carrierwave 2.2.6 → 3.1.0

data/lib/carrierwave/processing/rmagick.rb

@@ -22,7 +22,7 @@ module CarrierWave
   #     end
   #
   # Or create your own helpers with the powerful manipulate! method. Check
-  # out the RMagick docs at http://www.imagemagick.org/RMagick/doc/ for more
+  # out the RMagick docs at https://rmagick.github.io/ for more
   # info
   #
   #     class MyUploader < CarrierWave::Uploader::Base
@@ -62,10 +62,12 @@ module CarrierWave
       begin
         require "rmagick"
       rescue LoadError
-        require "RMagick"
-      rescue LoadError => e
-        e.message << " (You may need to install the rmagick gem)"
-        raise e
+        begin
+          require "RMagick"
+        rescue LoadError => e
+          e.message << " (You may need to install the rmagick gem)"
+          raise e
+        end
       end
 
       prepend Module.new {
@@ -100,16 +102,20 @@ module CarrierWave
       def resize_to_geometry_string(geometry_string)
         process :resize_to_geometry_string => [geometry_string]
       end
+
+      def crop(left, top, width, height)
+        process :crop => [left, top, width, height]
+      end
     end
 
     ##
     # Changes the image encoding format to the given format
     #
-    # See even http://www.imagemagick.org/RMagick/doc/magick.html#formats
+    # See even https://rmagick.github.io/magick.html#formats
     #
     # === Parameters
     #
-    # [format (#to_s)] an abreviation of the format
+    # [format (#to_s)] an abbreviation of the format
     #
     # === Yields
     #
@@ -159,7 +165,7 @@ module CarrierWave
     # image may be shorter or narrower than specified in the smaller dimension
     # but will not be larger than the specified values."
     #
-    # See even http://www.imagemagick.org/RMagick/doc/image3.html#resize_to_fit
+    # See even https://rmagick.github.io/image3.html#resize_to_fit
     #
     # === Parameters
     #
@@ -185,7 +191,7 @@ module CarrierWave
     # specified dimensions while retaining the aspect ratio of the original
     # image. If necessary, crop the image in the larger dimension."
     #
-    # See even http://www.imagemagick.org/RMagick/doc/image3.html#resize_to_fill
+    # See even https://rmagick.github.io/image3.html#resize_to_fill
     #
     # === Parameters
     #
@@ -228,13 +234,7 @@ module CarrierWave
       height = dimension_from height
       manipulate! do |img|
         img.resize_to_fit!(width, height)
-        new_img = ::Magick::Image.new(width, height) { |img| img.background_color = background == :transparent ? 'rgba(255,255,255,0)' : background.to_s }
-        if background == :transparent
-          filled = new_img.matte_floodfill(1, 1)
-        else
-          filled = new_img.color_floodfill(1, 1, ::Magick::Pixel.from_color(background))
-        end
-        destroy_image(new_img)
+        filled = ::Magick::Image.new(width, height) { |image| image.background_color = background == :transparent ? 'rgba(255,255,255,0)' : background.to_s }
         filled.composite!(img, gravity, ::Magick::OverCompositeOp)
         destroy_image(img)
         filled = yield(filled) if block_given?
@@ -264,6 +264,33 @@ module CarrierWave
       end
     end
 
+    ##
+    # Crop the image to the contents of a box positioned at [left] and [top], with the dimensions given
+    # by [width] and [height]. The original image bottom/right edge is preserved if the cropping box falls
+    # outside the image bounds.
+    #
+    # === Parameters
+    #
+    # [left (integer)] left edge of area to extract
+    # [top (integer)] top edge of area to extract
+    # [width (Integer)] width of area to extract
+    # [height (Integer)] height of area to extract
+    #
+    # === Yields
+    #
+    # [Magick::Image] additional manipulations to perform
+    #
+    def crop(left, top, width, height, combine_options: {})
+      width = dimension_from width
+      height = dimension_from height
+
+      manipulate! do |img|
+        img.crop!(left, top, width, height)
+        img = yield(img) if block_given?
+        img
+      end
+    end
+
     ##
     # Returns the width of the image.
     #
@@ -363,15 +390,15 @@ module CarrierWave
       if options[:format] || @format
         frames.write("#{options[:format] || @format}:#{current_path}", &write_block)
         move_to = current_path.chomp(File.extname(current_path)) + ".#{options[:format] || @format}"
-        file.content_type = ::MiniMime.lookup_by_filename(move_to).content_type
+        file.content_type = Marcel::Magic.by_path(move_to).try(:type)
         file.move_to(move_to, permissions, directory_permissions)
       else
         frames.write(current_path, &write_block)
       end
 
       destroy_image(frames)
-    rescue ::Magick::ImageMagickError => e
-      raise CarrierWave::ProcessingError, I18n.translate(:"errors.messages.rmagick_processing_error", :e => e)
+    rescue ::Magick::ImageMagickError
+      raise CarrierWave::ProcessingError, I18n.translate(:"errors.messages.processing_error")
     end
 
   private
@@ -381,7 +408,7 @@ module CarrierWave
       proc do |img|
         options.each do |k, v|
           if v.is_a?(String) && (matches = v.match(/^["'](.+)["']/))
-            ActiveSupport::Deprecation.warn "Passing quoted strings like #{v} to #manipulate! is deprecated, pass them without quoting."
+            CarrierWave.deprecator.warn "Passing quoted strings like #{v} to #manipulate! is deprecated, pass them without quoting."
             v = matches[1]
           end
           img.public_send(:"#{k}=", v)

data/lib/carrierwave/processing/vips.rb

@@ -78,6 +78,10 @@ module CarrierWave
       def resize_and_pad(width, height, background=nil, gravity='centre', alpha=nil)
         process :resize_and_pad => [width, height, background, gravity, alpha]
       end
+
+      def crop(left, top, width, height)
+        process :crop => [left, top, width, height]
+      end
     end
 
     ##
@@ -208,6 +212,33 @@ module CarrierWave
       end
     end
 
+    ##
+    # Crop the image to the contents of a box positioned at [left] and [top], with the dimensions given
+    # by [width] and [height]. The original image bottom/right edge is preserved if the cropping box falls
+    # outside the image bounds.
+    #
+    # === Parameters
+    #
+    # [left (integer)] left edge of area to extract
+    # [top (integer)] top edge of area to extract
+    # [width (Integer)] width of area to extract
+    # [height (Integer)] height of area to extract
+    #
+    # === Yields
+    #
+    # [Vips::Image] additional manipulations to perform
+    #
+    def crop(left, top, width, height, combine_options: {})
+      width, height = resolve_dimensions(width, height)
+      width = vips_image.width - left if width + left > vips_image.width
+      height = vips_image.height - top if height + top > vips_image.height
+
+      vips! do |builder|
+        builder.crop(left, top, width, height)
+          .apply(combine_options)
+      end
+    end
+
     ##
     # Returns the width of the image in pixels.
     #
@@ -259,26 +290,26 @@ module CarrierWave
 
       if File.extname(result.path) != File.extname(current_path)
         move_to = current_path.chomp(File.extname(current_path)) + File.extname(result.path)
-        file.content_type = ::MiniMime.lookup_by_filename(move_to).content_type
+        file.content_type = Marcel::Magic.by_path(move_to).try(:type)
         file.move_to(move_to, permissions, directory_permissions)
       end
-    rescue ::Vips::Error => e
-      message = I18n.translate(:"errors.messages.vips_processing_error", :e => e)
+    rescue ::Vips::Error
+      message = I18n.translate(:"errors.messages.processing_error")
       raise CarrierWave::ProcessingError, message
     end
 
-    private
+  private
 
-      def resolve_dimensions(*dimensions)
-        dimensions.map do |value|
-          next value unless value.instance_of?(Proc)
-          value.arity >= 1 ? value.call(self) : value.call
-        end
+    def resolve_dimensions(*dimensions)
+      dimensions.map do |value|
+        next value unless value.instance_of?(Proc)
+        value.arity >= 1 ? value.call(self) : value.call
       end
+    end
 
-      def vips_image
-        ::Vips::Image.new_from_buffer(read, "")
-      end
+    def vips_image
+      ::Vips::Image.new_from_buffer(read, "")
+    end
 
   end # Vips
 end # CarrierWave

data/lib/carrierwave/sanitized_file.rb

@@ -1,6 +1,5 @@
 require 'pathname'
 require 'active_support/core_ext/string/multibyte'
-require 'mini_mime'
 require 'marcel'
 
 module CarrierWave
@@ -14,6 +13,7 @@ module CarrierWave
   # It's probably needlessly comprehensive and complex. Help is appreciated.
   #
   class SanitizedFile
+    include CarrierWave::Utilities::FileName
 
     attr_reader :file
 
@@ -27,7 +27,7 @@ module CarrierWave
 
     def initialize(file)
       self.file = file
-      @content = nil
+      @content = @content_type = nil
     end
 
     ##
@@ -39,7 +39,7 @@ module CarrierWave
     #
     def original_filename
       return @original_filename if @original_filename
-      if @file and @file.respond_to?(:original_filename)
+      if @file && @file.respond_to?(:original_filename)
         @file.original_filename
       elsif path
         File.basename(path)
@@ -59,29 +59,6 @@ module CarrierWave
 
     alias_method :identifier, :filename
 
-    ##
-    # Returns the part of the filename before the extension. So if a file is called 'test.jpeg'
-    # this would return 'test'
-    #
-    # === Returns
-    #
-    # [String] the first part of the filename
-    #
-    def basename
-      split_extension(filename)[0] if filename
-    end
-
-    ##
-    # Returns the file extension
-    #
-    # === Returns
-    #
-    # [String] the extension
-    #
-    def extension
-      split_extension(filename)[1] if filename
-    end
-
     ##
     # Returns the file's size.
     #
@@ -132,7 +109,7 @@ module CarrierWave
     # [Boolean] whether the file is valid and has a non-zero size
     #
     def empty?
-      @file.nil? || self.size.nil? || (self.size.zero? && ! self.exists?)
+      @file.nil? || self.size.nil? || (self.size.zero? && !self.exists?)
     end
 
     ##
@@ -151,15 +128,21 @@ module CarrierWave
     #
     # [String] contents of the file
     #
-    def read
+    def read(*args)
       if @content
-        @content
+        if args.empty?
+          @content
+        else
+          length, outbuf = args
+          raise ArgumentError, "outbuf argument not supported since the content is already loaded" if outbuf
+          @content[0, length]
+        end
       elsif is_path?
-        File.open(@file, "rb") {|file| file.read}
+        File.open(@file, "rb") {|file| file.read(*args)}
       else
         @file.try(:rewind)
-        @content = @file.read
-        @file.try(:close) unless @file.try(:closed?)
+        @content = @file.read(*args)
+        @file.try(:close) unless @file.class.ancestors.include?(::StringIO) || @file.try(:closed?)
         @content
       end
     end
@@ -180,13 +163,10 @@ module CarrierWave
       mkdir!(new_path, directory_permissions)
       move!(new_path)
       chmod!(new_path, permissions)
-      if keep_filename
-        self.file = {:tempfile => new_path, :filename => original_filename, :content_type => @content_type}
-      else
-        self.file = {:tempfile => new_path, :content_type => @content_type}
-      end
+      self.file = {tempfile: new_path, filename: keep_filename ? original_filename : nil, content_type: declared_content_type}
       self
     end
+
     ##
     # Helper to move file to new path.
     #
@@ -218,7 +198,7 @@ module CarrierWave
       mkdir!(new_path, directory_permissions)
       copy!(new_path)
       chmod!(new_path, permissions)
-      self.class.new({:tempfile => new_path, :content_type => content_type})
+      self.class.new({tempfile: new_path, content_type: declared_content_type})
     end
 
     ##
@@ -260,9 +240,10 @@ module CarrierWave
     #
     def content_type
       @content_type ||=
-        existing_content_type ||
-        marcel_magic_content_type ||
-        mini_mime_content_type
+        identified_content_type ||
+        declared_content_type ||
+        guessed_safe_content_type ||
+        Marcel::MimeType::BINARY
     end
 
     ##
@@ -293,11 +274,11 @@ module CarrierWave
       if file.is_a?(Hash)
         @file = file["tempfile"] || file[:tempfile]
         @original_filename = file["filename"] || file[:filename]
-        @content_type = file["content_type"] || file[:content_type] || file["type"] || file[:type]
+        @declared_content_type = file["content_type"] || file[:content_type] || file["type"] || file[:type]
       else
         @file = file
         @original_filename = nil
-        @content_type = nil
+        @declared_content_type = nil
       end
     end
 
@@ -314,57 +295,57 @@ module CarrierWave
 
     # Sanitize the filename, to prevent hacking
     def sanitize(name)
+      name = name.scrub
       name = name.tr("\\", "/") # work-around for IE
       name = File.basename(name)
-      name = name.gsub(sanitize_regexp,"_")
+      name = name.gsub(sanitize_regexp, "_")
       name = "_#{name}" if name =~ /\A\.+\z/
       name = "unnamed" if name.size.zero?
-      return name.mb_chars.to_s
+      name.mb_chars.to_s
     end
 
-    def existing_content_type
-      if @file.respond_to?(:content_type) && @file.content_type
-        Marcel::MimeType.for(declared_type: @file.content_type.to_s.chomp)
-      end
+    def declared_content_type
+      @declared_content_type ||
+        if @file.respond_to?(:content_type) && @file.content_type
+          Marcel::MimeType.for(declared_type: @file.content_type.to_s.chomp)
+        end
     end
 
-    def marcel_magic_content_type
-      if path
-        type = File.open(path) do |file|
-          Marcel::Magic.by_magic(file).try(:type)
-        end
+    # Guess content type from its file extension. Limit what to be returned to prevent spoofing.
+    def guessed_safe_content_type
+      return unless path
 
-        if type.nil?
-          type = Marcel::Magic.by_path(path).try(:type)
-          type = 'invalid/invalid' unless type.nil? || type.start_with?('text/')
-        end
+      type = Marcel::Magic.by_path(original_filename).to_s
+      type if type.start_with?('text/') || type.start_with?('application/json')
+    end
+
+    def identified_content_type
+      with_io do |io|
+        mimetype_by_magic = Marcel::Magic.by_magic(io)
+        mimetype_by_path = Marcel::Magic.by_path(path)
 
-        type
+        return nil if mimetype_by_magic.nil?
+
+        if mimetype_by_path&.child_of?(mimetype_by_magic.type)
+          mimetype_by_path.type
+        else
+          mimetype_by_magic.type
+        end
       end
     rescue Errno::ENOENT
       nil
     end
 
-    def mini_mime_content_type
-      return unless path
-      mime_type = ::MiniMime.lookup_by_filename(path)
-      @content_type = (mime_type && mime_type.content_type).to_s
-    end
-
-    def split_extension(filename)
-      # regular expressions to try for identifying extensions
-      extension_matchers = [
-        /\A(.+)\.(tar\.([glx]?z|bz2))\z/, # matches "something.tar.gz"
-        /\A(.+)\.([^\.]+)\z/ # matches "something.jpg"
-      ]
-
-      extension_matchers.each do |regexp|
-        if filename =~ regexp
-          return $1, $2
+    def with_io(&block)
+      if file.is_a?(IO)
+        begin
+          yield file
+        ensure
+          file.try(:rewind)
         end
+      elsif path
+        File.open(path, &block)
       end
-      return filename, "" # In case we weren't able to split the extension
     end
-
   end # SanitizedFile
 end # CarrierWave

data/lib/carrierwave/storage/abstract.rb

@@ -14,7 +14,7 @@ module CarrierWave
       end
 
       def identifier
-        uploader.filename
+        uploader.deduplicated_filename
       end
 
       def store!(file)
@@ -24,19 +24,19 @@ module CarrierWave
       end
 
       def cache!(new_file)
-        raise NotImplementedError.new("Need to implement #cache! if you want to use #{self.class.name} as a cache storage.")
+        raise NotImplementedError, "Need to implement #cache! if you want to use #{self.class.name} as a cache storage."
       end
 
       def retrieve_from_cache!(identifier)
-        raise NotImplementedError.new("Need to implement #retrieve_from_cache! if you want to use #{self.class.name} as a cache storage.")
+        raise NotImplementedError, "Need to implement #retrieve_from_cache! if you want to use #{self.class.name} as a cache storage."
       end
 
       def delete_dir!(path)
-        raise NotImplementedError.new("Need to implement #delete_dir! if you want to use #{self.class.name} as a cache storage.")
+        raise NotImplementedError, "Need to implement #delete_dir! if you want to use #{self.class.name} as a cache storage."
       end
 
       def clean_cache!(seconds)
-        raise NotImplementedError.new("Need to implement #clean_cache! if you want to use #{self.class.name} as a cache storage.")
+        raise NotImplementedError, "Need to implement #clean_cache! if you want to use #{self.class.name} as a cache storage."
       end
     end # Abstract
   end # Storage

data/lib/carrierwave/storage/file.rb

@@ -17,7 +17,7 @@ module CarrierWave
       #
       # By default, store!() uses copy_to(), which operates by copying the file
       # from the cache to the store, then deleting the file from the cache.
-      # If move_to_store() is overriden to return true, then store!() uses move_to(),
+      # If move_to_store() is overridden to return true, then store!() uses move_to(),
       # which simply moves the file from cache to store.  Useful for large files.
       #
       # === Parameters
@@ -109,10 +109,11 @@ module CarrierWave
       end
 
       def clean_cache!(seconds)
-        Dir.glob(::File.expand_path(::File.join(uploader.cache_dir, '*'), CarrierWave.root)).each do |dir|
-          # generate_cache_id returns key formated TIMEINT-PID(-COUNTER)-RND
-          time = dir.scan(/(\d+)-\d+-\d+(?:-\d+)?/).first.map(&:to_i)
-          time = Time.at(*time)
+        Dir.glob(::File.expand_path(::File.join(uploader.cache_dir, '*'), uploader.root)).each do |dir|
+          # generate_cache_id returns key formatted TIMEINT-PID(-COUNTER)-RND
+          matched = dir.scan(/(\d+)-\d+-\d+(?:-\d+)?/).first
+          next unless matched
+          time = Time.at(matched[0].to_i)
           if time < (Time.now.utc - seconds)
             FileUtils.rm_rf(dir)
           end