activestorage 7.0.0 → 7.1.0

data/app/assets/javascripts/activestorage.js

@@ -503,7 +503,7 @@
     }
   }
   class BlobRecord {
-    constructor(file, checksum, url, directUploadToken, attachmentName) {
+    constructor(file, checksum, url, customHeaders = {}) {
       this.file = file;
       this.attributes = {
         filename: file.name,
@@ -511,14 +511,15 @@
         byte_size: file.size,
         checksum: checksum
       };
-      this.directUploadToken = directUploadToken;
-      this.attachmentName = attachmentName;
       this.xhr = new XMLHttpRequest;
       this.xhr.open("POST", url, true);
       this.xhr.responseType = "json";
       this.xhr.setRequestHeader("Content-Type", "application/json");
       this.xhr.setRequestHeader("Accept", "application/json");
       this.xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest");
+      Object.keys(customHeaders).forEach((headerKey => {
+        this.xhr.setRequestHeader(headerKey, customHeaders[headerKey]);
+      }));
       const csrfToken = getMetaValue("csrf-token");
       if (csrfToken != undefined) {
         this.xhr.setRequestHeader("X-CSRF-Token", csrfToken);
@@ -540,9 +541,7 @@
     create(callback) {
       this.callback = callback;
       this.xhr.send(JSON.stringify({
-        blob: this.attributes,
-        direct_upload_token: this.directUploadToken,
-        attachment_name: this.attachmentName
+        blob: this.attributes
       }));
     }
     requestDidLoad(event) {
@@ -600,13 +599,12 @@
   }
   let id = 0;
   class DirectUpload {
-    constructor(file, url, serviceName, attachmentName, delegate) {
+    constructor(file, url, delegate, customHeaders = {}) {
       this.id = ++id;
       this.file = file;
       this.url = url;
-      this.serviceName = serviceName;
-      this.attachmentName = attachmentName;
       this.delegate = delegate;
+      this.customHeaders = customHeaders;
     }
     create(callback) {
       FileChecksum.create(this.file, ((error, checksum) => {
@@ -614,7 +612,7 @@
           callback(error);
           return;
         }
-        const blob = new BlobRecord(this.file, checksum, this.url, this.serviceName, this.attachmentName);
+        const blob = new BlobRecord(this.file, checksum, this.url, this.customHeaders);
         notify(this.delegate, "directUploadWillCreateBlobWithXHR", blob.xhr);
         blob.create((error => {
           if (error) {
@@ -643,7 +641,7 @@
     constructor(input, file) {
       this.input = input;
       this.file = file;
-      this.directUpload = new DirectUpload(this.file, this.url, this.directUploadToken, this.attachmentName, this);
+      this.directUpload = new DirectUpload(this.file, this.url, this);
       this.dispatch("initialize");
     }
     start(callback) {
@@ -674,12 +672,6 @@
     get url() {
       return this.input.getAttribute("data-direct-upload-url");
     }
-    get directUploadToken() {
-      return this.input.getAttribute("data-direct-upload-token");
-    }
-    get attachmentName() {
-      return this.input.getAttribute("data-direct-upload-attachment-name");
-    }
     dispatch(name, detail = {}) {
       detail.file = this.file;
       detail.id = this.directUpload.id;
@@ -828,6 +820,8 @@
   }
   setTimeout(autostart, 1);
   exports.DirectUpload = DirectUpload;
+  exports.DirectUploadController = DirectUploadController;
+  exports.DirectUploadsController = DirectUploadsController;
   exports.start = start;
   Object.defineProperty(exports, "__esModule", {
     value: true

data/app/controllers/active_storage/base_controller.rb

@@ -2,7 +2,7 @@
 
 # The base class for all Active Storage controllers.
 class ActiveStorage::BaseController < ActionController::Base
-  include ActiveStorage::SetCurrent, ActiveStorage::Streaming
+  include ActiveStorage::SetCurrent
 
   protect_from_forgery with: :exception
 

data/app/controllers/active_storage/blobs/proxy_controller.rb

@@ -8,6 +8,8 @@
 # {Authenticated Controllers}[https://guides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
 class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
   include ActiveStorage::SetBlob
+  include ActiveStorage::Streaming
+  include ActiveStorage::DisableSession
 
   def show
     if request.headers["Range"].present?

data/app/controllers/active_storage/direct_uploads_controller.rb

@@ -4,10 +4,8 @@
 # When the client-side upload is completed, the signed_blob_id can be submitted as part of the form to reference
 # the blob that was created up front.
 class ActiveStorage::DirectUploadsController < ActiveStorage::BaseController
-  include ActiveStorage::DirectUploadToken
-
   def create
-    blob = ActiveStorage::Blob.create_before_direct_upload!(**blob_args.merge(service_name: verified_service_name))
+    blob = ActiveStorage::Blob.create_before_direct_upload!(**blob_args)
     render json: direct_upload_json(blob)
   end
 
@@ -16,10 +14,6 @@ class ActiveStorage::DirectUploadsController < ActiveStorage::BaseController
       params.require(:blob).permit(:filename, :byte_size, :checksum, :content_type, metadata: {}).to_h.symbolize_keys
     end
 
-    def verified_service_name
-      ActiveStorage::DirectUploadToken.verify_direct_upload_token(params[:direct_upload_token], params[:attachment_name], session)
-    end
-
     def direct_upload_json(blob)
       blob.as_json(root: false, methods: :signed_id).merge(direct_upload: {
         url: blob.service_url_for_direct_upload,

data/app/controllers/active_storage/disk_controller.rb

@@ -42,11 +42,13 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
     end
 
     def decode_verified_key
-      ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
+      key = ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
+      key&.deep_symbolize_keys
     end
 
     def decode_verified_token
-      ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
+      token = ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
+      token&.deep_symbolize_keys
     end
 
     def acceptable_content?(token)

data/app/controllers/active_storage/representations/proxy_controller.rb

@@ -7,6 +7,9 @@
 # require a higher level of protection consider implementing
 # {Authenticated Controllers}[https://guides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
 class ActiveStorage::Representations::ProxyController < ActiveStorage::Representations::BaseController
+  include ActiveStorage::Streaming
+  include ActiveStorage::DisableSession
+
   def show
     http_cache_forever public: true do
       send_blob_stream @representation.image, disposition: params[:disposition]

data/app/controllers/concerns/active_storage/disable_session.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+# This concern disables the session in order to allow caching by default in some CDNs as CloudFlare.
+module ActiveStorage::DisableSession
+  extend ActiveSupport::Concern
+
+  included do
+    before_action do
+      request.session_options[:skip] = true
+    end
+  end
+end

data/app/controllers/concerns/active_storage/file_server.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
+require "active_support/core_ext/hash/except"
+
 module ActiveStorage::FileServer # :nodoc:
   private
     def serve_file(path, content_type:, disposition:)
-      Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)|
+      ::Rack::Files.new(nil).serving(request, path).tap do |(status, headers, body)|
         self.status = status
         self.response_body = body
 
@@ -11,6 +13,7 @@ module ActiveStorage::FileServer # :nodoc:
           response.headers[name] = value
         end
 
+        response.headers.except!("X-Cascade", "x-cascade") if status == 416
         response.headers["Content-Type"] = content_type || DEFAULT_SEND_FILE_TYPE
         response.headers["Content-Disposition"] = disposition || DEFAULT_SEND_FILE_DISPOSITION
       end

data/app/controllers/concerns/active_storage/streaming.rb

@@ -3,6 +3,7 @@
 require "securerandom"
 
 module ActiveStorage::Streaming
+  extend ActiveSupport::Concern
   DEFAULT_BLOB_STREAMING_DISPOSITION = "inline"
 
   include ActionController::DataStreaming

data/app/javascript/activestorage/blob_record.js

@@ -1,25 +1,25 @@
 import { getMetaValue } from "./helpers"
 
 export class BlobRecord {
-  constructor(file, checksum, url, directUploadToken, attachmentName) {
+  constructor(file, checksum, url, customHeaders = {}) {
     this.file = file
 
     this.attributes = {
       filename: file.name,
       content_type: file.type || "application/octet-stream",
       byte_size: file.size,
-      checksum: checksum,
+      checksum: checksum
     }
 
-    this.directUploadToken = directUploadToken
-    this.attachmentName = attachmentName
-
     this.xhr = new XMLHttpRequest
     this.xhr.open("POST", url, true)
     this.xhr.responseType = "json"
     this.xhr.setRequestHeader("Content-Type", "application/json")
     this.xhr.setRequestHeader("Accept", "application/json")
     this.xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest")
+    Object.keys(customHeaders).forEach((headerKey) => {
+      this.xhr.setRequestHeader(headerKey, customHeaders[headerKey])
+    })
 
     const csrfToken = getMetaValue("csrf-token")
     if (csrfToken != undefined) {
@@ -46,11 +46,7 @@ export class BlobRecord {
 
   create(callback) {
     this.callback = callback
-    this.xhr.send(JSON.stringify({
-      blob: this.attributes,
-      direct_upload_token: this.directUploadToken,
-      attachment_name: this.attachmentName
-    }))
+    this.xhr.send(JSON.stringify({ blob: this.attributes }))
   }
 
   requestDidLoad(event) {

data/app/javascript/activestorage/direct_upload.js

@@ -5,13 +5,12 @@ import { BlobUpload } from "./blob_upload"
 let id = 0
 
 export class DirectUpload {
-  constructor(file, url, serviceName, attachmentName, delegate) {
+  constructor(file, url, delegate, customHeaders = {}) {
     this.id = ++id
     this.file = file
     this.url = url
-    this.serviceName = serviceName
-    this.attachmentName = attachmentName
     this.delegate = delegate
+    this.customHeaders = customHeaders
   }
 
   create(callback) {
@@ -21,7 +20,7 @@ export class DirectUpload {
         return
       }
 
-      const blob = new BlobRecord(this.file, checksum, this.url, this.serviceName, this.attachmentName)
+      const blob = new BlobRecord(this.file, checksum, this.url, this.customHeaders)
       notify(this.delegate, "directUploadWillCreateBlobWithXHR", blob.xhr)
 
       blob.create(error => {

data/app/javascript/activestorage/direct_upload_controller.js

@@ -5,7 +5,7 @@ export class DirectUploadController {
   constructor(input, file) {
     this.input = input
     this.file = file
-    this.directUpload = new DirectUpload(this.file, this.url, this.directUploadToken, this.attachmentName, this)
+    this.directUpload = new DirectUpload(this.file, this.url, this)
     this.dispatch("initialize")
   }
 
@@ -41,14 +41,6 @@ export class DirectUploadController {
     return this.input.getAttribute("data-direct-upload-url")
   }
 
-  get directUploadToken() {
-    return this.input.getAttribute("data-direct-upload-token")
-  }
-
-  get attachmentName() {
-    return this.input.getAttribute("data-direct-upload-attachment-name")
-  }
-
   dispatch(name, detail = {}) {
     detail.file = this.file
     detail.id = this.directUpload.id

data/app/javascript/activestorage/index.js

@@ -1,6 +1,8 @@
 import { start } from "./ujs"
 import { DirectUpload } from "./direct_upload"
-export { start, DirectUpload }
+import { DirectUploadController } from "./direct_upload_controller"
+import { DirectUploadsController } from "./direct_uploads_controller"
+export { start, DirectUpload, DirectUploadController, DirectUploadsController }
 
 function autostart() {
   if (window.ActiveStorage) {

data/app/jobs/active_storage/analyze_job.rb

@@ -5,7 +5,7 @@ class ActiveStorage::AnalyzeJob < ActiveStorage::BaseJob
   queue_as { ActiveStorage.queues[:analysis] }
 
   discard_on ActiveRecord::RecordNotFound
-  retry_on ActiveStorage::IntegrityError, attempts: 10, wait: :exponentially_longer
+  retry_on ActiveStorage::IntegrityError, attempts: 10, wait: :polynomially_longer
 
   def perform(blob)
     blob.analyze

data/app/jobs/active_storage/mirror_job.rb

@@ -7,7 +7,7 @@ class ActiveStorage::MirrorJob < ActiveStorage::BaseJob
   queue_as { ActiveStorage.queues[:mirror] }
 
   discard_on ActiveStorage::FileNotFoundError
-  retry_on ActiveStorage::IntegrityError, attempts: 10, wait: :exponentially_longer
+  retry_on ActiveStorage::IntegrityError, attempts: 10, wait: :polynomially_longer
 
   def perform(key, checksum:)
     ActiveStorage::Blob.service.try(:mirror, key, checksum: checksum)

data/app/jobs/active_storage/purge_job.rb

@@ -5,7 +5,7 @@ class ActiveStorage::PurgeJob < ActiveStorage::BaseJob
   queue_as { ActiveStorage.queues[:purge] }
 
   discard_on ActiveRecord::RecordNotFound
-  retry_on ActiveRecord::Deadlocked, attempts: 10, wait: :exponentially_longer
+  retry_on ActiveRecord::Deadlocked, attempts: 10, wait: :polynomially_longer
 
   def perform(blob)
     blob.purge

data/app/jobs/active_storage/transform_job.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class ActiveStorage::TransformJob < ActiveStorage::BaseJob
+  queue_as { ActiveStorage.queues[:transform] }
+
+  discard_on ActiveRecord::RecordNotFound
+  retry_on ActiveStorage::IntegrityError, attempts: 10, wait: :polynomially_longer
+
+  def perform(blob, transformations)
+    blob.variant(transformations).processed
+  end
+end

data/app/models/active_storage/attachment.rb

@@ -2,11 +2,13 @@
 
 require "active_support/core_ext/module/delegation"
 
+# = Active Storage \Attachment
+#
 # Attachments associate records with blobs. Usually that's a one record-many blobs relationship,
 # but it is possible to associate many different records with the same blob. A foreign-key constraint
 # on the attachments table prevents blobs from being purged if they’re still attached to any records.
 #
-# Attachments also have access to all methods from {ActiveStorage::Blob}[rdoc-ref:ActiveStorage::Blob].
+# Attachments also have access to all methods from ActiveStorage::Blob.
 #
 # If you wish to preload attachments or blobs, you can use these scopes:
 #
@@ -18,16 +20,31 @@ require "active_support/core_ext/module/delegation"
 class ActiveStorage::Attachment < ActiveStorage::Record
   self.table_name = "active_storage_attachments"
 
+  ##
+  # :method:
+  #
+  # Returns the associated record.
   belongs_to :record, polymorphic: true, touch: true
+
+  ##
+  # :method:
+  #
+  # Returns the associated ActiveStorage::Blob.
   belongs_to :blob, class_name: "ActiveStorage::Blob", autosave: true
 
   delegate_missing_to :blob
   delegate :signed_id, to: :blob
 
-  after_create_commit :mirror_blob_later, :analyze_blob_later
+  after_create_commit :mirror_blob_later, :analyze_blob_later, :transform_variants_later
   after_destroy_commit :purge_dependent_blob_later
 
-  scope :with_all_variant_records, -> { includes(blob: :variant_records) }
+  ##
+  # :singleton-method:
+  #
+  # Eager load all variant records on an attachment at once.
+  #
+  #   User.first.avatars.with_all_variant_records
+  scope :with_all_variant_records, -> { includes(blob: { variant_records: { image_attachment: :blob } }) }
 
   # Synchronously deletes the attachment and {purges the blob}[rdoc-ref:ActiveStorage::Blob#purge].
   def purge
@@ -49,23 +66,61 @@ class ActiveStorage::Attachment < ActiveStorage::Record
 
   # Returns an ActiveStorage::Variant or ActiveStorage::VariantWithRecord
   # instance for the attachment with the set of +transformations+ provided.
+  # Example:
+  #
+  #   avatar.variant(resize_to_limit: [100, 100]).processed.url
+  #
+  # or if you are using pre-defined variants:
+  #
+  #   avatar.variant(:thumb).processed.url
+  #
   # See ActiveStorage::Blob::Representable#variant for more information.
   #
   # Raises an +ArgumentError+ if +transformations+ is a +Symbol+ which is an
   # unknown pre-defined variant of the attachment.
   def variant(transformations)
-    case transformations
-    when Symbol
-      variant_name = transformations
-      transformations = variants.fetch(variant_name) do
-        record_model_name = record.to_model.model_name.name
-        raise ArgumentError, "Cannot find variant :#{variant_name} for #{record_model_name}##{name}"
-      end
-    end
-
+    transformations = transformations_by_name(transformations)
     blob.variant(transformations)
   end
 
+  # Returns an ActiveStorage::Preview instance for the attachment with the set
+  # of +transformations+ provided.
+  # Example:
+  #
+  #   video.preview(resize_to_limit: [100, 100]).processed.url
+  #
+  # or if you are using pre-defined variants:
+  #
+  #   video.preview(:thumb).processed.url
+  #
+  # See ActiveStorage::Blob::Representable#preview for more information.
+  #
+  # Raises an +ArgumentError+ if +transformations+ is a +Symbol+ which is an
+  # unknown pre-defined variant of the attachment.
+  def preview(transformations)
+    transformations = transformations_by_name(transformations)
+    blob.preview(transformations)
+  end
+
+  # Returns an ActiveStorage::Preview or an ActiveStorage::Variant for the
+  # attachment with set of +transformations+ provided.
+  # Example:
+  #
+  #   avatar.representation(resize_to_limit: [100, 100]).processed.url
+  #
+  # or if you are using pre-defined variants:
+  #
+  #   avatar.representation(:thumb).processed.url
+  #
+  # See ActiveStorage::Blob::Representable#representation for more information.
+  #
+  # Raises an +ArgumentError+ if +transformations+ is a +Symbol+ which is an
+  # unknown pre-defined variant of the attachment.
+  def representation(transformations)
+    transformations = transformations_by_name(transformations)
+    blob.representation(transformations)
+  end
+
   private
     def analyze_blob_later
       blob.analyze_later unless blob.analyzed?
@@ -75,6 +130,12 @@ class ActiveStorage::Attachment < ActiveStorage::Record
       blob.mirror_later
     end
 
+    def transform_variants_later
+      named_variants.each do |_name, named_variant|
+        blob.preprocessed(named_variant.transformations) if named_variant.preprocessed?(record)
+      end
+    end
+
     def purge_dependent_blob_later
       blob&.purge_later if dependent == :purge_later
     end
@@ -83,8 +144,21 @@ class ActiveStorage::Attachment < ActiveStorage::Record
       record.attachment_reflections[name]&.options&.fetch(:dependent, nil)
     end
 
-    def variants
-      record.attachment_reflections[name]&.variants
+    def named_variants
+      record.attachment_reflections[name]&.named_variants
+    end
+
+    def transformations_by_name(transformations)
+      case transformations
+      when Symbol
+        variant_name = transformations
+        named_variants.fetch(variant_name) do
+          record_model_name = record.to_model.model_name.name
+          raise ArgumentError, "Cannot find variant :#{variant_name} for #{record_model_name}##{name}"
+        end.transformations
+      else
+        transformations
+      end
     end
 end
 

data/app/models/active_storage/blob/analyzable.rb

@@ -2,6 +2,7 @@
 
 require "active_storage/analyzer/null_analyzer"
 
+# = Active Storage \Blob \Analyzable
 module ActiveStorage::Blob::Analyzable
   # Extracts and stores metadata from the file associated with this blob using a relevant analyzer. Active Storage comes
   # with built-in analyzers for images and videos. See ActiveStorage::Analyzer::ImageAnalyzer and
@@ -12,7 +13,7 @@ module ActiveStorage::Blob::Analyzable
   # first analyzer for which +accept?+ returns true when given the blob. If no registered analyzer accepts the blob, no
   # metadata is extracted from it.
   #
-  # In a Rails application, add or remove analyzers by manipulating +Rails.application.config.active_storage.analyzers+
+  # In a \Rails application, add or remove analyzers by manipulating +Rails.application.config.active_storage.analyzers+
   # in an initializer:
   #
   #   # Add a custom analyzer for Microsoft Office documents:
@@ -21,9 +22,9 @@ module ActiveStorage::Blob::Analyzable
   #   # Remove the built-in video analyzer:
   #   Rails.application.config.active_storage.analyzers.delete ActiveStorage::Analyzer::VideoAnalyzer
   #
-  # Outside of a Rails application, manipulate +ActiveStorage.analyzers+ instead.
+  # Outside of a \Rails application, manipulate +ActiveStorage.analyzers+ instead.
   #
-  # You won't ordinarily need to call this method from a Rails application. New blobs are automatically and asynchronously
+  # You won't ordinarily need to call this method from a \Rails application. New blobs are automatically and asynchronously
   # analyzed via #analyze_later when they're attached for the first time.
   def analyze
     update! metadata: metadata.merge(extract_metadata_via_analyzer)

data/app/models/active_storage/blob/identifiable.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+# = Active Storage \Blob \Identifiable
 module ActiveStorage::Blob::Identifiable
   def identify
     identify_without_saving

data/app/models/active_storage/blob/representable.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require "mini_mime"
+require "marcel"
 
 module ActiveStorage::Blob::Representable
   extend ActiveSupport::Concern
@@ -98,6 +98,10 @@ module ActiveStorage::Blob::Representable
     variable? || previewable?
   end
 
+  def preprocessed(transformations) # :nodoc:
+    ActiveStorage::TransformJob.perform_later(self, transformations)
+  end
+
   private
     def default_variant_transformations
       { format: default_variant_format }
@@ -112,10 +116,10 @@ module ActiveStorage::Blob::Representable
     end
 
     def format
-      if filename.extension.present? && MiniMime.lookup_by_extension(filename.extension)&.content_type == content_type
+      if filename.extension.present? && Marcel::MimeType.for(extension: filename.extension) == content_type
         filename.extension
       else
-        MiniMime.lookup_by_content_type(content_type)&.extension
+        Marcel::Magic.new(content_type.to_s).extensions.first
       end
     end