activestorage 6.0.6.1 → 6.1.7.6

data/app/controllers/active_storage/base_controller.rb

@@ -5,4 +5,15 @@ class ActiveStorage::BaseController < ActionController::Base
   include ActiveStorage::SetCurrent
 
   protect_from_forgery with: :exception
+
+  self.etag_with_template_digest = false
+
+  private
+    def stream(blob)
+      blob.download do |chunk|
+        response.stream.write chunk
+      end
+    ensure
+      response.stream.close
+    end
 end

data/app/controllers/active_storage/blobs/proxy_controller.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+# Proxy files through application. This avoids having a redirect and makes files easier to cache.
+class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
+  include ActiveStorage::SetBlob
+  include ActiveStorage::SetHeaders
+
+  def show
+    http_cache_forever public: true do
+      set_content_headers_from @blob
+      stream @blob
+    end
+  end
+end

data/app/controllers/active_storage/{blobs_controller.rb → blobs/redirect_controller.rb}

@@ -4,11 +4,11 @@
 # Note: These URLs are publicly accessible. If you need to enforce access protection beyond the
 # security-through-obscurity factor of the signed blob references, you'll need to implement your own
 # authenticated redirection controller.
-class ActiveStorage::BlobsController < ActiveStorage::BaseController
+class ActiveStorage::Blobs::RedirectController < ActiveStorage::BaseController
   include ActiveStorage::SetBlob
 
   def show
     expires_in ActiveStorage.service_urls_expire_in
-    redirect_to @blob.service_url(disposition: params[:disposition])
+    redirect_to @blob.url(disposition: params[:disposition])
   end
 end

data/app/controllers/active_storage/direct_uploads_controller.rb

@@ -11,7 +11,7 @@ class ActiveStorage::DirectUploadsController < ActiveStorage::BaseController
 
   private
     def blob_args
-      params.require(:blob).permit(:filename, :byte_size, :checksum, :content_type, :metadata).to_h.symbolize_keys
+      params.require(:blob).permit(:filename, :byte_size, :checksum, :content_type, metadata: {}).to_h.symbolize_keys
     end
 
     def direct_upload_json(blob)

data/app/controllers/active_storage/disk_controller.rb

@@ -5,11 +5,13 @@
 # Always go through the BlobsController, or your own authenticated controller, rather than directly
 # to the service URL.
 class ActiveStorage::DiskController < ActiveStorage::BaseController
+  include ActiveStorage::FileServer
+
   skip_forgery_protection
 
   def show
     if key = decode_verified_key
-      serve_file disk_service.path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
+      serve_file named_disk_service(key[:service_name]).path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
     else
       head :not_found
     end
@@ -20,7 +22,7 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
   def update
     if token = decode_verified_token
       if acceptable_content?(token)
-        disk_service.upload token[:key], request.body, checksum: token[:checksum]
+        named_disk_service(token[:service_name]).upload token[:key], request.body, checksum: token[:checksum]
       else
         head :unprocessable_entity
       end
@@ -32,30 +34,16 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
   end
 
   private
-    def disk_service
-      ActiveStorage::Blob.service
+    def named_disk_service(name)
+      ActiveStorage::Blob.services.fetch(name) do
+        ActiveStorage::Blob.service
+      end
     end
 
-
     def decode_verified_key
       ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
     end
 
-    def serve_file(path, content_type:, disposition:)
-      Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)|
-        self.status = status
-        self.response_body = body
-
-        headers.each do |name, value|
-          response.headers[name] = value
-        end
-
-        response.headers["Content-Type"] = content_type || DEFAULT_SEND_FILE_TYPE
-        response.headers["Content-Disposition"] = disposition || DEFAULT_SEND_FILE_DISPOSITION
-      end
-    end
-
-
     def decode_verified_token
       ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
     end

data/app/controllers/active_storage/representations/base_controller.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class ActiveStorage::Representations::BaseController < ActiveStorage::BaseController #:nodoc:
+  include ActiveStorage::SetBlob
+
+  before_action :set_representation
+
+  private
+    def set_representation
+      @representation = @blob.representation(params[:variation_key]).processed
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      head :not_found
+    end
+end

data/app/controllers/active_storage/representations/proxy_controller.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+# Proxy files through application. This avoids having a redirect and makes files easier to cache.
+class ActiveStorage::Representations::ProxyController < ActiveStorage::Representations::BaseController
+  include ActiveStorage::SetHeaders
+
+  def show
+    http_cache_forever public: true do
+      set_content_headers_from @representation.image
+      stream @representation
+    end
+  end
+end

data/app/controllers/active_storage/{representations_controller.rb → representations/redirect_controller.rb}

@@ -4,11 +4,9 @@
 # Note: These URLs are publicly accessible. If you need to enforce access protection beyond the
 # security-through-obscurity factor of the signed blob and variation reference, you'll need to implement your own
 # authenticated redirection controller.
-class ActiveStorage::RepresentationsController < ActiveStorage::BaseController
-  include ActiveStorage::SetBlob
-
+class ActiveStorage::Representations::RedirectController < ActiveStorage::Representations::BaseController
   def show
     expires_in ActiveStorage.service_urls_expire_in
-    redirect_to @blob.representation(params[:variation_key]).processed.service_url(disposition: params[:disposition])
+    redirect_to @representation.url(disposition: params[:disposition])
   end
 end

data/app/controllers/concerns/active_storage/file_server.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module ActiveStorage::FileServer # :nodoc:
+  private
+    def serve_file(path, content_type:, disposition:)
+      Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)|
+        self.status = status
+        self.response_body = body
+
+        headers.each do |name, value|
+          response.headers[name] = value
+        end
+
+        response.headers["Content-Type"] = content_type || DEFAULT_SEND_FILE_TYPE
+        response.headers["Content-Disposition"] = disposition || DEFAULT_SEND_FILE_DISPOSITION
+      end
+    end
+end

data/app/controllers/concerns/active_storage/set_blob.rb

@@ -9,7 +9,7 @@ module ActiveStorage::SetBlob #:nodoc:
 
   private
     def set_blob
-      @blob = ActiveStorage::Blob.find_signed(params[:signed_blob_id] || params[:signed_id])
+      @blob = ActiveStorage::Blob.find_signed!(params[:signed_blob_id] || params[:signed_id])
     rescue ActiveSupport::MessageVerifier::InvalidSignature
       head :not_found
     end

data/app/controllers/concerns/active_storage/set_current.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
 # Sets the <tt>ActiveStorage::Current.host</tt> attribute, which the disk service uses to generate URLs.
-# Include this concern in custom controllers that call ActiveStorage::Blob#service_url,
-# ActiveStorage::Variant#service_url, or ActiveStorage::Preview#service_url so the disk service can
+# Include this concern in custom controllers that call ActiveStorage::Blob#url,
+# ActiveStorage::Variant#url, or ActiveStorage::Preview#url so the disk service can
 # generate URLs using the same host, protocol, and base path as the current request.
 module ActiveStorage::SetCurrent
   extend ActiveSupport::Concern

data/app/controllers/concerns/active_storage/set_headers.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module ActiveStorage::SetHeaders #:nodoc:
+  extend ActiveSupport::Concern
+
+  private
+    def set_content_headers_from(blob)
+      response.headers["Content-Type"] = blob.content_type_for_serving
+      response.headers["Content-Disposition"] = ActionDispatch::Http::ContentDisposition.format \
+        disposition: blob.forced_disposition_for_serving || params[:disposition] || "inline", filename: blob.filename.sanitized
+    end
+end

data/app/jobs/active_storage/mirror_job.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/object/try"
+
+# Provides asynchronous mirroring of directly-uploaded blobs.
+class ActiveStorage::MirrorJob < ActiveStorage::BaseJob
+  queue_as { ActiveStorage.queues[:mirror] }
+
+  discard_on ActiveStorage::FileNotFoundError
+  retry_on ActiveStorage::IntegrityError, attempts: 10, wait: :exponentially_longer
+
+  def perform(key, checksum:)
+    ActiveStorage::Blob.service.try(:mirror, key, checksum: checksum)
+  end
+end

data/app/models/active_storage/attachment.rb

@@ -5,45 +5,53 @@ require "active_support/core_ext/module/delegation"
 # Attachments associate records with blobs. Usually that's a one record-many blobs relationship,
 # but it is possible to associate many different records with the same blob. A foreign-key constraint
 # on the attachments table prevents blobs from being purged if they’re still attached to any records.
-class ActiveStorage::Attachment < ActiveRecord::Base
+#
+# Attachments also have access to all methods from {ActiveStorage::Blob}[rdoc-ref:ActiveStorage::Blob].
+class ActiveStorage::Attachment < ActiveStorage::Record
   self.table_name = "active_storage_attachments"
 
   belongs_to :record, polymorphic: true, touch: true
-  belongs_to :blob, class_name: "ActiveStorage::Blob"
+  belongs_to :blob, class_name: "ActiveStorage::Blob", autosave: true
 
   delegate_missing_to :blob
+  delegate :signed_id, to: :blob
 
-  after_create_commit :analyze_blob_later, :identify_blob
+  after_create_commit :mirror_blob_later, :analyze_blob_later
   after_destroy_commit :purge_dependent_blob_later
 
   # Synchronously deletes the attachment and {purges the blob}[rdoc-ref:ActiveStorage::Blob#purge].
   def purge
-    delete
+    transaction do
+      delete
+      record&.touch
+    end
     blob&.purge
   end
 
   # Deletes the attachment and {enqueues a background job}[rdoc-ref:ActiveStorage::Blob#purge_later] to purge the blob.
   def purge_later
-    delete
+    transaction do
+      delete
+      record&.touch
+    end
     blob&.purge_later
   end
 
   private
-    def identify_blob
-      blob.identify
-    end
-
     def analyze_blob_later
       blob.analyze_later unless blob.analyzed?
     end
 
+    def mirror_blob_later
+      blob.mirror_later
+    end
+
     def purge_dependent_blob_later
       blob&.purge_later if dependent == :purge_later
     end
 
-
     def dependent
-      record.attachment_reflections[name]&.options[:dependent]
+      record.attachment_reflections[name]&.options&.fetch(:dependent, nil)
     end
 end
 

data/app/models/active_storage/blob/analyzable.rb

@@ -29,12 +29,16 @@ module ActiveStorage::Blob::Analyzable
     update! metadata: metadata.merge(extract_metadata_via_analyzer)
   end
 
-  # Enqueues an ActiveStorage::AnalyzeJob which calls #analyze.
+  # Enqueues an ActiveStorage::AnalyzeJob which calls #analyze, or calls #analyze inline based on analyzer class configuration.
   #
   # This method is automatically called for a blob when it's attached for the first time. You can call it to analyze a blob
   # again (e.g. if you add a new analyzer or modify an existing one).
   def analyze_later
-    ActiveStorage::AnalyzeJob.perform_later(self)
+    if analyzer_class.analyze_later?
+      ActiveStorage::AnalyzeJob.perform_later(self)
+    else
+      analyze
+    end
   end
 
   # Returns true if the blob has been analyzed.

data/app/models/active_storage/blob/identifiable.rb

@@ -2,9 +2,14 @@
 
 module ActiveStorage::Blob::Identifiable
   def identify
+    identify_without_saving
+    save!
+  end
+
+  def identify_without_saving
     unless identified?
-      update! content_type: identify_content_type, identified: true
-      update_service_metadata
+      self.content_type = identify_content_type
+      self.identified = true
     end
   end
 
@@ -24,8 +29,4 @@ module ActiveStorage::Blob::Identifiable
         ""
       end
     end
-
-    def update_service_metadata
-      service.update_metadata key, **service_metadata if service_metadata.any?
-    end
 end

data/app/models/active_storage/blob/representable.rb

@@ -1,16 +1,21 @@
 # frozen_string_literal: true
 
+require "mini_mime"
+
 module ActiveStorage::Blob::Representable
   extend ActiveSupport::Concern
 
   included do
+    has_many :variant_records, class_name: "ActiveStorage::VariantRecord", dependent: false
+    before_destroy { variant_records.destroy_all if ActiveStorage.track_variants }
+
     has_one_attached :preview_image
   end
 
   # Returns an ActiveStorage::Variant instance with the set of +transformations+ provided. This is only relevant for image
   # files, and it allows any image to be transformed for size, colors, and the like. Example:
   #
-  #   avatar.variant(resize_to_limit: [100, 100]).processed.service_url
+  #   avatar.variant(resize_to_limit: [100, 100]).processed.url
   #
   # This will create and process a variant of the avatar blob that's constrained to a height and width of 100px.
   # Then it'll upload said variant to the service according to a derivative key of the blob and the transformations.
@@ -27,7 +32,7 @@ module ActiveStorage::Blob::Representable
   # variable, call ActiveStorage::Blob#variable?.
   def variant(transformations)
     if variable?
-      ActiveStorage::Variant.new(self, transformations)
+      variant_class.new(self, ActiveStorage::Variation.wrap(transformations).default_to(default_variant_transformations))
     else
       raise ActiveStorage::InvariableError
     end
@@ -43,7 +48,7 @@ module ActiveStorage::Blob::Representable
   # from a non-image blob. Active Storage comes with built-in previewers for videos and PDF documents. The video previewer
   # extracts the first frame from a video and the PDF previewer extracts the first page from a PDF document.
   #
-  #   blob.preview(resize_to_limit: [100, 100]).processed.service_url
+  #   blob.preview(resize_to_limit: [100, 100]).processed.url
   #
   # Avoid processing previews synchronously in views. Instead, link to a controller action that processes them on demand.
   # Active Storage provides one, but you may want to create your own (for example, if you need authentication). Here’s
@@ -69,7 +74,7 @@ module ActiveStorage::Blob::Representable
 
   # Returns an ActiveStorage::Preview for a previewable blob or an ActiveStorage::Variant for a variable image blob.
   #
-  #   blob.representation(resize_to_limit: [100, 100]).processed.service_url
+  #   blob.representation(resize_to_limit: [100, 100]).processed.url
   #
   # Raises ActiveStorage::UnrepresentableError if the receiving blob is neither variable nor previewable. Call
   # ActiveStorage::Blob#representable? to determine whether a blob is representable.
@@ -90,4 +95,29 @@ module ActiveStorage::Blob::Representable
   def representable?
     variable? || previewable?
   end
+
+  private
+    def default_variant_transformations
+      { format: default_variant_format }
+    end
+
+    def default_variant_format
+      if web_image?
+        format || :png
+      else
+        :png
+      end
+    end
+
+    def format
+      if filename.extension.present? && MiniMime.lookup_by_extension(filename.extension)&.content_type == content_type
+        filename.extension
+      else
+        MiniMime.lookup_by_content_type(content_type)&.extension
+      end
+    end
+
+    def variant_class
+      ActiveStorage.track_variants ? ActiveStorage::VariantWithRecord : ActiveStorage::Variant
+    end
 end