activestorage 6.1.4.1 → 7.0.0.alpha1

data/lib/active_storage/attached/one.rb

@@ -3,6 +3,25 @@
 module ActiveStorage
   # Representation of a single attachment to a model.
   class Attached::One < Attached
+    ##
+    # :method: purge
+    #
+    # Directly purges the attachment (i.e. destroys the blob and
+    # attachment and deletes the file on the service).
+    delegate :purge, to: :purge_one
+
+    ##
+    # :method: purge_later
+    #
+    # Purges the attachment through the queuing system.
+    delegate :purge_later, to: :purge_one
+
+    ##
+    # :method: detach
+    #
+    # Deletes the attachment without purging it, leaving its blob in place.
+    delegate :detach, to: :detach_one
+
     delegate_missing_to :attachment, allow_nil: true
 
     # Returns the associated attachment record.
@@ -13,6 +32,13 @@ module ActiveStorage
       change.present? ? change.attachment : record.public_send("#{name}_attachment")
     end
 
+    # Returns +true+ if an attachment is not attached.
+    #
+    #   class User < ApplicationRecord
+    #     has_one_attached :avatar
+    #   end
+    #
+    #   User.new.avatar.blank? # => true
     def blank?
       !attached?
     end
@@ -25,7 +51,7 @@ module ActiveStorage
     #
     #   person.avatar.attach(params[:avatar]) # ActionDispatch::Http::UploadedFile object
     #   person.avatar.attach(params[:signed_blob_id]) # Signed reference to blob from direct upload
-    #   person.avatar.attach(io: File.open("/path/to/face.jpg"), filename: "face.jpg", content_type: "image/jpg")
+    #   person.avatar.attach(io: File.open("/path/to/face.jpg"), filename: "face.jpg", content_type: "image/jpeg")
     #   person.avatar.attach(avatar_blob) # ActiveStorage::Blob object
     def attach(attachable)
       if record.persisted? && !record.changed?
@@ -47,34 +73,13 @@ module ActiveStorage
       attachment.present?
     end
 
-    # Deletes the attachment without purging it, leaving its blob in place.
-    def detach
-      if attached?
-        attachment.delete
-        write_attachment nil
-      end
-    end
-
-    # Directly purges the attachment (i.e. destroys the blob and
-    # attachment and deletes the file on the service).
-    def purge
-      if attached?
-        attachment.purge
-        write_attachment nil
-      end
-    end
-
-    # Purges the attachment through the queuing system.
-    def purge_later
-      if attached?
-        attachment.purge_later
-        write_attachment nil
+    private
+      def purge_one
+        Attached::Changes::PurgeOne.new(name, record, attachment)
       end
-    end
 
-    private
-      def write_attachment(attachment)
-        record.public_send("#{name}_attachment=", attachment)
+      def detach_one
+        Attached::Changes::DetachOne.new(name, record, attachment)
       end
   end
 end

data/lib/active_storage/downloader.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module ActiveStorage
-  class Downloader #:nodoc:
+  class Downloader # :nodoc:
     attr_reader :service
 
     def initialize(service)
@@ -35,7 +35,7 @@ module ActiveStorage
       end
 
       def verify_integrity_of(file, checksum:)
-        unless Digest::MD5.file(file).base64digest == checksum
+        unless OpenSSL::Digest::MD5.file(file).base64digest == checksum
           raise ActiveStorage::IntegrityError
         end
       end

data/lib/active_storage/engine.rb

@@ -12,7 +12,10 @@ require "active_storage/previewer/mupdf_previewer"
 require "active_storage/previewer/video_previewer"
 
 require "active_storage/analyzer/image_analyzer"
+require "active_storage/analyzer/image_analyzer/image_magick"
+require "active_storage/analyzer/image_analyzer/vips"
 require "active_storage/analyzer/video_analyzer"
+require "active_storage/analyzer/audio_analyzer"
 
 require "active_storage/service/registry"
 
@@ -24,7 +27,7 @@ module ActiveStorage
 
     config.active_storage = ActiveSupport::OrderedOptions.new
     config.active_storage.previewers = [ ActiveStorage::Previewer::PopplerPDFPreviewer, ActiveStorage::Previewer::MuPDFPreviewer, ActiveStorage::Previewer::VideoPreviewer ]
-    config.active_storage.analyzers = [ ActiveStorage::Analyzer::ImageAnalyzer, ActiveStorage::Analyzer::VideoAnalyzer ]
+    config.active_storage.analyzers = [ ActiveStorage::Analyzer::ImageAnalyzer::Vips, ActiveStorage::Analyzer::ImageAnalyzer::ImageMagick, ActiveStorage::Analyzer::VideoAnalyzer, ActiveStorage::Analyzer::AudioAnalyzer ]
     config.active_storage.paths = ActiveSupport::OrderedOptions.new
     config.active_storage.queues = ActiveSupport::InheritableOptions.new
 
@@ -39,6 +42,9 @@ module ActiveStorage
       image/vnd.adobe.photoshop
       image/vnd.microsoft.icon
       image/webp
+      image/avif
+      image/heic
+      image/heif
     )
 
     config.active_storage.web_image_content_types = %w(
@@ -90,6 +96,7 @@ module ActiveStorage
         ActiveStorage.web_image_content_types = app.config.active_storage.web_image_content_types || []
         ActiveStorage.content_types_to_serve_as_binary = app.config.active_storage.content_types_to_serve_as_binary || []
         ActiveStorage.service_urls_expire_in = app.config.active_storage.service_urls_expire_in || 5.minutes
+        ActiveStorage.urls_expire_in = app.config.active_storage.urls_expire_in
         ActiveStorage.content_types_allowed_inline = app.config.active_storage.content_types_allowed_inline || []
         ActiveStorage.binary_content_type = app.config.active_storage.binary_content_type || "application/octet-stream"
         ActiveStorage.video_preview_arguments = app.config.active_storage.video_preview_arguments || "-y -vframes 1 -f image2"
@@ -144,5 +151,25 @@ module ActiveStorage
         ActiveRecord::Reflection.singleton_class.prepend(Reflection::ReflectionExtension)
       end
     end
+
+    initializer "active_storage.asset" do
+      if Rails.application.config.respond_to?(:assets)
+        Rails.application.config.assets.precompile += %w( activestorage activestorage.esm )
+      end
+    end
+
+    initializer "active_storage.fixture_set" do
+      ActiveSupport.on_load(:active_record_fixture_set) do
+        ActiveStorage::FixtureSet.file_fixture_path ||= Rails.root.join(*[
+          ENV.fetch("FIXTURES_PATH") { File.join("test", "fixtures") },
+          ENV["FIXTURES_DIR"],
+          "files"
+        ].compact_blank)
+      end
+
+      ActiveSupport.on_load(:active_support_test_case) do
+        ActiveStorage::FixtureSet.file_fixture_path = ActiveSupport::TestCase.file_fixture_path
+      end
+    end
   end
 end

data/lib/active_storage/fixture_set.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+require "active_support/testing/file_fixtures"
+require "active_record/secure_token"
+
+module ActiveStorage
+  # Fixtures are a way of organizing data that you want to test against; in
+  # short, sample data.
+  #
+  # To learn more about fixtures, read the
+  # {ActiveRecord::FixtureSet}[rdoc-ref:ActiveRecord::FixtureSet] documentation.
+  #
+  # === YAML
+  #
+  # Like other Active Record-backed models,
+  # {ActiveStorage::Attachment}[rdoc-ref:ActiveStorage::Attachment] and
+  # {ActiveStorage::Blob}[rdoc-ref:ActiveStorage::Blob] records inherit from
+  # {ActiveRecord::Base}[rdoc-ref:ActiveRecord::Base] instances and therefore
+  # can be populated by fixtures.
+  #
+  # Consider a hypothetical <tt>Article</tt> model class, its related
+  # fixture data, as well as fixture data for related ActiveStorage::Attachment
+  # and ActiveStorage::Blob records:
+  #
+  #   # app/models/article.rb
+  #   class Article < ApplicationRecord
+  #     has_one_attached :thumbnail
+  #   end
+  #
+  #   # fixtures/active_storage/blobs.yml
+  #   first_thumbnail_blob: <%= ActiveStorage::FixtureSet.blob filename: "first.png" %>
+  #
+  #   # fixtures/active_storage/attachments.yml
+  #   first_thumbnail_attachment:
+  #     name: thumbnail
+  #     record: first (Article)
+  #     blob: first_thumbnail_blob
+  #
+  # When processed, Active Record will insert database records for each fixture
+  # entry and will ensure the Active Storage relationship is intact.
+  class FixtureSet
+    include ActiveSupport::Testing::FileFixtures
+    include ActiveRecord::SecureToken
+
+    # Generate a YAML-encoded representation of an ActiveStorage::Blob
+    # instance's attributes, resolve the file relative to the directory mentioned
+    # by <tt>ActiveSupport::Testing::FileFixtures.file_fixture</tt>, and upload
+    # the file to the Service
+    #
+    # === Examples
+    #
+    #   # tests/fixtures/action_text/blobs.yml
+    #   second_thumbnail_blob: <%= ActiveStorage::FixtureSet.blob(
+    #     filename: "second.svg",
+    #   ) %>
+    #
+    #   third_thumbnail_blob: <%= ActiveStorage::FixtureSet.blob(
+    #     filename: "third.svg",
+    #     content_type: "image/svg+xml",
+    #     service_name: "public"
+    #   ) %>
+    #
+    def self.blob(filename:, **attributes)
+      new.prepare Blob.new(filename: filename, key: generate_unique_secure_token), **attributes
+    end
+
+    def prepare(instance, **attributes)
+      io = file_fixture(instance.filename.to_s).open
+      instance.unfurl(io)
+      instance.assign_attributes(attributes)
+      instance.upload_without_unfurling(io)
+
+      instance.attributes.transform_values { |value| value.is_a?(Hash) ? value.to_json : value }.compact.to_json
+    end
+  end
+end

data/lib/active_storage/gem_version.rb

@@ -7,10 +7,10 @@ module ActiveStorage
   end
 
   module VERSION
-    MAJOR = 6
-    MINOR = 1
-    TINY  = 4
-    PRE   = "1"
+    MAJOR = 7
+    MINOR = 0
+    TINY  = 0
+    PRE   = "alpha1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/active_storage/previewer.rb

@@ -26,7 +26,7 @@ module ActiveStorage
 
     private
       # Downloads the blob to a tempfile on disk. Yields the tempfile.
-      def download_blob_to_tempfile(&block) #:doc:
+      def download_blob_to_tempfile(&block) # :doc:
         blob.open tmpdir: tmpdir, &block
       end
 
@@ -44,7 +44,7 @@ module ActiveStorage
       #   end
       #
       # The output tempfile is opened in the directory returned by #tmpdir.
-      def draw(*argv) #:doc:
+      def draw(*argv) # :doc:
         open_tempfile do |file|
           instrument :preview, key: blob.key do
             capture(*argv, to: file)
@@ -83,11 +83,11 @@ module ActiveStorage
         to.rewind
       end
 
-      def logger #:doc:
+      def logger # :doc:
         ActiveStorage.logger
       end
 
-      def tmpdir #:doc:
+      def tmpdir # :doc:
         Dir.tmpdir
       end
   end

data/lib/active_storage/reflection.rb

@@ -2,9 +2,19 @@
 
 module ActiveStorage
   module Reflection
+    class HasAttachedReflection < ActiveRecord::Reflection::MacroReflection # :nodoc:
+      def variant(name, transformations)
+        variants[name] = transformations
+      end
+
+      def variants
+        @variants ||= {}
+      end
+    end
+
     # Holds all the metadata about a has_one_attached attachment as it was
     # specified in the Active Record class.
-    class HasOneAttachedReflection < ActiveRecord::Reflection::MacroReflection #:nodoc:
+    class HasOneAttachedReflection < HasAttachedReflection # :nodoc:
       def macro
         :has_one_attached
       end
@@ -12,7 +22,7 @@ module ActiveStorage
 
     # Holds all the metadata about a has_many_attached attachment as it was
     # specified in the Active Record class.
-    class HasManyAttachedReflection < ActiveRecord::Reflection::MacroReflection #:nodoc:
+    class HasManyAttachedReflection < HasAttachedReflection # :nodoc:
       def macro
         :has_many_attached
       end

data/lib/active_storage/service/azure_storage_service.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-gem "azure-storage-blob", ">= 1.1"
+gem "azure-storage-blob", ">= 2.0"
 
 require "active_support/core_ext/numeric/bytes"
 require "azure/storage/blob"

data/lib/active_storage/service/configurator.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module ActiveStorage
-  class Service::Configurator #:nodoc:
+  class Service::Configurator # :nodoc:
     attr_reader :configurations
 
     def self.build(service_name, configurations)

data/lib/active_storage/service/disk_service.rb

@@ -2,14 +2,14 @@
 
 require "fileutils"
 require "pathname"
-require "digest/md5"
+require "openssl"
 require "active_support/core_ext/numeric/bytes"
 
 module ActiveStorage
   # Wraps a local disk path as an Active Storage service. See ActiveStorage::Service for the generic API
   # documentation that applies to all services.
   class Service::DiskService < Service
-    attr_reader :root
+    attr_accessor :root
 
     def initialize(root:, public: false, **options)
       @root = root
@@ -86,11 +86,9 @@ module ActiveStorage
           purpose: :blob_token
         )
 
-        generated_url = url_helpers.update_rails_disk_service_url(verified_token_with_expiration, host: current_host)
-
-        payload[:url] = generated_url
-
-        generated_url
+        url_helpers.update_rails_disk_service_url(verified_token_with_expiration, url_options).tap do |generated_url|
+          payload[:url] = generated_url
+        end
       end
     end
 
@@ -98,7 +96,7 @@ module ActiveStorage
       { "Content-Type" => content_type }
     end
 
-    def path_for(key) #:nodoc:
+    def path_for(key) # :nodoc:
       File.join root, folder_for(key), key
     end
 
@@ -124,14 +122,11 @@ module ActiveStorage
           purpose: :blob_key
         )
 
-        current_uri = URI.parse(current_host)
+        if url_options.blank?
+          raise ArgumentError, "Cannot generate URL for #{filename} using Disk service, please set ActiveStorage::Current.url_options."
+        end
 
-        url_helpers.rails_disk_service_url(verified_key_with_expiration,
-          protocol: current_uri.scheme,
-          host: current_uri.host,
-          port: current_uri.port,
-          filename: filename
-        )
+        url_helpers.rails_disk_service_url(verified_key_with_expiration, filename: filename, **url_options)
       end
 
 
@@ -154,7 +149,7 @@ module ActiveStorage
       end
 
       def ensure_integrity_of(key, checksum)
-        unless Digest::MD5.file(path_for(key)).base64digest == checksum
+        unless OpenSSL::Digest::MD5.file(path_for(key)).base64digest == checksum
           delete key
           raise ActiveStorage::IntegrityError
         end
@@ -164,8 +159,8 @@ module ActiveStorage
         @url_helpers ||= Rails.application.routes.url_helpers
       end
 
-      def current_host
-        ActiveStorage::Current.host
+      def url_options
+        ActiveStorage::Current.url_options
       end
   end
 end

data/lib/active_storage/service/gcs_service.rb

@@ -1,12 +1,16 @@
 # frozen_string_literal: true
 
 gem "google-cloud-storage", "~> 1.11"
+require "google/apis/iamcredentials_v1"
 require "google/cloud/storage"
 
 module ActiveStorage
   # Wraps the Google Cloud Storage as an Active Storage service. See ActiveStorage::Service for the generic API
   # documentation that applies to all services.
   class Service::GCSService < Service
+    class MetadataServerError < ActiveStorage::Error; end
+    class MetadataServerNotFoundError < ActiveStorage::Error; end
+
     def initialize(public: false, **config)
       @config = config
       @public = public
@@ -19,7 +23,7 @@ module ActiveStorage
         # binary and attachment when the file's content type requires it. The only way to force them is to
         # store them as object's metadata.
         content_disposition = content_disposition_with(type: disposition, filename: filename) if disposition && filename
-        bucket.create_file(io, key, md5: checksum, content_type: content_type, content_disposition: content_disposition)
+        bucket.create_file(io, key, md5: checksum, cache_control: @config[:cache_control], content_type: content_type, content_disposition: content_disposition)
       rescue Google::Cloud::InvalidArgumentError
         raise ActiveStorage::IntegrityError
       end
@@ -84,7 +88,31 @@ module ActiveStorage
 
     def url_for_direct_upload(key, expires_in:, checksum:, **)
       instrument :url, key: key do |payload|
-        generated_url = bucket.signed_url key, method: "PUT", expires: expires_in, content_md5: checksum
+        headers = {}
+        version = :v2
+
+        if @config[:cache_control].present?
+          headers["Cache-Control"] = @config[:cache_control]
+          # v2 signing doesn't support non `x-goog-` headers. Only switch to v4 signing
+          # if necessary for back-compat; v4 limits the expiration of the URL to 7 days
+          # whereas v2 has no limit
+          version = :v4
+        end
+
+        args = {
+          content_md5: checksum,
+          expires: expires_in,
+          headers: headers,
+          method: "PUT",
+          version: version,
+        }
+
+        if @config[:iam]
+          args[:issuer] = issuer
+          args[:signer] = signer
+        end
+
+        generated_url = bucket.signed_url(key, **args)
 
         payload[:url] = generated_url
 
@@ -95,15 +123,31 @@ module ActiveStorage
     def headers_for_direct_upload(key, checksum:, filename: nil, disposition: nil, **)
       content_disposition = content_disposition_with(type: disposition, filename: filename) if filename
 
-      { "Content-MD5" => checksum, "Content-Disposition" => content_disposition }
+      headers = { "Content-MD5" => checksum, "Content-Disposition" => content_disposition }
+
+      if @config[:cache_control].present?
+        headers["Cache-Control"] = @config[:cache_control]
+      end
+
+      headers
     end
 
     private
       def private_url(key, expires_in:, filename:, content_type:, disposition:, **)
-        file_for(key).signed_url expires: expires_in, query: {
-          "response-content-disposition" => content_disposition_with(type: disposition, filename: filename),
-          "response-content-type" => content_type
+        args = {
+          expires: expires_in,
+          query: {
+            "response-content-disposition" => content_disposition_with(type: disposition, filename: filename),
+            "response-content-type" => content_type
+          }
         }
+
+        if @config[:iam]
+          args[:issuer] = issuer
+          args[:signer] = signer
+        end
+
+        file_for(key).signed_url(**args)
       end
 
       def public_url(key, **)
@@ -137,7 +181,47 @@ module ActiveStorage
       end
 
       def client
-        @client ||= Google::Cloud::Storage.new(**config.except(:bucket))
+        @client ||= Google::Cloud::Storage.new(**config.except(:bucket, :cache_control, :iam, :gsa_email))
+      end
+
+      def issuer
+        @issuer ||= if @config[:gsa_email]
+          @config[:gsa_email]
+        else
+          uri = URI.parse("http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/email")
+          http = Net::HTTP.new(uri.host, uri.port)
+          request = Net::HTTP::Get.new(uri.request_uri)
+          request["Metadata-Flavor"] = "Google"
+
+          begin
+            response = http.request(request)
+          rescue SocketError
+            raise MetadataServerNotFoundError
+          end
+
+          if response.is_a?(Net::HTTPSuccess)
+            response.body
+          else
+            raise MetadataServerError
+          end
+        end
+      end
+
+      def signer
+        # https://googleapis.dev/ruby/google-cloud-storage/latest/Google/Cloud/Storage/Project.html#signed_url-instance_method
+        lambda do |string_to_sign|
+          iam_client = Google::Apis::IamcredentialsV1::IAMCredentialsService.new
+
+          scopes = ["https://www.googleapis.com/auth/iam"]
+          iam_client.authorization = Google::Auth.get_application_default(scopes)
+
+          request = Google::Apis::IamcredentialsV1::SignBlobRequest.new(
+            payload: string_to_sign
+          )
+          resource = "projects/-/serviceAccounts/#{issuer}"
+          response = iam_client.sign_service_account_blob(resource, request)
+          response.signed_blob
+        end
       end
   end
 end