activestorage_saas 5.2.5.1 → 5.2.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d1b5d632c8d8737928c64de3799d5871205fdc50b94306574a85323d47f22eda
-  data.tar.gz: 8c8b86b0f37605aa95ea80ddf6cb88c44f5ab74c70e81a2e684d25aa3c692754
+  metadata.gz: 14d926492586f0ab3058a8ff4a48a7cec2824747366c677f9c91f5c46a658535
+  data.tar.gz: 1c57c47f19302d6edc4953e6dcf94cd7871f0e22dda6670955c99639f2e3fffb
 SHA512:
-  metadata.gz: 819a58f6f078ca03aba8736559ac5e04379e54076f80264ad363b1f9007913033797aaff0896b2bbf418e246f13f91092232d13edb836471c25a634736001a33
-  data.tar.gz: 9bf4a83504cc82ffe698f6f3725eb7c82b642a6d018ba3d14d1269b1f8d20408ea45c93ec3338e326280e491d125e8e739b856fc6c95fb4a513c828d788e719d
+  metadata.gz: b9101363a32b4d5fbe122d0c7e4953fd10c0a7b2dce02f3d83c4ba42e80745a88d3a50111a4ad100417b6b4e2f3a6244cf5c16f8f07539afbaedea2ea8adde67
+  data.tar.gz: b5cb1539cbc4129abcee5c5f7b1df6a3b2773a9a87cd4426c223be3bd6ca41ab82632d93deff93b9a59fd4d90a97394c3ae320afc397f4ef0ea16bfd75aa0738

data/activestorage_saas.gemspec

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 activestorage_version = '5.2.5'
-gem_version = 1
+gem_version = 2
 
 Gem::Specification.new do |spec|
   spec.name = "activestorage_saas"

data/app/controller/active_storage_saas/direct_uploads_controller.rb

@@ -1,4 +1,4 @@
-class ActiveStorageSaas::DirectUploadsController < ActiveStorageSaas::BaseController
+class ActiveStorageSaas::DirectUploadsController < ActiveStorage::BaseController
   def create
     blob = ActiveStorage::Blob.create!(blob_args)
     render json: direct_upload_json(blob)
@@ -19,8 +19,10 @@ class ActiveStorageSaas::DirectUploadsController < ActiveStorageSaas::BaseContro
       blob.as_json(root: false, methods: :signed_id, only: :signed_id)
           .merge(direct_upload: {
                    url: blob.service_url_for_direct_upload,
+                   method: blob.service_http_method_for_direct_upload,
+                   responseType: blob.service_http_response_type_for_direct_upload,
                    headers: blob.service_headers_for_direct_upload,
-                   formData: blob.service_form_data_for_direct_upload
+                   formData: blob.service_form_data_for_direct_upload.presence
                  })
     end
 end

data/app/javascript/active_storage_saas/direct_upload_controller/blob_record.js

@@ -0,0 +1,73 @@
+import { getMetaValue } from "./helpers"
+
+export class BlobRecord {
+  constructor(file, checksum, url) {
+    this.file = file
+
+    this.attributes = {
+      filename: file.name,
+      content_type: file.type || "application/octet-stream",
+      byte_size: file.size,
+      checksum: checksum
+    }
+
+    this.xhr = new XMLHttpRequest
+    this.xhr.open("POST", url, true)
+    this.xhr.responseType = "json"
+    this.xhr.setRequestHeader("Content-Type", "application/json")
+    this.xhr.setRequestHeader("Accept", "application/json")
+    this.xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest")
+
+    const csrfToken = getMetaValue("csrf-token")
+    if (csrfToken != undefined) {
+      this.xhr.setRequestHeader("X-CSRF-Token", csrfToken)
+    }
+
+    this.xhr.addEventListener("load", event => this.requestDidLoad(event))
+    this.xhr.addEventListener("error", event => this.requestDidError(event))
+  }
+
+  get status() {
+    return this.xhr.status
+  }
+
+  get response() {
+    const { responseType, response } = this.xhr
+    if (responseType == "json") {
+      return response
+    } else {
+      // Shim for IE 11: https://connect.microsoft.com/IE/feedback/details/794808
+      return JSON.parse(response)
+    }
+  }
+
+  create(callback) {
+    this.callback = callback
+    this.xhr.send(JSON.stringify({ blob: this.attributes }))
+  }
+
+  requestDidLoad(event) {
+    if (this.status >= 200 && this.status < 300) {
+      const { response } = this
+      const { direct_upload } = response
+      delete response.direct_upload
+      this.attributes = response
+      this.directUploadData = direct_upload
+      this.callback(null, this.toJSON())
+    } else {
+      this.requestDidError(event)
+    }
+  }
+
+  requestDidError(event) {
+    this.callback(event, this)
+  }
+
+  toJSON() {
+    const result = {}
+    for (const key in this.attributes) {
+      result[key] = this.attributes[key]
+    }
+    return result
+  }
+}

data/app/javascript/active_storage_saas/direct_upload_controller/blob_upload.js

@@ -0,0 +1,45 @@
+export class BlobUpload {
+  constructor(blob) {
+    this.blob = blob
+    this.file = blob.file
+
+    const { url, headers, method, responseType } = blob.directUploadData
+
+    this.xhr = new XMLHttpRequest
+    this.xhr.open(method || "PUT", url, true)
+    this.xhr.responseType = responseType || "text"
+    for (const key in headers) {
+      this.xhr.setRequestHeader(key, headers[key])
+    }
+    this.xhr.addEventListener("load", event => this.requestDidLoad(event))
+    this.xhr.addEventListener("error", event => this.requestDidError(event))
+  }
+
+  create(callback) {
+    this.callback = callback
+    if(this.blob.directUploadData.formData){
+      var formData
+      formData = new FormData()
+      for(const key in this.blob.directUploadData.formData){
+        formData.append(key, this.blob.directUploadData.formData[key])
+      }
+      formData.append('file', this.file)
+      this.xhr.send(formData)
+    }else{
+      this.xhr.send(this.file.slice())
+    }
+  }
+
+  requestDidLoad(event) {
+    const { status, response } = this.xhr
+    if (status >= 200 && status < 300) {
+      this.callback(null, response)
+    } else {
+      this.requestDidError(event)
+    }
+  }
+
+  requestDidError(event) {
+    this.callback(event, this)
+  }
+}

data/app/javascript/active_storage_saas/direct_upload_controller/direct_upload.js

@@ -0,0 +1,48 @@
+import { FileChecksum } from "./file_checksum"
+import { BlobRecord } from "./blob_record"
+import { BlobUpload } from "./blob_upload"
+
+let id = 0
+
+export class DirectUpload {
+  constructor(file, url, delegate) {
+    this.id = ++id
+    this.file = file
+    this.url = url
+    this.delegate = delegate
+  }
+
+  create(callback) {
+    FileChecksum.create(this.file, (error, checksum) => {
+      if (error) {
+        callback(error)
+        return
+      }
+
+      const blob = new BlobRecord(this.file, checksum, this.url)
+      notify(this.delegate, "directUploadWillCreateBlobWithXHR", blob.xhr)
+
+      blob.create(error => {
+        if (error) {
+          callback(error)
+        } else {
+          const upload = new BlobUpload(blob)
+          notify(this.delegate, "directUploadWillStoreFileWithXHR", upload.xhr)
+          upload.create(error => {
+            if (error) {
+              callback(error)
+            } else {
+              callback(null, blob.toJSON())
+            }
+          })
+        }
+      })
+    })
+  }
+}
+
+function notify(object, methodName, ...messages) {
+  if (object && typeof object[methodName] == "function") {
+    return object[methodName](...messages)
+  }
+}

data/app/javascript/active_storage_saas/direct_upload_controller/file_checksum.js

@@ -0,0 +1,53 @@
+import SparkMD5 from "spark-md5"
+
+const fileSlice = File.prototype.slice || File.prototype.mozSlice || File.prototype.webkitSlice
+
+export class FileChecksum {
+  static create(file, callback) {
+    const instance = new FileChecksum(file)
+    instance.create(callback)
+  }
+
+  constructor(file) {
+    this.file = file
+    this.chunkSize = 2097152 // 2MB
+    this.chunkCount = Math.ceil(this.file.size / this.chunkSize)
+    this.chunkIndex = 0
+  }
+
+  create(callback) {
+    this.callback = callback
+    this.md5Buffer = new SparkMD5.ArrayBuffer
+    this.fileReader = new FileReader
+    this.fileReader.addEventListener("load", event => this.fileReaderDidLoad(event))
+    this.fileReader.addEventListener("error", event => this.fileReaderDidError(event))
+    this.readNextChunk()
+  }
+
+  fileReaderDidLoad(event) {
+    this.md5Buffer.append(event.target.result)
+
+    if (!this.readNextChunk()) {
+      const binaryDigest = this.md5Buffer.end(true)
+      const base64digest = btoa(binaryDigest)
+      this.callback(null, base64digest)
+    }
+  }
+
+  fileReaderDidError(event) {
+    this.callback(`Error reading ${this.file.name}`)
+  }
+
+  readNextChunk() {
+    if (this.chunkIndex < this.chunkCount || (this.chunkIndex == 0 && this.chunkCount == 0)) {
+      const start = this.chunkIndex * this.chunkSize
+      const end = Math.min(start + this.chunkSize, this.file.size)
+      const bytes = fileSlice.call(this.file, start, end)
+      this.fileReader.readAsArrayBuffer(bytes)
+      this.chunkIndex++
+      return true
+    } else {
+      return false
+    }
+  }
+}

data/app/javascript/active_storage_saas/direct_upload_controller/helpers.js

@@ -0,0 +1,51 @@
+export function getMetaValue(name) {
+  const element = findElement(document.head, `meta[name="${name}"]`)
+  if (element) {
+    return element.getAttribute("content")
+  }
+}
+
+export function findElements(root, selector) {
+  if (typeof root == "string") {
+    selector = root
+    root = document
+  }
+  const elements = root.querySelectorAll(selector)
+  return toArray(elements)
+}
+
+export function findElement(root, selector) {
+  if (typeof root == "string") {
+    selector = root
+    root = document
+  }
+  return root.querySelector(selector)
+}
+
+export function dispatchEvent(element, type, eventInit = {}) {
+  const { disabled } = element
+  const { bubbles, cancelable, detail } = eventInit
+  const event = document.createEvent("Event")
+
+  event.initEvent(type, bubbles || true, cancelable || true)
+  event.detail = detail || {}
+
+  try {
+    element.disabled = false
+    element.dispatchEvent(event)
+  } finally {
+    element.disabled = disabled
+  }
+
+  return event
+}
+
+export function toArray(value) {
+  if (Array.isArray(value)) {
+    return value
+  } else if (Array.from) {
+    return Array.from(value)
+  } else {
+    return [].slice.call(value)
+  }
+}

data/app/javascript/active_storage_saas/direct_upload_controller.js

@@ -0,0 +1,78 @@
+import { Controller } from "@hotwired/stimulus";
+import { DirectUpload } from "./direct_upload_controller/direct_upload";
+
+const URL = window.URL || window.webkitURL
+
+function setupFilePreview(target, file){
+  const onLoaded = function(){
+    URL.revokeObjectURL(target.src)
+    target.removeEventListener('load', onLoaded)
+  }
+  target.addEventListener('load', onLoaded)
+  target.src = URL.createObjectURL(file)
+}
+export default class extends Controller {
+  static targets = ['file', 'preview'];
+  static values = {
+    url: String,
+  }
+
+  initialize(){
+    this.onFileChange = this.onFileChange.bind(this)
+  }
+
+  fileTargetConnected(target){
+    if(!target.hiddenInput){
+      const hiddenInput = document.createElement("input")
+      hiddenInput.type = "hidden"
+      hiddenInput.name = target.name
+      target.insertAdjacentElement("beforebegin", hiddenInput)
+      target.removeAttribute('name')
+      target.hiddenInput = hiddenInput
+    }
+    target.addEventListener('change', this.onFileChange)
+  }
+
+  fileTargetDisconnected(target){
+    target.removeEventListener('change', this.onFileChange)
+  }
+
+  onFileChange(event){
+    const { target } = event
+    const { hiddenInput, files } = target
+    const file = files[0]
+    if(!file) return
+
+    const directUpload = new DirectUpload(file, this.urlValue, this)
+
+    if(this.hasPreviewTarget){
+      setupFilePreview(this.previewTarget, file)
+    }
+
+    directUpload.create((error, attributes) => {
+      if(error){
+        hiddenInput.removeAttribute('value')
+      }else{
+        hiddenInput.setAttribute('value', attributes.signed_id)
+      }
+    })
+  }
+
+  directUploadWillCreateBlobWithXHR(xhr) {
+    this.dispatch("before-blob-request", { detail: xhr })
+  }
+
+  directUploadWillStoreFileWithXHR(xhr) {
+    this.dispatch('started', { detail: xhr })
+    this.dispatch('progress', { detail: { percent: 0 } })
+    xhr.upload.addEventListener("progress", event => this.uploadRequestDidProgress(event))
+  }
+
+  uploadRequestDidProgress(event){
+    const percent = event.loaded / event.total
+    this.dispatch('progress', { detail: { percent } })
+    if(percent == 1){
+      this.dispatch('uploaded')
+    }
+  }
+}

data/app/models/tenant_storage_service.rb

@@ -0,0 +1,5 @@
+class TenantStorageService < ApplicationRecord
+  belongs_to :tenant, inverse_of: :storage_services
+
+  store :service_options, coder: ActiveRecord::Coders::JSON
+end

data/lib/active_storage/service/saas_service.rb

@@ -39,6 +39,14 @@ module ActiveStorage
         service.respond_to?(method)
       end
 
+      def http_method_for_direct_upload
+        service.service_http_method_for_direct_upload if service.respond_to?(:http_method_for_direct_upload)
+      end
+
+      def http_response_type_for_direct_upload
+        service.http_response_type_for_direct_upload if service.respond_to?(:http_response_type_for_direct_upload)
+      end
+
       def form_data_for_direct_upload(key, expires_in:, content_type:, content_length:, checksum:)
         if service.respond_to?(:form_data_for_direct_upload)
           service.form_data_for_direct_upload key,
@@ -62,10 +70,10 @@ module ActiveStorage
 
       private
 
-      def default_service
-        @default_service ||= ActiveStorage::Service.configure @options[:default_service],
-                                                              Rails.configuration.active_storage.service_configurations
-      end
+        def default_service
+          @default_service ||= ActiveStorage::Service.configure @options[:default_service],
+                                                                Rails.configuration.active_storage.service_configurations
+        end
     end
   end
 end

data/lib/{actives_torage_saas → active_storage_saas}/blob_patch.rb

@@ -1,3 +1,5 @@
+require 'active_storage/service/saas_service'
+
 module ActiveStorageSaas
   module BlobPatch
     extend ActiveSupport::Concern
@@ -16,6 +18,14 @@ module ActiveStorageSaas
       end
     end
 
+    def service_http_method_for_direct_upload
+      service.respond_to?(:http_method_for_direct_upload) ? service.http_method_for_direct_upload : nil
+    end
+
+    def service_http_response_type_for_direct_upload
+      service.respond_to?(:http_response_type_for_direct_upload) ? service.http_response_type_for_direct_upload : nil
+    end
+
     # support sending data from form instead of headers
     def service_form_data_for_direct_upload(expires_in: service.url_expires_in)
       return {} unless service.respond_to?(:form_data_for_direct_upload)

data/lib/{actives_torage_saas → active_storage_saas}/routes.rb

@@ -3,9 +3,9 @@ module ActiveStorageSaas
     # rubocop: disable Layout/LineLength
     def draw_active_storage_saas_routes(
       prefix: '/rails/active_storage',
-      blobs_controller: 'active_storage_saas/blobs',
-      representations_controller: 'active_storage_saas/representations',
-      disk_controller: 'active_storage_saas/disk',
+      blobs_controller: 'active_storage/blobs',
+      representations_controller: 'active_storage/representations',
+      disk_controller: 'active_storage/disk',
       direct_uploads_controller: 'active_storage_saas/direct_uploads',
       **option_overrides
     )

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: activestorage_saas
 version: !ruby/object:Gem::Version
-  version: 5.2.5.1
+  version: 5.2.5.2
 platform: ruby
 authors:
 - xiaohui
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-10 00:00:00.000000000 Z
+date: 2022-08-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activestorage
@@ -41,17 +41,20 @@ files:
 - README.md
 - Rakefile
 - activestorage_saas.gemspec
-- app/controller/active_storage_saas/base_controller.rb
-- app/controller/active_storage_saas/blobs_controller.rb
 - app/controller/active_storage_saas/direct_uploads_controller.rb
-- app/controller/active_storage_saas/disk_controller.rb
-- app/controller/active_storage_saas/representations_controller.rb
+- app/javascript/active_storage_saas/direct_upload_controller.js
+- app/javascript/active_storage_saas/direct_upload_controller/blob_record.js
+- app/javascript/active_storage_saas/direct_upload_controller/blob_upload.js
+- app/javascript/active_storage_saas/direct_upload_controller/direct_upload.js
+- app/javascript/active_storage_saas/direct_upload_controller/file_checksum.js
+- app/javascript/active_storage_saas/direct_upload_controller/helpers.js
+- app/models/tenant_storage_service.rb
 - db/migrate/001_activestorage_saas_tables.rb
 - lib/active_storage/service/saas_service.rb
 - lib/active_storage_saas.rb
-- lib/actives_torage_saas/blob_patch.rb
-- lib/actives_torage_saas/engine.rb
-- lib/actives_torage_saas/routes.rb
+- lib/active_storage_saas/blob_patch.rb
+- lib/active_storage_saas/engine.rb
+- lib/active_storage_saas/routes.rb
 - lib/activestorage_saas.rb
 - sig/activestorage_saas.rbs
 homepage: https://github.com/xiaohui-zhangxh/activestorage_saas
@@ -76,7 +79,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: Wraps multi-tenant storage services as ActiveStorage service

data/app/controller/active_storage_saas/base_controller.rb

@@ -1,7 +0,0 @@
-class ActiveStorageSaas::BaseController < ActiveStorage::BaseController
-  unless method_defined?(:current_tenant)
-    def current_tenant
-      raise NotImplementedError
-    end
-  end
-end

data/app/controller/active_storage_saas/blobs_controller.rb

@@ -1,8 +0,0 @@
-class ActiveStorageSaas::BlobsController < ActiveStorageSaas::BaseController
-  include ActiveStorage::SetBlob
-
-  def show
-    expires_in ActiveStorage::Blob.service.url_expires_in
-    redirect_to @blob.service_url(disposition: params[:disposition])
-  end
-end

data/app/controller/active_storage_saas/disk_controller.rb

@@ -1,63 +0,0 @@
-# frozen_string_literal: true
-
-# Serves files stored with the disk service in the same way that the cloud services do.
-# This means using expiring, signed URLs that are meant for immediate access, not permanent linking.
-# Always go through the BlobsController, or your own authenticated controller, rather than directly
-# to the service url.
-class ActiveStorageSaas::DiskController < ActiveStorage::BaseController
-  skip_forgery_protection
-
-  def show
-    if key = decode_verified_key
-      serve_file disk_service.path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
-    else
-      head :not_found
-    end
-  end
-
-  def update
-    if token = decode_verified_token
-      if acceptable_content?(token)
-        disk_service.upload token[:key], request.body, checksum: token[:checksum]
-        head :no_content
-      else
-        head :unprocessable_entity
-      end
-    end
-  rescue ActiveStorage::IntegrityError
-    head :unprocessable_entity
-  end
-
-  private
-    def disk_service
-      ActiveStorage::Blob.service
-    end
-
-
-    def decode_verified_key
-      ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
-    end
-
-    def serve_file(path, content_type:, disposition:)
-      Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)|
-        self.status = status
-        self.response_body = body
-
-        headers.each do |name, value|
-          response.headers[name] = value
-        end
-
-        response.headers["Content-Type"] = content_type || DEFAULT_SEND_FILE_TYPE
-        response.headers["Content-Disposition"] = disposition || DEFAULT_SEND_FILE_DISPOSITION
-      end
-    end
-
-
-    def decode_verified_token
-      ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
-    end
-
-    def acceptable_content?(token)
-      token[:content_type] == request.content_mime_type && token[:content_length] == request.content_length
-    end
-end

data/app/controller/active_storage_saas/representations_controller.rb

@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-# Take a signed permanent reference for a blob representation and turn it into an expiring service URL for download.
-# Note: These URLs are publicly accessible. If you need to enforce access protection beyond the
-# security-through-obscurity factor of the signed blob and variation reference, you'll need to implement your own
-# authenticated redirection controller.
-class ActiveStorageSaas::RepresentationsController < ActiveStorage::BaseController
-  include ActiveStorage::SetBlob
-
-  def show
-    expires_in ActiveStorage::Blob.service.url_expires_in
-    redirect_to @blob.representation(params[:variation_key]).processed.service_url(disposition: params[:disposition])
-  end
-end