models/active_storage/blob.rb +186 -68
  28. data/app/models/active_storage/filename.rb +0 -6
  29. data/app/models/active_storage/preview.rb +37 -12
  30. data/app/models/active_storage/record.rb +7 -0
  31. data/app/models/active_storage/variant.rb +53 -67
  32. data/app/models/active_storage/variant_record.rb +8 -0
  33. data/app/models/active_storage/variant_with_record.rb +54 -0
  34. data/app/models/active_storage/variation.rb +30 -94
  35. data/config/routes.rb +66 -15
  36. data/db/migrate/20170806125915_create_active_storage_tables.rb +14 -5
  37. data/db/update_migrate/20190112182829_add_service_name_to_active_storage_blobs.rb +17 -0
  38. data/db/update_migrate/20191206030411_create_active_storage_variant_records.rb +11 -0
  39. data/lib/active_storage/analyzer/image_analyzer.rb +14 -4
  40. data/lib/active_storage/analyzer/null_analyzer.rb +4 -0
  41. data/lib/active_storage/analyzer/video_analyzer.rb +17 -8
  42. data/lib/active_storage/analyzer.rb +15 -4
  43. data/lib/active_storage/attached/changes/create_many.rb +47 -0
  44. data/lib/active_storage/attached/changes/create_one.rb +82 -0
  45. data/lib/active_storage/attached/changes/create_one_of_many.rb +10 -0
  46. data/lib/active_storage/attached/changes/delete_many.rb +27 -0
  47. data/lib/active_storage/attached/changes/delete_one.rb +19 -0
  48. data/lib/active_storage/attached/changes.rb +16 -0
  49. data/lib/active_storage/attached/many.rb +19 -12
  50. data/lib/active_storage/attached/model.rb +212 -0
  51. data/lib/active_storage/attached/one.rb +19 -21
  52. data/lib/active_storage/attached.rb +7 -22
  53. data/lib/active_storage/downloader.rb +43 -0
  54. data/lib/active_storage/engine.rb +60 -23
  55. data/lib/active_storage/errors.rb +25 -3
  56. data/lib/active_storage/gem_version.rb +3 -3
  57. data/lib/active_storage/log_subscriber.rb +6 -0
  58. data/lib/active_storage/previewer/mupdf_previewer.rb +3 -3
  59. data/lib/active_storage/previewer/poppler_pdf_previewer.rb +3 -3
  60. data/lib/active_storage/previewer/video_previewer.rb +19 -10
  61. data/lib/active_storage/previewer.rb +34 -14
  62. data/lib/active_storage/reflection.rb +64 -0
  63. data/lib/active_storage/service/azure_storage_service.rb +65 -44
  64. data/lib/active_storage/service/configurator.rb +6 -2
  65. data/lib/active_storage/service/disk_service.rb +57 -44
  66. data/lib/active_storage/service/gcs_service.rb +68 -64
  67. data/lib/active_storage/service/mirror_service.rb +31 -7
  68. data/lib/active_storage/service/registry.rb +32 -0
  69. data/lib/active_storage/service/s3_service.rb +56 -24
  70. data/lib/active_storage/service.rb +44 -12
  71. data/lib/active_storage/transformers/image_processing_transformer.rb +110 -0
  72. data/lib/active_storage/transformers/transformer.rb +39 -0
  73. data/lib/active_storage.rb +33 -7
  74. data/lib/tasks/activestorage.rake +11 -0
  75. metadata +83 -16
  76. data/app/models/active_storage/filename/parameters.rb +0 -36
  77. data/lib/active_storage/attached/macros.rb +0 -110
  78. data/lib/active_storage/downloading.rb +0 -39
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1622fc796a9d8d618e0b27577242ef5f94bc1b073dafd989afa5925812f2f09
4
- data.tar.gz: 523ef183a9a94e744f0bfd92a4b7327199f0db6e5b4781c83f1371a631c3a67f
3
+ metadata.gz: 8fb7344362927b3834f94b8e5cd2420f3c5060066804ccdedace833169d98bf1
4
+ data.tar.gz: 0d3225047a9550eea6007f80b212ce28455795d55ecbfa0e902e480a048c7ceb
5
5
  SHA512:
6
- metadata.gz: 1cd0cb42f828c9dda0092442629097056797d9f95c725bcdab6bc7aa8f8d25a9119174b8d895e2040fe2ce7cdec7ff84441281df7165d694e047790baf5e3747
7
- data.tar.gz: e65c32fd1aad60abb4ff4373f5278891b1111af0c283d3221167045305b60116f79a3f41419125ec3756efec577888ba04a4f173ba8f030f7c9e018a3fcb4e4a
6
+ metadata.gz: 43a65bfab6574ff8f1b8d324da2d305baa99a871971814033fb232c60deaa7e2ed8348da24419e6f73ad13271c0eafcbaefde0598a1ed5cbff5bc8da0fdf3991
7
+ data.tar.gz: 388a9c9628a15f9ac638a592cdbd527db9ab2d7bbb2e8d2492a8e987ea2744e3663e7dbaff18f80d780e199f5a8019d008e05843223cac8649fa9d8e33827cb2
data/CHANGELOG.md CHANGED
@@ -1,214 +1,365 @@
1
- ## Rails 5.2.8.1 (July 12, 2022) ##
1
+ ## Rails 6.1.6.1 (July 12, 2022) ##
2
2
 
3
3
  * No changes.
4
4
 
5
5
 
6
- ## Rails 5.2.8 (May 09, 2022) ##
6
+ ## Rails 6.1.5.1 (April 26, 2022) ##
7
7
 
8
8
  * No changes.
9
9
 
10
10
 
11
- ## Rails 5.2.7.1 (April 26, 2022) ##
11
+ ## Rails 6.1.5 (March 09, 2022) ##
12
12
 
13
- * No changes.
14
-
15
-
16
- ## Rails 5.2.7 (March 10, 2022) ##
13
+ * Attachments can be deleted after their association is no longer defined.
17
14
 
18
- * Fix `ActiveStorage.supported_image_processing_methods` and
19
- `ActiveStorage.unsupported_image_processing_arguments` that were not being applied.
15
+ Fixes #42514
20
16
 
21
- *Rafael Mendonça França*
17
+ *Don Sisco*
22
18
 
23
19
 
24
- ## Rails 5.2.6.3 (March 08, 2022) ##
20
+ ## Rails 6.1.4.7 (March 08, 2022) ##
25
21
 
26
22
  * Added image transformation validation via configurable allow-list.
27
-
23
+
28
24
  Variant now offers a configurable allow-list for
29
25
  transformation methods in addition to a configurable deny-list for arguments.
30
-
26
+
31
27
  [CVE-2022-21831]
32
28
 
33
29
 
34
- ## Rails 5.2.6.2 (February 11, 2022) ##
30
+ ## Rails 6.1.4.6 (February 11, 2022) ##
35
31
 
36
32
  * No changes.
37
33
 
38
34
 
39
- ## Rails 5.2.6.1 (February 11, 2022) ##
35
+ ## Rails 6.1.4.5 (February 11, 2022) ##
40
36
 
41
37
  * No changes.
42
38
 
43
39
 
44
- ## Rails 5.2.6 (May 05, 2021) ##
40
+ ## Rails 6.1.4.4 (December 15, 2021) ##
45
41
 
46
42
  * No changes.
47
43
 
48
44
 
49
- ## Rails 5.2.5 (March 26, 2021) ##
45
+ ## Rails 6.1.4.3 (December 14, 2021) ##
50
46
 
51
- * Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
52
- mime types data.
47
+ * No changes.
53
48
 
54
- *George Claghorn*
55
49
 
56
- * The Poppler PDF previewer renders a preview image using the original
57
- document's crop box rather than its media box, hiding print margins. This
58
- matches the behavior of the MuPDF previewer.
50
+ ## Rails 6.1.4.2 (December 14, 2021) ##
59
51
 
60
- *Vincent Robert*
52
+ * No changes.
61
53
 
62
54
 
63
- ## Rails 5.2.4.6 (May 05, 2021) ##
55
+ ## Rails 6.1.4.1 (August 19, 2021) ##
64
56
 
65
57
  * No changes.
66
58
 
67
59
 
68
- ## Rails 5.2.4.5 (February 10, 2021) ##
60
+ ## Rails 6.1.4 (June 24, 2021) ##
69
61
 
70
- * No changes.
62
+ * The parameters sent to `ffmpeg` for generating a video preview image are now
63
+ configurable under `config.active_storage.video_preview_arguments`.
71
64
 
65
+ *Brendon Muir*
72
66
 
73
- ## Rails 5.2.4.4 (September 09, 2020) ##
67
+ * Fix Active Storage update task when running in an engine.
74
68
 
75
- * No changes.
69
+ *Justin Malčić*
76
70
 
71
+ * Don't raise an error if the mime type is not recognized.
77
72
 
78
- ## Rails 5.2.4.3 (May 18, 2020) ##
73
+ Fixes #41777.
79
74
 
80
- * [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
75
+ *Alex Ghiculescu*
81
76
 
77
+ * `ActiveStorage::PreviewError` is raised when a previewer is unable to generate a preview image.
82
78
 
83
- ## Rails 5.2.4.2 (March 19, 2020) ##
79
+ *Alex Robbin*
84
80
 
85
- * No changes.
81
+ * respond with 404 given invalid variation key when asking for representations.
86
82
 
83
+ *George Claghorn*
87
84
 
88
- ## Rails 5.2.4.1 (December 18, 2019) ##
85
+ * `Blob` creation shouldn't crash if no service selected.
86
+
87
+ *Alex Ghiculescu*
88
+
89
+
90
+ ## Rails 6.1.3.2 (May 05, 2021) ##
89
91
 
90
92
  * No changes.
91
93
 
92
94
 
93
- ## Rails 5.2.4 (November 27, 2019) ##
95
+ ## Rails 6.1.3.1 (March 26, 2021) ##
96
+
97
+ * Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
98
+ mime types data.
99
+
100
+ *George Claghorn*
101
+
102
+
103
+ ## Rails 6.1.3 (February 17, 2021) ##
94
104
 
95
105
  * No changes.
96
106
 
97
107
 
98
- ## Rails 5.2.3 (March 27, 2019) ##
108
+ ## Rails 6.1.2.1 (February 10, 2021) ##
99
109
 
100
110
  * No changes.
101
111
 
102
112
 
103
- ## Rails 5.2.2.1 (March 11, 2019) ##
113
+ ## Rails 6.1.2 (February 09, 2021) ##
104
114
 
105
115
  * No changes.
106
116
 
107
117
 
108
- ## Rails 5.2.2 (December 04, 2018) ##
118
+ ## Rails 6.1.1 (January 07, 2021) ##
109
119
 
110
- * Support multiple submit buttons in Active Storage forms.
120
+ * Fix S3 multipart uploads when threshold is larger than file.
111
121
 
112
- *Chrıs Seelus*
122
+ *Matt Muller*
113
123
 
114
- * Fix `ArgumentError` when uploading to amazon s3
115
124
 
116
- *Hiroki Sanpei*
125
+ ## Rails 6.1.0 (December 09, 2020) ##
117
126
 
118
- * Add a foreign-key constraint to the `active_storage_attachments` table for blobs.
127
+ * Change default queue name of the analysis (`:active_storage_analysis`) and
128
+ purge (`:active_storage_purge`) jobs to be the job adapter's default (`:default`).
119
129
 
120
- *George Claghorn*
130
+ *Rafael Mendonça França*
121
131
 
122
- * Discard `ActiveStorage::PurgeJobs` for missing blobs.
132
+ * Implement `strict_loading` on ActiveStorage associations.
123
133
 
124
- *George Claghorn*
134
+ *David Angulo*
125
135
 
126
- * Fix uploading Tempfiles to Azure Storage.
136
+ * Remove deprecated support to pass `:combine_options` operations to `ActiveStorage::Transformers::ImageProcessing`.
127
137
 
128
- *George Claghorn*
138
+ *Rafael Mendonça França*
139
+
140
+ * Remove deprecated `ActiveStorage::Transformers::MiniMagickTransformer`.
129
141
 
142
+ *Rafael Mendonça França*
130
143
 
131
- ## Rails 5.2.1.1 (November 27, 2018) ##
144
+ * Remove deprecated `config.active_storage.queue`.
145
+
146
+ *Rafael Mendonça França*
132
147
 
133
- * Prevent content type and disposition bypass in storage service URLs.
148
+ * Remove deprecated `ActiveStorage::Downloading`.
149
+
150
+ *Rafael Mendonça França*
151
+
152
+ * Add per-environment configuration support
153
+
154
+ *Pietro Moro*
155
+
156
+ * The Poppler PDF previewer renders a preview image using the original
157
+ document's crop box rather than its media box, hiding print margins. This
158
+ matches the behavior of the MuPDF previewer.
159
+
160
+ *Vincent Robert*
134
161
 
135
- Fix CVE-2018-16477.
162
+ * Touch parent model when an attachment is purged.
136
163
 
137
- *Rosa Gutierrez*
164
+ *Víctor Pérez Rodríguez*
138
165
 
166
+ * Files can now be served by proxying them from the underlying storage service
167
+ instead of redirecting to a signed service URL. Use the
168
+ `rails_storage_proxy_path` and `_url` helpers to proxy an attached file:
139
169
 
140
- ## Rails 5.2.1 (August 07, 2018) ##
170
+ ```erb
171
+ <%= image_tag rails_storage_proxy_path(@user.avatar) %>
172
+ ```
141
173
 
142
- * Fix direct upload with zero-byte files.
174
+ To proxy by default, set `config.active_storage.resolve_model_to_route`:
175
+
176
+ ```ruby
177
+ # Proxy attached files instead.
178
+ config.active_storage.resolve_model_to_route = :rails_storage_proxy
179
+ ```
180
+
181
+ ```erb
182
+ <%= image_tag @user.avatar %>
183
+ ```
184
+
185
+ To redirect to a signed service URL when the default file serving strategy
186
+ is set to proxying, use the `rails_storage_redirect_path` and `_url` helpers:
187
+
188
+ ```erb
189
+ <%= image_tag rails_storage_redirect_path(@user.avatar) %>
190
+ ```
191
+
192
+ *Jonathan Fleckenstein*
193
+
194
+ * Add `config.active_storage.web_image_content_types` to allow applications
195
+ to add content types (like `image/webp`) in which variants can be processed,
196
+ instead of letting those images be converted to the fallback PNG format.
197
+
198
+ *Jeroen van Haperen*
199
+
200
+ * Add support for creating variants of `WebP` images out of the box.
201
+
202
+ *Dino Maric*
203
+
204
+ * Only enqueue analysis jobs for blobs with non-null analyzer classes.
205
+
206
+ *Gannon McGibbon*
207
+
208
+ * Previews are created on the same service as the original blob.
209
+
210
+ *Peter Zhu*
211
+
212
+ * Remove unused `disposition` and `content_type` query parameters for `DiskService`.
213
+
214
+ *Peter Zhu*
215
+
216
+ * Use `DiskController` for both public and private files.
217
+
218
+ `DiskController` is able to handle multiple services by adding a
219
+ `service_name` field in the generated URL in `DiskService`.
220
+
221
+ *Peter Zhu*
222
+
223
+ * Variants are tracked in the database to avoid existence checks in the storage service.
143
224
 
144
225
  *George Claghorn*
145
226
 
146
- * Exclude JSON root from `active_storage/direct_uploads#create` response.
227
+ * Deprecate `service_url` methods in favour of `url`.
228
+
229
+ Deprecate `Variant#service_url` and `Preview#service_url` to instead use
230
+ `#url` method to be consistent with `Blob`.
231
+
232
+ *Peter Zhu*
147
233
 
148
- *Javan Makhmali*
234
+ * Permanent URLs for public storage blobs.
149
235
 
236
+ Services can be configured in `config/storage.yml` with a new key
237
+ `public: true | false` to indicate whether a service holds public
238
+ blobs or private blobs. Public services will always return a permanent URL.
150
239
 
151
- ## Rails 5.2.0 (April 09, 2018) ##
240
+ Deprecates `Blob#service_url` in favor of `Blob#url`.
152
241
 
153
- * Allow full use of the AWS S3 SDK options for authentication. If an
154
- explicit AWS key pair and/or region is not provided in `storage.yml`,
155
- attempt to use environment variables, shared credentials, or IAM
156
- (instance or task) role credentials. Order of precedence is determined
157
- by the [AWS SDK](https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html).
242
+ *Peter Zhu*
158
243
 
159
- *Brian Knight*
244
+ * Make services aware of configuration names.
160
245
 
161
- * Remove path config option from Azure service.
246
+ *Gannon McGibbon*
162
247
 
163
- The Active Storage service for Azure Storage has an option called `path`
164
- that is ambiguous in meaning. It needs to be set to the primary blob
165
- storage endpoint but that can be determined from the blobs client anyway.
248
+ * The `Content-Type` header is set on image variants when they're uploaded to third-party storage services.
166
249
 
167
- To simplify the configuration, we've removed the `path` option and
168
- now get the endpoint from the blobs client instead.
250
+ *Kyle Ribordy*
169
251
 
170
- Closes #32225.
252
+ * Allow storage services to be configured per attachment.
171
253
 
172
- *Andrew White*
254
+ ```ruby
255
+ class User < ActiveRecord::Base
256
+ has_one_attached :avatar, service: :s3
257
+ end
173
258
 
174
- * Generate root-relative paths in disk service URL methods.
259
+ class Gallery < ActiveRecord::Base
260
+ has_many_attached :photos, service: :s3
261
+ end
262
+ ```
175
263
 
176
- Obviate the disk service's `:host` configuration option.
264
+ *Dmitry Tsepelev*
265
+
266
+ * You can optionally provide a custom blob key when attaching a new file:
267
+
268
+ ```ruby
269
+ user.avatar.attach key: "avatars/#{user.id}.jpg",
270
+ io: io, content_type: "image/jpeg", filename: "avatar.jpg"
271
+ ```
272
+
273
+ Active Storage will store the blob's data on the configured service at the provided key.
177
274
 
178
275
  *George Claghorn*
179
276
 
180
- * Add source code to published npm package.
277
+ * Replace `Blob.create_after_upload!` with `Blob.create_and_upload!` and deprecate the former.
278
+
279
+ `create_after_upload!` has been removed since it could lead to data
280
+ corruption by uploading to a key on the storage service which happened to
281
+ be already taken. Creating the record would then correctly raise a
282
+ database uniqueness exception but the stored object would already have
283
+ overwritten another. `create_and_upload!` swaps the order of operations
284
+ so that the key gets reserved up-front or the uniqueness error gets raised,
285
+ before the upload to a key takes place.
286
+
287
+ *Julik Tarkhanov*
288
+
289
+ * Set content disposition in direct upload using `filename` and `disposition` parameters to `ActiveStorage::Service#headers_for_direct_upload`.
290
+
291
+ *Peter Zhu*
292
+
293
+ * Allow record to be optionally passed to blob finders to make sharding
294
+ easier.
295
+
296
+ *Gannon McGibbon*
297
+
298
+ * Switch from `azure-storage` gem to `azure-storage-blob` gem for Azure service.
299
+
300
+ *Peter Zhu*
181
301
 
182
- This allows activestorage users to depend on the javascript source code
183
- rather than the compiled code, which can produce smaller javascript bundles.
302
+ * Add `config.active_storage.draw_routes` to disable Active Storage routes.
184
303
 
185
- *Richard Macklin*
304
+ *Gannon McGibbon*
186
305
 
187
- * Preserve display aspect ratio when extracting width and height from videos
188
- with rectangular samples in `ActiveStorage::Analyzer::VideoAnalyzer`.
306
+ * Image analysis is skipped if ImageMagick returns an error.
189
307
 
190
- When a video contains a display aspect ratio, emit it in metadata as
191
- `:display_aspect_ratio` rather than the ambiguous `:aspect_ratio`. Compute
192
- its height by scaling its encoded frame width according to the DAR.
308
+ `ActiveStorage::Analyzer::ImageAnalyzer#metadata` would previously raise a
309
+ `MiniMagick::Error`, which caused persistent `ActiveStorage::AnalyzeJob`
310
+ failures. It now logs the error and returns `{}`, resulting in no metadata
311
+ being added to the offending image blob.
193
312
 
194
313
  *George Claghorn*
195
314
 
196
- * Use `after_destroy_commit` instead of `before_destroy` for purging
197
- attachments when a record is destroyed.
315
+ * Method calls on singular attachments return `nil` when no file is attached.
198
316
 
199
- *Hiroki Zenigami*
317
+ Previously, assuming the following User model, `user.avatar.filename` would
318
+ raise a `Module::DelegationError` if no avatar was attached:
200
319
 
201
- * Force `:attachment` disposition for specific, configurable content types.
202
- This mitigates possible security issues such as XSS or phishing when
203
- serving them inline. A list of such content types is included by default,
204
- and can be configured via `content_types_to_serve_as_binary`.
320
+ ```ruby
321
+ class User < ApplicationRecord
322
+ has_one_attached :avatar
323
+ end
324
+ ```
205
325
 
206
- *Rosa Gutierrez*
326
+ They now return `nil`.
207
327
 
208
- * Fix the gem adding the migrations files to the package.
328
+ *Matthew Tanous*
209
329
 
210
- *Yuji Yaginuma*
330
+ * The mirror service supports direct uploads.
331
+
332
+ New files are directly uploaded to the primary service. When a
333
+ directly-uploaded file is attached to a record, a background job is enqueued
334
+ to copy it to each secondary service.
335
+
336
+ Configure the queue used to process mirroring jobs by setting
337
+ `config.active_storage.queues.mirror`. The default is `:active_storage_mirror`.
338
+
339
+ *George Claghorn*
340
+
341
+ * The S3 service now permits uploading files larger than 5 gigabytes.
342
+
343
+ When uploading a file greater than 100 megabytes in size, the service
344
+ transparently switches to [multipart uploads](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html)
345
+ using a part size computed from the file's total size and S3's part count limit.
346
+
347
+ No application changes are necessary to take advantage of this feature. You
348
+ can customize the default 100 MB multipart upload threshold in your S3
349
+ service's configuration:
350
+
351
+ ```yaml
352
+ production:
353
+ service: s3
354
+ access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
355
+ secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
356
+ region: us-east-1
357
+ bucket: my-bucket
358
+ upload:
359
+ multipart_threshold: <%= 250.megabytes %>
360
+ ```
361
+
362
+ *George Claghorn*
211
363
 
212
- * Added to Rails.
213
364
 
214
- *DHH*
365
+ Please check [6-0-stable](https://github.com/rails/rails/blob/6-0-stable/activestorage/CHANGELOG.md) for previous changes.
data/MIT-LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2017-2018 David Heinemeier Hansson, Basecamp
1
+ Copyright (c) 2017-2022 David Heinemeier Hansson, Basecamp
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.md CHANGED
@@ -4,17 +4,21 @@ Active Storage makes it simple to upload and reference files in cloud services l
4
4
 
5
5
  Files can be uploaded from the server to the cloud or directly from the client to the cloud.
6
6
 
7
- Image files can furthermore be transformed using on-demand variants for quality, aspect ratio, size, or any other [MiniMagick](https://github.com/minimagick/minimagick) supported transformation.
7
+ Image files can furthermore be transformed using on-demand variants for quality, aspect ratio, size, or any other [MiniMagick](https://github.com/minimagick/minimagick) or [Vips](https://www.rubydoc.info/gems/ruby-vips/Vips/Image) supported transformation.
8
+
9
+ You can read more about Active Storage in the [Active Storage Overview](https://edgeguides.rubyonrails.org/active_storage_overview.html) guide.
8
10
 
9
11
  ## Compared to other storage solutions
10
12
 
11
- A key difference to how Active Storage works compared to other attachment solutions in Rails is through the use of built-in [Blob](https://github.com/rails/rails/blob/5-2-stable/activestorage/app/models/active_storage/blob.rb) and [Attachment](https://github.com/rails/rails/blob/5-2-stable/activestorage/app/models/active_storage/attachment.rb) models (backed by Active Record). This means existing application models do not need to be modified with additional columns to associate with files. Active Storage uses polymorphic associations via the `Attachment` join model, which then connects to the actual `Blob`.
13
+ A key difference to how Active Storage works compared to other attachment solutions in Rails is through the use of built-in [Blob](https://github.com/rails/rails/blob/main/activestorage/app/models/active_storage/blob.rb) and [Attachment](https://github.com/rails/rails/blob/main/activestorage/app/models/active_storage/attachment.rb) models (backed by Active Record). This means existing application models do not need to be modified with additional columns to associate with files. Active Storage uses polymorphic associations via the `Attachment` join model, which then connects to the actual `Blob`.
12
14
 
13
15
  `Blob` models store attachment metadata (filename, content-type, etc.), and their identifier key in the storage service. Blob models do not store the actual binary data. They are intended to be immutable in spirit. One file, one blob. You can associate the same blob with multiple application models as well. And if you want to do transformations of a given `Blob`, the idea is that you'll simply create a new one, rather than attempt to mutate the existing one (though of course you can delete the previous version later if you don't need it).
14
16
 
15
17
  ## Installation
16
18
 
17
- Run `rails active_storage:install` to copy over active_storage migrations.
19
+ Run `bin/rails active_storage:install` to copy over active_storage migrations.
20
+
21
+ NOTE: If the task cannot be found, verify that `require "active_storage/engine"` is present in `config/application.rb`.
18
22
 
19
23
  ## Examples
20
24
 
@@ -51,7 +55,7 @@ url_for(user.avatar)
51
55
 
52
56
  class AvatarsController < ApplicationController
53
57
  def update
54
- # params[:avatar] contains a ActionDispatch::Http::UploadedFile object
58
+ # params[:avatar] contains an ActionDispatch::Http::UploadedFile object
55
59
  Current.user.avatar.attach(params.require(:avatar))
56
60
  redirect_to Current.user
57
61
  end
@@ -99,7 +103,38 @@ Variation of image attachment:
99
103
 
100
104
  ```erb
101
105
  <%# Hitting the variant URL will lazy transform the original blob and then redirect to its new service location %>
102
- <%= image_tag user.avatar.variant(resize: "100x100") %>
106
+ <%= image_tag user.avatar.variant(resize_to_limit: [100, 100]) %>
107
+ ```
108
+
109
+ ## File serving strategies
110
+
111
+ Active Storage supports two ways to serve files: redirecting and proxying.
112
+
113
+ ### Redirecting
114
+
115
+ Active Storage generates stable application URLs for files which, when accessed, redirect to signed, short-lived service URLs. This relieves application servers of the burden of serving file data. It is the default file serving strategy.
116
+
117
+ When the application is configured to proxy files by default, use the `rails_storage_redirect_path` and `_url` route helpers to redirect instead:
118
+
119
+ ```erb
120
+ <%= image_tag rails_storage_redirect_path(@user.avatar) %>
121
+ ```
122
+
123
+ ### Proxying
124
+
125
+ Optionally, files can be proxied instead. This means that your application servers will download file data from the storage service in response to requests. This can be useful for serving files from a CDN.
126
+
127
+ Explicitly proxy attachments using the `rails_storage_proxy_path` and `_url` route helpers:
128
+
129
+ ```erb
130
+ <%= image_tag rails_storage_proxy_path(@user.avatar) %>
131
+ ```
132
+
133
+ Or configure Active Storage to use proxying by default:
134
+
135
+ ```ruby
136
+ # config/initializers/active_storage.rb
137
+ Rails.application.config.active_storage.resolve_model_to_route = :rails_storage_proxy
103
138
  ```
104
139
 
105
140
  ## Direct uploads
@@ -116,7 +151,7 @@ Active Storage, with its included JavaScript library, supports uploading directl
116
151
  ```
117
152
  Using the npm package:
118
153
  ```js
119
- import * as ActiveStorage from "activestorage"
154
+ import * as ActiveStorage from "@rails/activestorage"
120
155
  ActiveStorage.start()
121
156
  ```
122
157
  2. Annotate file inputs with the direct upload URL.
@@ -148,7 +183,7 @@ Active Storage is released under the [MIT License](https://opensource.org/licens
148
183
 
149
184
  API documentation is at:
150
185
 
151
- * http://api.rubyonrails.org
186
+ * https://api.rubyonrails.org
152
187
 
153
188
  Bug reports for the Ruby on Rails project can be filed here:
154
189
 
@@ -156,4 +191,4 @@ Bug reports for the Ruby on Rails project can be filed here:
156
191
 
157
192
  Feature requests should be discussed on the rails-core mailing list here:
158
193
 
159
- * https://groups.google.com/forum/?fromgroups#!forum/rubyonrails-core
194
+ * https://discuss.rubyonrails.org/c/rubyonrails-core
@@ -550,7 +550,7 @@
550
550
  this.file = file;
551
551
  this.attributes = {
552
552
  filename: file.name,
553
- content_type: file.type,
553
+ content_type: file.type || "application/octet-stream",
554
554
  byte_size: file.size,
555
555
  checksum: checksum
556
556
  };
@@ -560,7 +560,10 @@
560
560
  this.xhr.setRequestHeader("Content-Type", "application/json");
561
561
  this.xhr.setRequestHeader("Accept", "application/json");
562
562
  this.xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest");
563
- this.xhr.setRequestHeader("X-CSRF-Token", getMetaValue("csrf-token"));
563
+ var csrfToken = getMetaValue("csrf-token");
564
+ if (csrfToken != undefined) {
565
+ this.xhr.setRequestHeader("X-CSRF-Token", csrfToken);
566
+ }
564
567
  this.xhr.addEventListener("load", function(event) {
565
568
  return _this.requestDidLoad(event);
566
569
  });
@@ -1,10 +1,19 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- # The base controller for all ActiveStorage controllers.
3
+ # The base class for all Active Storage controllers.
4
4
  class ActiveStorage::BaseController < ActionController::Base
5
+ include ActiveStorage::SetCurrent
6
+
5
7
  protect_from_forgery with: :exception
6
8
 
7
- before_action do
8
- ActiveStorage::Current.host = request.base_url
9
- end
9
+ self.etag_with_template_digest = false
10
+
11
+ private
12
+ def stream(blob)
13
+ blob.download do |chunk|
14
+ response.stream.write chunk
15
+ end
16
+ ensure
17
+ response.stream.close
18
+ end
10
19
  end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Proxy files through application. This avoids having a redirect and makes files easier to cache.
4
+ class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
5
+ include ActiveStorage::SetBlob
6
+ include ActiveStorage::SetHeaders
7
+
8
+ def show
9
+ http_cache_forever public: true do
10
+ set_content_headers_from @blob
11
+ stream @blob
12
+ end
13
+ end
14
+ end
@@ -4,11 +4,11 @@
4
4
  # Note: These URLs are publicly accessible. If you need to enforce access protection beyond the
5
5
  # security-through-obscurity factor of the signed blob references, you'll need to implement your own
6
6
  # authenticated redirection controller.
7
- class ActiveStorage::BlobsController < ActiveStorage::BaseController
7
+ class ActiveStorage::Blobs::RedirectController < ActiveStorage::BaseController
8
8
  include ActiveStorage::SetBlob
9
9
 
10
10
  def show
11
- expires_in ActiveStorage::Blob.service.url_expires_in
12
- redirect_to @blob.service_url(disposition: params[:disposition])
11
+ expires_in ActiveStorage.service_urls_expire_in
12
+ redirect_to @blob.url(disposition: params[:disposition])
13
13
  end
14
14
  end