activestorage 6.0.5 → 6.1.0.rc1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activestorage might be problematic. Click here for more details.

Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +137 -233
  3. data/MIT-LICENSE +1 -1
  4. data/README.md +36 -4
  5. data/app/controllers/active_storage/base_controller.rb +11 -0
  6. data/app/controllers/active_storage/blobs/proxy_controller.rb +14 -0
  7. data/app/controllers/active_storage/{blobs_controller.rb → blobs/redirect_controller.rb} +2 -2
  8. data/app/controllers/active_storage/disk_controller.rb +8 -20
  9. data/app/controllers/active_storage/representations/proxy_controller.rb +19 -0
  10. data/app/controllers/active_storage/{representations_controller.rb → representations/redirect_controller.rb} +2 -2
  11. data/app/controllers/concerns/active_storage/file_server.rb +18 -0
  12. data/app/controllers/concerns/active_storage/set_blob.rb +1 -1
  13. data/app/controllers/concerns/active_storage/set_current.rb +2 -2
  14. data/app/controllers/concerns/active_storage/set_headers.rb +12 -0
  15. data/app/jobs/active_storage/mirror_job.rb +15 -0
  16. data/app/models/active_storage/attachment.rb +18 -10
  17. data/app/models/active_storage/blob/analyzable.rb +6 -2
  18. data/app/models/active_storage/blob/identifiable.rb +7 -6
  19. data/app/models/active_storage/blob/representable.rb +34 -4
  20. data/app/models/active_storage/blob.rb +114 -57
  21. data/app/models/active_storage/preview.rb +31 -10
  22. data/app/models/active_storage/record.rb +7 -0
  23. data/app/models/active_storage/variant.rb +28 -41
  24. data/app/models/active_storage/variant_record.rb +8 -0
  25. data/app/models/active_storage/variant_with_record.rb +54 -0
  26. data/app/models/active_storage/variation.rb +25 -20
  27. data/config/routes.rb +58 -8
  28. data/db/migrate/20170806125915_create_active_storage_tables.rb +14 -5
  29. data/db/update_migrate/20190112182829_add_service_name_to_active_storage_blobs.rb +17 -0
  30. data/db/update_migrate/20191206030411_create_active_storage_variant_records.rb +11 -0
  31. data/lib/active_storage/analyzer/image_analyzer.rb +3 -0
  32. data/lib/active_storage/analyzer/null_analyzer.rb +4 -0
  33. data/lib/active_storage/analyzer/video_analyzer.rb +14 -3
  34. data/lib/active_storage/analyzer.rb +6 -0
  35. data/lib/active_storage/attached/changes/create_many.rb +1 -0
  36. data/lib/active_storage/attached/changes/create_one.rb +17 -4
  37. data/lib/active_storage/attached/many.rb +4 -3
  38. data/lib/active_storage/attached/model.rb +49 -10
  39. data/lib/active_storage/attached/one.rb +4 -3
  40. data/lib/active_storage/engine.rb +25 -43
  41. data/lib/active_storage/gem_version.rb +3 -3
  42. data/lib/active_storage/log_subscriber.rb +6 -0
  43. data/lib/active_storage/previewer/mupdf_previewer.rb +3 -3
  44. data/lib/active_storage/previewer/poppler_pdf_previewer.rb +2 -2
  45. data/lib/active_storage/previewer/video_previewer.rb +2 -2
  46. data/lib/active_storage/previewer.rb +3 -2
  47. data/lib/active_storage/service/azure_storage_service.rb +40 -35
  48. data/lib/active_storage/service/configurator.rb +3 -1
  49. data/lib/active_storage/service/disk_service.rb +36 -31
  50. data/lib/active_storage/service/gcs_service.rb +18 -16
  51. data/lib/active_storage/service/mirror_service.rb +31 -7
  52. data/lib/active_storage/service/registry.rb +32 -0
  53. data/lib/active_storage/service/s3_service.rb +51 -23
  54. data/lib/active_storage/service.rb +35 -7
  55. data/lib/active_storage/transformers/image_processing_transformer.rb +13 -365
  56. data/lib/active_storage/transformers/transformer.rb +0 -3
  57. data/lib/active_storage.rb +9 -8
  58. metadata +60 -25
  59. data/db/update_migrate/20180723000244_add_foreign_key_constraint_to_active_storage_attachments_for_blob_id.rb +0 -9
  60. data/lib/active_storage/downloading.rb +0 -47
  61. data/lib/active_storage/transformers/mini_magick_transformer.rb +0 -38
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bd3cf559862953e937b19563243486f306b89f816316d16bf8079957f26e9008
4
- data.tar.gz: 671cc04f5303e89446b345b514e4ac3e22350fb12e36af63bfacf6864bf38d49
3
+ metadata.gz: 2b5828c669886bb3073bc9a325644f70785b9e7432fe34bf609369ae854472d1
4
+ data.tar.gz: c20c99725925af7c67f86c4ad99fcc5add79a4c373db3c1d5ae6fe4c2b1a893b
5
5
  SHA512:
6
- metadata.gz: 00474cdd28e40432cb578ac724daac1eb0f081e56829ba9ebd1efaa95252225a3bff45eb23821ccea94755e29b827ee67d344d20f6c0a63283a663858065e29f
7
- data.tar.gz: ba829ae20c51c4e355d9d2bb179965426e8c464d5445cbbea25bac0b4385669365a3f1d0e08ff3b0a1d47cefdd8ccfb0f12b422e50c8733aeb0e282d300547eb
6
+ metadata.gz: 7d0adc41784932bd392d92f120fadea916633ccf659a2b2d5d3b6a305eee2ca093a6d82045e322b40a5d6349cfeae880db08c87f1972bb40e954f52dd1457c45
7
+ data.tar.gz: adf193c0617237b63aaf251b0e0fe8ec0e48da5b3dc47d8a6e60a5b91ea976d3a205dd990a0a2b20d65bd21b70dc5eccbaed0a512a86c03445be84811fa5deda
data/CHANGELOG.md CHANGED
@@ -1,54 +1,24 @@
1
- ## Rails 6.0.5 (May 09, 2022) ##
1
+ ## Rails 6.1.0.rc1 (November 02, 2020) ##
2
2
 
3
- * No changes.
3
+ * Remove deprecated support to pass `:combine_options` operations to `ActiveStorage::Transformers::ImageProcessing`.
4
4
 
5
+ *Rafael Mendonça França*
5
6
 
6
- ## Rails 6.0.4.8 (April 26, 2022) ##
7
+ * Remove deprecated `ActiveStorage::Transformers::MiniMagickTransformer`.
7
8
 
8
- * No changes.
9
+ *Rafael Mendonça França*
9
10
 
11
+ * Remove deprecated `config.active_storage.queue`.
10
12
 
11
- ## Rails 6.0.4.7 (March 08, 2022) ##
13
+ *Rafael Mendonça França*
12
14
 
13
- * Added image transformation validation via configurable allow-list.
14
-
15
- Variant now offers a configurable allow-list for
16
- transformation methods in addition to a configurable deny-list for arguments.
17
-
18
- [CVE-2022-21831]
15
+ * Remove deprecated `ActiveStorage::Downloading`.
19
16
 
17
+ *Rafael Mendonça França*
20
18
 
21
- ## Rails 6.0.4.6 (February 11, 2022) ##
19
+ * Add per-environment configuration support
22
20
 
23
- * No changes.
24
-
25
-
26
- ## Rails 6.0.4.5 (February 11, 2022) ##
27
-
28
- * No changes.
29
-
30
-
31
- ## Rails 6.0.4.4 (December 15, 2021) ##
32
-
33
- * No changes.
34
-
35
-
36
- ## Rails 6.0.4.3 (December 14, 2021) ##
37
-
38
- * No changes.
39
-
40
-
41
- ## Rails 6.0.4.2 (December 14, 2021) ##
42
-
43
- * No changes.
44
-
45
-
46
- ## Rails 6.0.4.1 (August 19, 2021) ##
47
-
48
- * No changes.
49
-
50
-
51
- ## Rails 6.0.4 (June 15, 2021) ##
21
+ *Pietro Moro*
52
22
 
53
23
  * The Poppler PDF previewer renders a preview image using the original
54
24
  document's crop box rather than its media box, hiding print margins. This
@@ -56,273 +26,207 @@
56
26
 
57
27
  *Vincent Robert*
58
28
 
29
+ * Touch parent model when an attachment is purged.
59
30
 
60
- ## Rails 6.0.3.7 (May 05, 2021) ##
61
-
62
- * No changes.
63
-
64
-
65
- ## Rails 6.0.3.6 (March 26, 2021) ##
31
+ *Víctor Pérez Rodríguez*
66
32
 
67
- * Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
68
- mime types data.
69
-
70
- *George Claghorn*
71
-
72
-
73
- ## Rails 6.0.3.5 (February 10, 2021) ##
74
-
75
- * No changes.
76
-
77
-
78
- ## Rails 6.0.3.4 (October 07, 2020) ##
79
-
80
- * No changes.
81
-
82
-
83
- ## Rails 6.0.3.3 (September 09, 2020) ##
84
-
85
- * No changes.
33
+ * Files can now be served by proxying them from the underlying storage service
34
+ instead of redirecting to a signed service URL. Use the
35
+ `rails_storage_proxy_path` and `_url` helpers to proxy an attached file:
86
36
 
37
+ ```erb
38
+ <%= image_tag rails_storage_proxy_path(@user.avatar) %>
39
+ ```
87
40
 
88
- ## Rails 6.0.3.2 (June 17, 2020) ##
41
+ To proxy by default, set `config.active_storage.resolve_model_to_route`:
89
42
 
90
- * No changes.
43
+ ```ruby
44
+ # Proxy attached files instead.
45
+ config.active_storage.resolve_model_to_route = :rails_storage_proxy
46
+ ```
91
47
 
48
+ ```erb
49
+ <%= image_tag @user.avatar %>
50
+ ```
92
51
 
93
- ## Rails 6.0.3.1 (May 18, 2020) ##
52
+ To redirect to a signed service URL when the default file serving strategy
53
+ is set to proxying, use the `rails_storage_redirect_path` and `_url` helpers:
94
54
 
95
- * [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
55
+ ```erb
56
+ <%= image_tag rails_storage_redirect_path(@user.avatar) %>
57
+ ```
96
58
 
59
+ *Jonathan Fleckenstein*
97
60
 
98
- ## Rails 6.0.3 (May 06, 2020) ##
61
+ * Add `config.active_storage.web_image_content_types` to allow applications
62
+ to add content types (like `image/webp`) in which variants can be processed,
63
+ instead of letting those images be converted to the fallback PNG format.
99
64
 
100
- * No changes.
65
+ *Jeroen van Haperen*
101
66
 
67
+ * Add support for creating variants of `WebP` images out of the box.
102
68
 
103
- ## Rails 6.0.2.2 (March 19, 2020) ##
69
+ *Dino Maric*
104
70
 
105
- * No changes.
71
+ * Only enqueue analysis jobs for blobs with non-null analyzer classes.
106
72
 
73
+ *Gannon McGibbon*
107
74
 
108
- ## Rails 6.0.2.1 (December 18, 2019) ##
75
+ * Previews are created on the same service as the original blob.
109
76
 
110
- * No changes.
77
+ *Peter Zhu*
111
78
 
79
+ * Remove unused `disposition` and `content_type` query parameters for `DiskService`.
112
80
 
113
- ## Rails 6.0.2 (December 13, 2019) ##
81
+ *Peter Zhu*
114
82
 
115
- * No changes.
83
+ * Use `DiskController` for both public and private files.
116
84
 
85
+ `DiskController` is able to handle multiple services by adding a
86
+ `service_name` field in the generated URL in `DiskService`.
117
87
 
118
- ## Rails 6.0.1 (November 5, 2019) ##
88
+ *Peter Zhu*
119
89
 
120
- * `ActiveStorage::AnalyzeJob`s are discarded on `ActiveRecord::RecordNotFound` errors.
90
+ * Variants are tracked in the database to avoid existence checks in the storage service.
121
91
 
122
92
  *George Claghorn*
123
93
 
124
- * Blobs are recorded in the database before being uploaded to the service.
125
- This fixes that generated blob keys could silently collide, leading to
126
- data loss.
127
-
128
- *Julik Tarkhanov*
129
-
94
+ * Deprecate `service_url` methods in favour of `url`.
130
95
 
131
- ## Rails 6.0.0 (August 16, 2019) ##
96
+ Deprecate `Variant#service_url` and `Preview#service_url` to instead use
97
+ `#url` method to be consistent with `Blob`.
132
98
 
133
- * No changes.
99
+ *Peter Zhu*
134
100
 
101
+ * Permanent URLs for public storage blobs.
135
102
 
136
- ## Rails 6.0.0.rc2 (July 22, 2019) ##
103
+ Services can be configured in `config/storage.yml` with a new key
104
+ `public: true | false` to indicate whether a service holds public
105
+ blobs or private blobs. Public services will always return a permanent URL.
137
106
 
138
- * No changes.
107
+ Deprecates `Blob#service_url` in favor of `Blob#url`.
139
108
 
109
+ *Peter Zhu*
140
110
 
141
- ## Rails 6.0.0.rc1 (April 24, 2019) ##
111
+ * Make services aware of configuration names.
142
112
 
143
- * Don't raise when analyzing an image whose type is unsupported by ImageMagick.
113
+ *Gannon McGibbon*
144
114
 
145
- Fixes #36065.
115
+ * The `Content-Type` header is set on image variants when they're uploaded to third-party storage services.
146
116
 
147
- *Guilherme Mansur*
117
+ *Kyle Ribordy*
148
118
 
149
- * Permit generating variants of BMP images.
119
+ * Allow storage services to be configured per attachment.
150
120
 
151
- *Younes Serraj*
152
-
153
-
154
- ## Rails 6.0.0.beta3 (March 11, 2019) ##
155
-
156
- * No changes.
157
-
158
-
159
- ## Rails 6.0.0.beta2 (February 25, 2019) ##
160
-
161
- * No changes.
162
-
163
-
164
- ## Rails 6.0.0.beta1 (January 18, 2019) ##
121
+ ```ruby
122
+ class User < ActiveRecord::Base
123
+ has_one_attached :avatar, service: :s3
124
+ end
165
125
 
166
- * [Rename npm package](https://github.com/rails/rails/pull/34905) from
167
- [`activestorage`](https://www.npmjs.com/package/activestorage) to
168
- [`@rails/activestorage`](https://www.npmjs.com/package/@rails/activestorage).
126
+ class Gallery < ActiveRecord::Base
127
+ has_many_attached :photos, service: :s3
128
+ end
129
+ ```
169
130
 
170
- *Javan Makhmali*
131
+ *Dmitry Tsepelev*
171
132
 
172
- * Replace `config.active_storage.queue` with two options that indicate which
173
- queues analysis and purge jobs should use, respectively:
133
+ * You can optionally provide a custom blob key when attaching a new file:
174
134
 
175
- * `config.active_storage.queues.analysis`
176
- * `config.active_storage.queues.purge`
135
+ ```ruby
136
+ user.avatar.attach key: "avatars/#{user.id}.jpg",
137
+ io: io, content_type: "image/jpeg", filename: "avatar.jpg"
138
+ ```
177
139
 
178
- `config.active_storage.queue` is preferred over the new options when it's
179
- set, but it is deprecated and will be removed in Rails 6.1.
140
+ Active Storage will store the blob's data on the configured service at the provided key.
180
141
 
181
142
  *George Claghorn*
182
143
 
183
- * Permit generating variants of TIFF images.
184
-
185
- *Luciano Sousa*
144
+ * Replace `Blob.create_after_upload!` with `Blob.create_and_upload!` and deprecate the former.
186
145
 
187
- * Use base36 (all lowercase) for all new Blob keys to prevent
188
- collisions and undefined behavior with case-insensitive filesystems and
189
- database indices.
146
+ `create_after_upload!` has been removed since it could lead to data
147
+ corruption by uploading to a key on the storage service which happened to
148
+ be already taken. Creating the record would then correctly raise a
149
+ database uniqueness exception but the stored object would already have
150
+ overwritten another. `create_and_upload!` swaps the order of operations
151
+ so that the key gets reserved up-front or the uniqueness error gets raised,
152
+ before the upload to a key takes place.
190
153
 
191
154
  *Julik Tarkhanov*
192
155
 
193
- * It doesn’t include an `X-CSRF-Token` header if a meta tag is not found on
194
- the page. It previously included one with a value of `undefined`.
195
-
196
- *Cameron Bothner*
197
-
198
- * Fix `ArgumentError` when uploading to amazon s3
156
+ * Set content disposition in direct upload using `filename` and `disposition` parameters to `ActiveStorage::Service#headers_for_direct_upload`.
199
157
 
200
- *Hiroki Sanpei*
158
+ *Peter Zhu*
201
159
 
202
- * Add progressive JPG to default list of variable content types
160
+ * Allow record to be optionally passed to blob finders to make sharding
161
+ easier.
203
162
 
204
- *Maurice Kühlborn*
163
+ *Gannon McGibbon*
205
164
 
206
- * Add `ActiveStorage.routes_prefix` for configuring generated routes.
165
+ * Switch from `azure-storage` gem to `azure-storage-blob` gem for Azure service.
207
166
 
208
- *Chris Bisnett*
167
+ *Peter Zhu*
209
168
 
210
- * `ActiveStorage::Service::AzureStorageService` only handles specifically
211
- relevant types of `Azure::Core::Http::HTTPError`. It previously obscured
212
- other types of `HTTPError`, which is the azure-storage gem’s catch-all
213
- exception class.
169
+ * Add `config.active_storage.draw_routes` to disable Active Storage routes.
214
170
 
215
- *Cameron Bothner*
171
+ *Gannon McGibbon*
216
172
 
217
- * `ActiveStorage::DiskController#show` generates a 404 Not Found response when
218
- the requested file is missing from the disk service. It previously raised
219
- `Errno::ENOENT`.
173
+ * Image analysis is skipped if ImageMagick returns an error.
220
174
 
221
- *Cameron Bothner*
222
-
223
- * `ActiveStorage::Blob#download` and `ActiveStorage::Blob#open` raise
224
- `ActiveStorage::FileNotFoundError` when the corresponding file is missing
225
- from the storage service. Services translate service-specific missing object
226
- exceptions (e.g. `Google::Cloud::NotFoundError` for the GCS service and
227
- `Errno::ENOENT` for the disk service) into
228
- `ActiveStorage::FileNotFoundError`.
229
-
230
- *Cameron Bothner*
231
-
232
- * Added the `ActiveStorage::SetCurrent` concern for custom Active Storage
233
- controllers that can't inherit from `ActiveStorage::BaseController`.
175
+ `ActiveStorage::Analyzer::ImageAnalyzer#metadata` would previously raise a
176
+ `MiniMagick::Error`, which caused persistent `ActiveStorage::AnalyzeJob`
177
+ failures. It now logs the error and returns `{}`, resulting in no metadata
178
+ being added to the offending image blob.
234
179
 
235
180
  *George Claghorn*
236
181
 
237
- * Active Storage error classes like `ActiveStorage::IntegrityError` and
238
- `ActiveStorage::UnrepresentableError` now inherit from `ActiveStorage::Error`
239
- instead of `StandardError`. This permits rescuing `ActiveStorage::Error` to
240
- handle all Active Storage errors.
241
-
242
- *Andrei Makarov*, *George Claghorn*
243
-
244
- * Uploaded files assigned to a record are persisted to storage when the record
245
- is saved instead of immediately.
182
+ * Method calls on singular attachments return `nil` when no file is attached.
246
183
 
247
- In Rails 5.2, the following causes an uploaded file in `params[:avatar]` to
248
- be stored:
184
+ Previously, assuming the following User model, `user.avatar.filename` would
185
+ raise a `Module::DelegationError` if no avatar was attached:
249
186
 
250
187
  ```ruby
251
- @user.avatar = params[:avatar]
188
+ class User < ApplicationRecord
189
+ has_one_attached :avatar
190
+ end
252
191
  ```
253
192
 
254
- In Rails 6, the uploaded file is stored when `@user` is successfully saved.
193
+ They now return `nil`.
255
194
 
256
- *George Claghorn*
257
-
258
- * Add the ability to reflect on defined attachments using the existing
259
- ActiveRecord reflection mechanism.
260
-
261
- *Kevin Deisz*
262
-
263
- * Variant arguments of `false` or `nil` will no longer be passed to the
264
- processor. For example, the following will not have the monochrome
265
- variation applied:
266
-
267
- ```ruby
268
- avatar.variant(monochrome: false)
269
- ```
270
-
271
- *Jacob Smith*
195
+ *Matthew Tanous*
272
196
 
273
- * Generated attachment getter and setter methods are created
274
- within the model's `GeneratedAssociationMethods` module to
275
- allow overriding and composition using `super`.
197
+ * The mirror service supports direct uploads.
276
198
 
277
- *Josh Susser*, *Jamon Douglas*
199
+ New files are directly uploaded to the primary service. When a
200
+ directly-uploaded file is attached to a record, a background job is enqueued
201
+ to copy it to each secondary service.
278
202
 
279
- * Add `ActiveStorage::Blob#open`, which downloads a blob to a tempfile on disk
280
- and yields the tempfile. Deprecate `ActiveStorage::Downloading`.
203
+ Configure the queue used to process mirroring jobs by setting
204
+ `config.active_storage.queues.mirror`. The default is `:active_storage_mirror`.
281
205
 
282
- *David Robertson*, *George Claghorn*
283
-
284
- * Pass in `identify: false` as an argument when providing a `content_type` for
285
- `ActiveStorage::Attached::{One,Many}#attach` to bypass automatic content
286
- type inference. For example:
206
+ *George Claghorn*
287
207
 
288
- ```ruby
289
- @message.image.attach(
290
- io: File.open('/path/to/file'),
291
- filename: 'file.pdf',
292
- content_type: 'application/pdf',
293
- identify: false
294
- )
208
+ * The S3 service now permits uploading files larger than 5 gigabytes.
209
+
210
+ When uploading a file greater than 100 megabytes in size, the service
211
+ transparently switches to [multipart uploads](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html)
212
+ using a part size computed from the file's total size and S3's part count limit.
213
+
214
+ No application changes are necessary to take advantage of this feature. You
215
+ can customize the default 100 MB multipart upload threshold in your S3
216
+ service's configuration:
217
+
218
+ ```yaml
219
+ production:
220
+ service: s3
221
+ access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
222
+ secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
223
+ region: us-east-1
224
+ bucket: my-bucket
225
+ upload:
226
+ multipart_threshold: <%= 250.megabytes %>
295
227
  ```
296
228
 
297
- *Ryan Davidson*
298
-
299
- * The Google Cloud Storage service properly supports streaming downloads.
300
- It now requires version 1.11 or newer of the google-cloud-storage gem.
301
-
302
229
  *George Claghorn*
303
230
 
304
- * Use the [ImageProcessing](https://github.com/janko-m/image_processing) gem
305
- for Active Storage variants, and deprecate the MiniMagick backend.
306
-
307
- This means that variants are now automatically oriented if the original
308
- image was rotated. Also, in addition to the existing ImageMagick
309
- operations, variants can now use `:resize_to_fit`, `:resize_to_fill`, and
310
- other ImageProcessing macros. These are now recommended over raw `:resize`,
311
- as they also sharpen the thumbnail after resizing.
312
-
313
- The ImageProcessing gem also comes with a backend implemented on
314
- [libvips](http://jcupitt.github.io/libvips/), an alternative to
315
- ImageMagick which has significantly better performance than
316
- ImageMagick in most cases, both in terms of speed and memory usage. In
317
- Active Storage it's now possible to switch to the libvips backend by
318
- changing `Rails.application.config.active_storage.variant_processor` to
319
- `:vips`.
320
-
321
- *Janko Marohnić*
322
-
323
- * Rails 6 requires Ruby 2.5.0 or newer.
324
-
325
- *Jeremy Daer*, *Kasper Timm Hansen*
326
-
327
231
 
328
- Please check [5-2-stable](https://github.com/rails/rails/blob/5-2-stable/activestorage/CHANGELOG.md) for previous changes.
232
+ Please check [6-0-stable](https://github.com/rails/rails/blob/6-0-stable/activestorage/CHANGELOG.md) for previous changes.
data/MIT-LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2017-2019 David Heinemeier Hansson, Basecamp
1
+ Copyright (c) 2017-2020 David Heinemeier Hansson, Basecamp
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.md CHANGED
@@ -10,13 +10,13 @@ You can read more about Active Storage in the [Active Storage Overview](https://
10
10
 
11
11
  ## Compared to other storage solutions
12
12
 
13
- A key difference to how Active Storage works compared to other attachment solutions in Rails is through the use of built-in [Blob](https://github.com/rails/rails/blob/main/activestorage/app/models/active_storage/blob.rb) and [Attachment](https://github.com/rails/rails/blob/main/activestorage/app/models/active_storage/attachment.rb) models (backed by Active Record). This means existing application models do not need to be modified with additional columns to associate with files. Active Storage uses polymorphic associations via the `Attachment` join model, which then connects to the actual `Blob`.
13
+ A key difference to how Active Storage works compared to other attachment solutions in Rails is through the use of built-in [Blob](https://github.com/rails/rails/blob/master/activestorage/app/models/active_storage/blob.rb) and [Attachment](https://github.com/rails/rails/blob/master/activestorage/app/models/active_storage/attachment.rb) models (backed by Active Record). This means existing application models do not need to be modified with additional columns to associate with files. Active Storage uses polymorphic associations via the `Attachment` join model, which then connects to the actual `Blob`.
14
14
 
15
15
  `Blob` models store attachment metadata (filename, content-type, etc.), and their identifier key in the storage service. Blob models do not store the actual binary data. They are intended to be immutable in spirit. One file, one blob. You can associate the same blob with multiple application models as well. And if you want to do transformations of a given `Blob`, the idea is that you'll simply create a new one, rather than attempt to mutate the existing one (though of course you can delete the previous version later if you don't need it).
16
16
 
17
17
  ## Installation
18
18
 
19
- Run `rails active_storage:install` to copy over active_storage migrations.
19
+ Run `bin/rails active_storage:install` to copy over active_storage migrations.
20
20
 
21
21
  NOTE: If the task cannot be found, verify that `require "active_storage/engine"` is present in `config/application.rb`.
22
22
 
@@ -55,7 +55,7 @@ url_for(user.avatar)
55
55
 
56
56
  class AvatarsController < ApplicationController
57
57
  def update
58
- # params[:avatar] contains a ActionDispatch::Http::UploadedFile object
58
+ # params[:avatar] contains an ActionDispatch::Http::UploadedFile object
59
59
  Current.user.avatar.attach(params.require(:avatar))
60
60
  redirect_to Current.user
61
61
  end
@@ -106,6 +106,37 @@ Variation of image attachment:
106
106
  <%= image_tag user.avatar.variant(resize_to_limit: [100, 100]) %>
107
107
  ```
108
108
 
109
+ ## File serving strategies
110
+
111
+ Active Storage supports two ways to serve files: redirecting and proxying.
112
+
113
+ ### Redirecting
114
+
115
+ Active Storage generates stable application URLs for files which, when accessed, redirect to signed, short-lived service URLs. This relieves application servers of the burden of serving file data. It is the default file serving strategy.
116
+
117
+ When the application is configured to proxy files by default, use the `rails_storage_redirect_path` and `_url` route helpers to redirect instead:
118
+
119
+ ```erb
120
+ <%= image_tag rails_storage_redirect_path(@user.avatar) %>
121
+ ```
122
+
123
+ ### Proxying
124
+
125
+ Optionally, files can be proxied instead. This means that your application servers will download file data from the storage service in response to requests. This can be useful for serving files from a CDN.
126
+
127
+ Explicitly proxy attachments using the `rails_storage_proxy_path` and `_url` route helpers:
128
+
129
+ ```erb
130
+ <%= image_tag rails_storage_proxy_path(@user.avatar) %>
131
+ ```
132
+
133
+ Or configure Active Storage to use proxying by default:
134
+
135
+ ```ruby
136
+ # config/initializers/active_storage.rb
137
+ Rails.application.config.active_storage.resolve_model_to_route = :rails_storage_proxy
138
+ ```
139
+
109
140
  ## Direct uploads
110
141
 
111
142
  Active Storage, with its included JavaScript library, supports uploading directly from the client to the cloud.
@@ -120,7 +151,8 @@ Active Storage, with its included JavaScript library, supports uploading directl
120
151
  ```
121
152
  Using the npm package:
122
153
  ```js
123
- require("@rails/activestorage").start()
154
+ import * as ActiveStorage from "@rails/activestorage"
155
+ ActiveStorage.start()
124
156
  ```
125
157
  2. Annotate file inputs with the direct upload URL.
126
158
 
@@ -5,4 +5,15 @@ class ActiveStorage::BaseController < ActionController::Base
5
5
  include ActiveStorage::SetCurrent
6
6
 
7
7
  protect_from_forgery with: :exception
8
+
9
+ self.etag_with_template_digest = false
10
+
11
+ private
12
+ def stream(blob)
13
+ blob.download do |chunk|
14
+ response.stream.write chunk
15
+ end
16
+ ensure
17
+ response.stream.close
18
+ end
8
19
  end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Proxy files through application. This avoids having a redirect and makes files easier to cache.
4
+ class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
5
+ include ActiveStorage::SetBlob
6
+ include ActiveStorage::SetHeaders
7
+
8
+ def show
9
+ http_cache_forever public: true do
10
+ set_content_headers_from @blob
11
+ stream @blob
12
+ end
13
+ end
14
+ end
@@ -4,11 +4,11 @@
4
4
  # Note: These URLs are publicly accessible. If you need to enforce access protection beyond the
5
5
  # security-through-obscurity factor of the signed blob references, you'll need to implement your own
6
6
  # authenticated redirection controller.
7
- class ActiveStorage::BlobsController < ActiveStorage::BaseController
7
+ class ActiveStorage::Blobs::RedirectController < ActiveStorage::BaseController
8
8
  include ActiveStorage::SetBlob
9
9
 
10
10
  def show
11
11
  expires_in ActiveStorage.service_urls_expire_in
12
- redirect_to @blob.service_url(disposition: params[:disposition])
12
+ redirect_to @blob.url(disposition: params[:disposition])
13
13
  end
14
14
  end
@@ -5,11 +5,13 @@
5
5
  # Always go through the BlobsController, or your own authenticated controller, rather than directly
6
6
  # to the service URL.
7
7
  class ActiveStorage::DiskController < ActiveStorage::BaseController
8
+ include ActiveStorage::FileServer
9
+
8
10
  skip_forgery_protection
9
11
 
10
12
  def show
11
13
  if key = decode_verified_key
12
- serve_file disk_service.path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
14
+ serve_file named_disk_service(key[:service_name]).path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
13
15
  else
14
16
  head :not_found
15
17
  end
@@ -20,7 +22,7 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
20
22
  def update
21
23
  if token = decode_verified_token
22
24
  if acceptable_content?(token)
23
- disk_service.upload token[:key], request.body, checksum: token[:checksum]
25
+ named_disk_service(token[:service_name]).upload token[:key], request.body, checksum: token[:checksum]
24
26
  else
25
27
  head :unprocessable_entity
26
28
  end
@@ -32,30 +34,16 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
32
34
  end
33
35
 
34
36
  private
35
- def disk_service
36
- ActiveStorage::Blob.service
37
+ def named_disk_service(name)
38
+ ActiveStorage::Blob.services.fetch(name) do
39
+ ActiveStorage::Blob.service
40
+ end
37
41
  end
38
42
 
39
-
40
43
  def decode_verified_key
41
44
  ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
42
45
  end
43
46
 
44
- def serve_file(path, content_type:, disposition:)
45
- Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)|
46
- self.status = status
47
- self.response_body = body
48
-
49
- headers.each do |name, value|
50
- response.headers[name] = value
51
- end
52
-
53
- response.headers["Content-Type"] = content_type || DEFAULT_SEND_FILE_TYPE
54
- response.headers["Content-Disposition"] = disposition || DEFAULT_SEND_FILE_DISPOSITION
55
- end
56
- end
57
-
58
-
59
47
  def decode_verified_token
60
48
  ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
61
49
  end