attache 2.2.1 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/config/vhost.example.yml +3 -0
- data/lib/attache/download.rb +4 -0
- data/lib/attache/version.rb +1 -1
- data/lib/attache/vhost.rb +3 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d3e6fceada01d556d51cb23682428710b64a6a4f
|
4
|
+
data.tar.gz: f1a1dd488a9964aaa212522fa6552776f31882af
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b71efe1bd2bb1820c32f93bd60ab6bd7ce418e804cd6738ac51d77cb78ffc9eb7e2a9d2c79ce12cb258df463033a29e9f78e253fcb7732eb20758b22e912a16d
|
7
|
+
data.tar.gz: b355c9cbe459befac3da3a8ec7d35f2ef2d5f10fbc3ae0c27639e2145fb4ad6f4259379ea91b803f9fdeda545a0fcc7529e47c2c3b4bd2d9907663c95a23e85d
|
data/config/vhost.example.yml
CHANGED
@@ -5,6 +5,9 @@
|
|
5
5
|
"google.lvh.me:9292":
|
6
6
|
"SECRET_KEY": CHANGEME # this is the shared secret between your app and this attache server
|
7
7
|
"REMOTE_DIR": CHANGEME # this is the root directory to use in the `bucket`; omit to use root
|
8
|
+
"GEOMETRY_WHITELIST": # this limits the type of `geometry` we resize to; optional
|
9
|
+
- "100x100"
|
10
|
+
- "1024>"
|
8
11
|
"FOG_CONFIG": #
|
9
12
|
"provider": Google # refer to `fog.io/storage` documentation
|
10
13
|
"google_storage_access_key_id": CHANGEME #
|
data/lib/attache/download.rb
CHANGED
@@ -16,6 +16,10 @@ class Attache::Download < Attache::Base
|
|
16
16
|
vhosts[ENV.fetch('BACKUP_GEOMETRY') { 'backup' }] = config.backup
|
17
17
|
|
18
18
|
parse_path_info(env['PATH_INFO']['/view/'.length..-1]) do |dirname, geometry, basename, relpath|
|
19
|
+
unless config.try(:geometry_whitelist).blank? || config.geometry_whitelist.include?(geometry)
|
20
|
+
return [415, config.download_headers, ["#{geometry} is not supported"]]
|
21
|
+
end
|
22
|
+
|
19
23
|
if vhost = vhosts[geometry]
|
20
24
|
headers = vhost.download_headers.merge({
|
21
25
|
'Location' => vhost.storage_url(relpath: relpath),
|
data/lib/attache/version.rb
CHANGED
data/lib/attache/vhost.rb
CHANGED
@@ -6,12 +6,15 @@ class Attache::VHost
|
|
6
6
|
:storage,
|
7
7
|
:download_headers,
|
8
8
|
:headers_with_cors,
|
9
|
+
:geometry_whitelist,
|
9
10
|
:env
|
10
11
|
|
11
12
|
def initialize(hash)
|
12
13
|
self.env = hash || {}
|
13
14
|
self.remotedir = env['REMOTE_DIR'] # nil means no fixed top level remote directory, and that's fine.
|
14
15
|
self.secret_key = env['SECRET_KEY'] # nil means no auth check; anyone can upload a file
|
16
|
+
self.geometry_whitelist = env['GEOMETRY_WHITELIST'] # nil means everything is acceptable
|
17
|
+
|
15
18
|
if env['FOG_CONFIG']
|
16
19
|
self.bucket = env['FOG_CONFIG'].fetch('bucket')
|
17
20
|
self.storage = Fog::Storage.new(env['FOG_CONFIG'].except('bucket').symbolize_keys)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: attache
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- choonkeat
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-04-
|
11
|
+
date: 2016-04-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|