carrierwave_direct 0.0.15 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4f9e56f05064fcec0e706c91c80c85c5e4bdbf93
-  data.tar.gz: 0f8c4b55fc49a71f4e4a8ac5992e82a684ffb99b
+  metadata.gz: b64419d902b8c1afba920fafe9a7029dd4c3d94a
+  data.tar.gz: 5dfbb28ea14db2c7ae9bd665192c009534cbef90
 SHA512:
-  metadata.gz: 47fe09989e7dba3b47476aaa6c3137e2d01f9809778ff3763a3121c922bc0690816593add6a3a625be6174e9e0f2c00e1b8d9221372e4a9890953cc28e0d8a1a
-  data.tar.gz: ae5b467e4542cd5940df6aca828396b82eb0df9647a0b283ae4abf7c3babdf862041c46a76290f5081bd70c78fe1772a6cda347d3c550d56d415582c000b0ca2
+  metadata.gz: c8f39ac6ced22656b3a96821356d92333f9ca141f215bb66125b3d2a8fa282718341adb133b0baa33308f9268cf1ef2014e59e3e21bb1f7949a389f170b4c1be
+  data.tar.gz: b2e2fe378dfed399fc011fb4ebcb8a94d5d4ffe4cb4c982ed71b918aa53fa7767a1b1c6d226e6fda5ad2169af24af2a43c83b80b300650367ad49aa0e6faa9d6

data/.travis.yml

@@ -1,12 +1,12 @@
 rvm:
- - 1.9.3
- - 2.0.0
- - 2.1.0
-install:
-  - 'travis_retry bundle install'
+ - 2.3.0
+ - 2.4.0
+ - 2.5.0
 script: 'bundle exec rspec spec'
 gemfile:
   - Gemfile
-  - gemfiles/3.2.gemfile
-  - gemfiles/4.0.gemfile
-  - gemfiles/4.1.gemfile
+  - gemfiles/4.2.gemfile
+  - gemfiles/5.1.gemfile
+# Move to containerized travis, see http://docs.travis-ci.com/user/migrating-from-legacy
+sudo: false
+cache: bundler

data/Changelog.md

@@ -1,3 +1,20 @@
+### 1.0.0
+
+Features:
+  * Upgraded signing algorithm to use [AWS V4 POST authentication](http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-authentication-HTTPPOST.html). This is a breaking change if you are constructing your own upload forms or submitting your own POST requests. See the Sinatra section of the README for a summary of the new fields required in your V4 POST request. (Fran Worley @fran-worley)
+
+### 0.0.16
+
+Bug Fixes:
+  * Allow uploader columns to be named `file` (Diego Plentz @plentz and Moisés Viloria @mois3x)
+  * `["starts-with", "$utf8", ""]` is not needed as condition (Rocco Galluzzo @byterussian)
+
+Misc:
+  * Dropped support for ruby 1.9, it has [reached its end of life](https://www.ruby-lang.org/en/news/2014/01/10/ruby-1-9-3-will-end-on-2015/) 
+  * Add 2.2.0 support to travis. 
+  * Compatible with Capybara 2.7
+  * Replaced fog dependency with fog-aws; significantly reduces gem footprint
+
 ### 0.0.15
 
 [Full Changes](https://github.com/dwilkie/carrierwave_direct/compare/v0.0.14...v0.0.15)

data/README.md

@@ -113,15 +113,19 @@ end
 ```
 ```haml
 # index.haml
+# Now using AWS POST authentication V4
+# See http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-authentication-HTTPPOST.html for more information
 
 %form{:action => @uploader.direct_fog_url, :method => "post", :enctype => "multipart/form-data"}
   %input{:name => "utf8", :type => "hidden"}
   %input{:type => "hidden", :name => "key", :value => @uploader.key}
-  %input{:type => "hidden", :name => "AWSAccessKeyId", :value => @uploader.aws_access_key_id}
   %input{:type => "hidden", :name => "acl", :value => @uploader.acl}
   %input{:type => "hidden", :name => "success_action_redirect", :value => @uploader.success_action_redirect}
   %input{:type => "hidden", :name => "policy", :value => @uploader.policy}
-  %input{:type => "hidden", :name => "signature", :value => @uploader.signature}
+  %input{:type => "hidden", :name => "x-amz-algorithm", :value => @uploader.algorithm}
+  %input{:type => "hidden", :name => "x-amz-credential", :value => @uploader.credential}
+  %input{:type => "hidden", :name => "x-amz-date", :value => @uploader.date}
+  %input{:type => "hidden", :name => "x-amz-signature", :value => @uploader.signature}
   %input{:name => "file", :type => "file"}
   %input{:type => "submit", :value => "Upload to S3"}
 ```
@@ -156,7 +160,7 @@ end
 After uploading to S3, You'll need to update the uploader object with the returned key in the controller action that corresponds to `new_user_url`:
 
 ```ruby
-@uploader.update_attribute :key, params[:key]
+@uploader.update_attribute :avatar_key, params[:key]
 ```
 
 You can also pass html options like this:
@@ -429,6 +433,29 @@ CarrierWave.configure do |config|
 end
 ```
 
+## Bucket CORS configuration and usage with CloudFront
+
+If you are using a javascript uploader (e.g. Dropzone, jQuery Upload, Uploadify, etc.) you will need to add CORS configuration to your bucket, otherwise default bucket configuration will deny CORS requests. To do that open your bucket in Amazon console, click on its properties and add a CORS configuration similar to this
+
+```xml
+<CORSConfiguration>
+    <CORSRule>
+        <!--  Optionally change this with your domain, it should not be an issue since your bucket accepts only signed writes -->
+        <AllowedOrigin>*</AllowedOrigin>
+        <AllowedMethod>GET</AllowedMethod>
+        <AllowedMethod>POST</AllowedMethod>
+        <MaxAgeSeconds>3000</MaxAgeSeconds>
+        <AllowedHeader>Authorization</AllowedHeader>
+        <AllowedHeader>Content-Type</AllowedHeader>
+        <AllowedHeader>Origin</AllowedHeader>
+    </CORSRule>
+</CORSConfiguration>
+```
+
+When you use this gem in conjunction with CloudFront you'll need an additional step otherwise it won't work as expected. This is strictly necessary if you configured CarrierWave `asset_host` to use a CloudFront in front of your bucket because your forms will be posted to that url.
+
+To solve this issue you must enable POST requests in your CloudFront distribution settings. Here is a [step by step walkthrough](http://blog.celingest.com/en/2014/10/02/tutorial-using-cors-with-cloudfront-and-s3/) that explain this setup. It also explain CORS configuration.
+
 ## Testing with CarrierWaveDirect
 
 CarrierWaveDirect provides a couple of helpers to help with integration and unit testing. You don't want to contact the Internet during your tests as this is slow, expensive and unreliable. You should first put fog into mock mode by doing something like this.
@@ -531,8 +558,6 @@ en:
 
 ## Caveats
 
-Don't name your string column `file`. It will result in a stack level too deep exception. See [this issue](https://github.com/dwilkie/carrierwave_direct/issues/10) for more info.
-
 If you're Rails app was newly generated *after* version 3.2.3 and your testing this in development you may run into an issue where an `ActiveModel::MassAssignmentSecurity::Error` is raised when being redirected from S3. You can fix this by setting `config.active_record.mass_assignment_sanitizer = :logger` in your `config/environments/development.rb` file.
 
 ## Contributing to CarrierWaveDirect
@@ -575,3 +600,4 @@ Thank you to everybody who has contributed to [CarrierWaveDirect](https://github
 * [colinyoung (Colin Young)](https://github.com/colinyoung) - Content-Type support
 * [jkamenik (John Kamenik)](https://github.com/jkamenik) - Content-Type support
 * [filiptepper (Filip Tepper)](https://github.com/filiptepper) - Autoload UUID on heroku
+* [mois3x (Moisés Viloria)](https://github.com/mois3x) and [plentz (Diego Plentz)](https://github.com/plentz) - Allow uploader columns to be named `file`

data/carrierwave_direct.gemspec

@@ -10,13 +10,12 @@ Gem::Specification.new do |s|
   s.homepage    = "https://github.com/dwilkie/carrierwave_direct"
   s.summary     = %q{Upload direct to S3 using CarrierWave}
   s.description = %q{Process your uploads in the background by uploading directly to S3}
-  s.required_ruby_version = ">= 1.9.0"
+  s.required_ruby_version = ">= 2.0.0"
 
   s.rubyforge_project = "carrierwave_direct"
 
-  s.add_dependency "carrierwave"
-  s.add_dependency "uuidtools"
-  s.add_dependency "fog"
+  s.add_dependency "carrierwave", "~>0.11"
+  s.add_dependency "fog-aws"
 
   s.add_development_dependency "rspec"
   s.add_development_dependency "timecop"

data/gemfiles/{4.0.gemfile → 4.2.gemfile}

@@ -1,13 +1,12 @@
 source "https://rubygems.org"
 
-gem "carrierwave"
-gem "uuidtools"
-gem "fog"
+gem "carrierwave", "~>0.11"
+gem "fog-aws"
 
 group :test do
-  gem "rspec", '3.0.0'
+  gem "rspec", '~> 3.0'
   gem "timecop"
-  gem "rails", "~>4.0.0"
+  gem "rails", "~>4.2.0"
   gem "sqlite3", :platform => [:ruby, :mswin, :mingw]
   gem "capybara"
   # gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby

data/gemfiles/{4.1.gemfile → 5.1.gemfile}

@@ -1,13 +1,12 @@
 source "https://rubygems.org"
 
-gem "carrierwave"
-gem "uuidtools"
-gem "fog"
+gem "carrierwave", "~>0.11"
+gem "fog-aws"
 
 group :test do
-  gem "rspec", '3.0.0'
+  gem "rspec", '~> 3.0'
   gem "timecop"
-  gem "rails", "~>4.1.0"
+  gem "rails", "~>5.1.0"
   gem "sqlite3", :platform => [:ruby, :mswin, :mingw]
   gem "capybara"
   # gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby

data/lib/carrierwave_direct/form_builder.rb

@@ -3,6 +3,8 @@
 module CarrierWaveDirect
   class FormBuilder < ActionView::Helpers::FormBuilder
     def file_field(method, options = {})
+      @object.policy(enforce_utf8: true)
+
       options.merge!(:name => "file")
 
       fields = required_base_fields
@@ -29,10 +31,12 @@ module CarrierWaveDirect
 
     def required_base_fields
       hidden_field(:key,                     :name => "key") <<
-      hidden_field(:aws_access_key_id,       :name => "AWSAccessKeyId") <<
       hidden_field(:acl,                     :name => "acl") <<
       hidden_field(:policy,                  :name => "policy") <<
-      hidden_field(:signature,               :name => "signature")
+      hidden_field(:signature,               :name => "X-Amz-Signature") <<
+      hidden_field(:credential,              :name => "X-Amz-Credential") <<
+      hidden_field(:algorithm,               :name => "X-Amz-Algorithm") <<
+      hidden_field(:date,                    :name => "X-Amz-Date")
     end
 
     def content_type_field(options)

data/lib/carrierwave_direct/mount.rb

@@ -9,10 +9,12 @@ module CarrierWaveDirect
       # Don't go further unless the class included CarrierWaveDirect::Uploader
       return unless uploader.ancestors.include?(CarrierWaveDirect::Uploader)
 
-      uploader.class_eval <<-RUBY, __FILE__, __LINE__+1
-        def #{column}; self; end
-      RUBY
-
+      unless uploader.instance_methods.include?(column)
+        uploader.class_eval <<-RUBY, __FILE__, __LINE__+1
+           def #{column}; self; end
+        RUBY
+      end
+ 
       self.instance_eval <<-RUBY, __FILE__, __LINE__+1
         attr_accessor :remote_#{column}_net_url
       RUBY
@@ -22,10 +24,20 @@ module CarrierWaveDirect
       mod.class_eval <<-RUBY, __FILE__, __LINE__+1
 
         def key
+          warn "key method is deprecated, please use column_key method instead."
           send(:#{column}).key
         end
 
         def key=(k)
+          warn "key= method is deprecated, please use column_key= method instead."
+          send(:#{column}).key = k
+        end
+
+        def #{column}_key
+          send(:#{column}).key
+        end
+
+        def #{column}_key=(k)
           send(:#{column}).key = k
         end
 

data/lib/carrierwave_direct/orm/activerecord.rb

@@ -32,7 +32,7 @@ module CarrierWaveDirect
       self.instance_eval <<-RUBY, __FILE__, __LINE__+1
         attr_accessor   :skip_is_attached_validations
         unless defined?(ActiveModel::ForbiddenAttributesProtection) && ancestors.include?(ActiveModel::ForbiddenAttributesProtection)
-          attr_accessible :key, :remote_#{column}_net_url
+          attr_accessible :#{column}_key, :remote_#{column}_net_url
         end
       RUBY
 

data/lib/carrierwave_direct/test/capybara_helpers.rb

@@ -33,12 +33,14 @@ module CarrierWaveDirect
             sample_key_args.unshift(uploader) if method(:sample_key).arity == -2
             options[:redirect_key] = sample_key(*sample_key_args)
           end
-
+          
+          redirect_url_params = Rack::Utils.parse_nested_query(redirect_url.query)
+          
           redirect_url.query = Rack::Utils.build_nested_query({
             :bucket => uploader.fog_directory,
             :key => options[:redirect_key],
             :etag => "\"d41d8cd98f00b204e9800998ecf8427\""
-          })
+          }.merge(redirect_url_params))
 
           # click the button
           click_button button_locator

data/lib/carrierwave_direct/uploader.rb

@@ -1,5 +1,6 @@
 # encoding: utf-8
 
+require "securerandom"
 require "carrierwave_direct/uploader/content_type"
 require "carrierwave_direct/uploader/direct_url"
 
@@ -25,29 +26,50 @@ module CarrierWaveDirect
     include CarrierWaveDirect::Uploader::ContentType
     include CarrierWaveDirect::Uploader::DirectUrl
 
+    #ensure that region returns something. Since sig v4 it is required in the signing key & credentials
+    def region
+      defined?(super) ? super : "us-east-1"
+    end
+
     def acl
       fog_public ? 'public-read' : 'private'
     end
 
-    def policy(options = {})
+    def policy(options = {}, &block)
       options[:expiration] ||= upload_expiration
       options[:min_file_size] ||= min_file_size
       options[:max_file_size] ||= max_file_size
 
-      @policy ||= generate_policy(options)
+      @date ||= Time.now.utc.strftime("%Y%m%d")
+      @timestamp ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
+      @policy ||= generate_policy(options, &block)
+    end
+
+    def date
+      @timestamp ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
+    end
+
+    def algorithm
+      'AWS4-HMAC-SHA256'
+    end
+
+    def credential
+      @date ||= Time.now.utc.strftime("%Y%m%d")
+      "#{aws_access_key_id}/#{@date}/#{region}/s3/aws4_request"
     end
 
     def clear_policy!
       @policy = nil
+      @date = nil
+      @timestamp = nil
     end
 
     def signature
-      Base64.encode64(
-        OpenSSL::HMAC.digest(
-          OpenSSL::Digest.new('sha1'),
-          aws_secret_access_key, policy
-        )
-      ).gsub("\n","")
+      OpenSSL::HMAC.hexdigest(
+        'sha256',
+        signing_key,
+        policy
+      )
     end
 
     def url_scheme_white_list
@@ -61,7 +83,8 @@ module CarrierWaveDirect
     def key
       return @key if @key.present?
       if present?
-        self.key = decoded_key # explicitly set key
+        identifier = model.send("#{mounted_as}_identifier")
+        self.key = "#{store_dir}/#{identifier}"
       else
         @key = "#{store_dir}/#{guid}/#{FILENAME_WILDCARD}"
       end
@@ -74,7 +97,7 @@ module CarrierWaveDirect
     end
 
     def guid
-      UUIDTools::UUID.random_create
+      SecureRandom.uuid
     end
 
     def has_key?
@@ -133,11 +156,13 @@ module CarrierWaveDirect
     end
 
     def generate_policy(options)
-      conditions = [
-        ["starts-with", "$utf8", ""],
-        ["starts-with", "$key", key.sub(/#{Regexp.escape(FILENAME_WILDCARD)}\z/, "")]
-      ]
+      conditions = []
 
+      conditions << ["starts-with", "$utf8", ""] if options[:enforce_utf8]
+      conditions << ["starts-with", "$key", key.sub(/#{Regexp.escape(FILENAME_WILDCARD)}\z/, "")]
+      conditions << {'X-Amz-Algorithm' => algorithm}
+      conditions << {'X-Amz-Credential' => credential}
+      conditions << {'X-Amz-Date' => date}
       conditions << ["starts-with", "$Content-Type", ""] if will_include_content_type
       conditions << {"bucket" => fog_directory}
       conditions << {"acl" => acl}
@@ -150,12 +175,25 @@ module CarrierWaveDirect
 
       conditions << ["content-length-range", options[:min_file_size], options[:max_file_size]]
 
+      yield conditions if block_given?
+
       Base64.encode64(
         {
-          'expiration' => Time.now.utc + options[:expiration],
+          'expiration' => (Time.now + options[:expiration]).utc.iso8601,
           'conditions' => conditions
         }.to_json
       ).gsub("\n","")
     end
+
+    def signing_key(options = {})
+      @date ||= Time.now.utc.strftime("%Y%m%d")
+      #AWS Signature Version 4
+      kDate    = OpenSSL::HMAC.digest('sha256', "AWS4" + aws_secret_access_key, @date)
+      kRegion  = OpenSSL::HMAC.digest('sha256', kDate, region)
+      kService = OpenSSL::HMAC.digest('sha256', kRegion, 's3')
+      kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")
+
+      kSigning
+    end
   end
 end

data/lib/carrierwave_direct/validations/active_model.rb

@@ -22,7 +22,7 @@ module CarrierWaveDirect
 
       class FilenameFormatValidator < ::ActiveModel::EachValidator
         def validate_each(record, attribute, value)
-          if record.send("has_#{attribute}_upload?") && record.key !~ record.send(attribute).key_regexp
+          if record.send("has_#{attribute}_upload?") && record.send("#{attribute}_key") !~ record.send(attribute).key_regexp
             extensions = record.send(attribute).extension_white_list
             message = I18n.t("errors.messages.carrierwave_direct_filename_invalid")
 

data/lib/carrierwave_direct/version.rb

@@ -1,6 +1,6 @@
 # encoding: utf-8
 
 module CarrierwaveDirect
-  VERSION = "0.0.15"
+  VERSION = "1.0.0"
 end
 

data/lib/carrierwave_direct.rb

@@ -1,8 +1,7 @@
 # encoding: utf-8
 
 require "carrierwave"
-require "uuidtools"
-require "fog"
+require "fog/aws"
 
 module CarrierWaveDirect
 

data/spec/form_builder_spec.rb

@@ -12,11 +12,13 @@ end
 shared_examples_for 'hidden values form' do
   hidden_fields = [
                     :key,
-                    {:aws_access_key_id => "AWSAccessKeyId"},
+                    {:credential => "X-Amz-Credential"},
+                    {:algorithm => "X-Amz-Algorithm"},
+                    {:date => "X-Amz-Date"},
+                    {:signature => "X-Amz-Signature"},
                     :acl,
                     :success_action_redirect,
-                    :policy,
-                    :signature
+                    :policy
                   ]
 
   hidden_fields.each do |input|
@@ -60,19 +62,23 @@ describe CarrierWaveDirect::FormBuilder do
 
     default_hidden_fields = [
                       :key,
-                      {:aws_access_key_id => "AWSAccessKeyId"},
+                      {:credential => "X-Amz-Credential"},
+                      {:algorithm => "X-Amz-Algorithm"},
+                      {:date => "X-Amz-Date"},
+                      {:signature => "X-Amz-Signature"},
                       :acl,
                       :success_action_redirect,
                       :policy,
-                      :signature
                     ]
     status_hidden_fields = [
                       :key,
-                      {:aws_access_key_id => "AWSAccessKeyId"},
+                      {:credential => "X-Amz-Credential"},
+                      {:algorithm => "X-Amz-Algorithm"},
+                      {:date => "X-Amz-Date"},
+                      {:signature => "X-Amz-Signature"},
                       :acl,
                       :success_action_status,
                       :policy,
-                      :signature
                     ]
 
     # http://aws.amazon.com/articles/1434?_encoding=UTF8

data/spec/mount_spec.rb

@@ -40,7 +40,7 @@ describe CarrierWaveDirect::Mount do
       end
     end
 
-    it_should_delegate(:key, :to => "video#key", :accessible => { "has_video_upload?" => false })
+    it_should_delegate(:video_key, :to => "video#key", :accessible => { "has_video_upload?" => false })
   end
 end
 

data/spec/orm/activerecord_spec.rb

@@ -9,8 +9,12 @@ describe CarrierWaveDirect::ActiveRecord do
     :adapter => 'sqlite3',
     :database => ':memory:'
   }
-
-  class TestMigration < ActiveRecord::Migration
+  if ActiveRecord::VERSION::MAJOR >= 5
+    migration_class = ::ActiveRecord::Migration[5.0]
+  else
+    migration_class = ::ActiveRecord::Migration
+  end
+  class TestMigration < migration_class
     def self.up
       create_table :parties, :force => true do |t|
         t.column :video, :string
@@ -19,6 +23,9 @@ describe CarrierWaveDirect::ActiveRecord do
       create_table :dances, :force => true do |t|
         t.column :location, :string
       end
+      create_table :resources, :force => true do |t|
+        t.column :file, :string
+      end
     end
 
     def self.down
@@ -34,6 +41,10 @@ describe CarrierWaveDirect::ActiveRecord do
   class Dance < ActiveRecord::Base
   end
 
+  class Resource < ActiveRecord::Base
+    mount_uploader :file, DirectUploader
+  end
+
   ActiveRecord::Base.establish_connection(dbconfig)
 
   # turn off migration output
@@ -111,7 +122,7 @@ describe CarrierWaveDirect::ActiveRecord do
     shared_examples_for "without an upload" do
       before do
         subject.remote_video_net_url = remote_video_net_url
-        subject.key = upload_path
+        subject.video_key = upload_path
       end
 
       it "should not be valid on create" do
@@ -162,7 +173,7 @@ describe CarrierWaveDirect::ActiveRecord do
         let(:dance) { Dance.new }
 
         before { Dance.mount_uploader(:non_existing_column, DirectUploader, mount_on: :location)    }
-        before { dance.non_existing_column.key = sample_key}
+        before { dance.non_existing_column_key = sample_key}
 
         it "uses the column it's mounted on for checking uniqueness" do
           expect { dance.valid? }.to_not raise_error
@@ -212,7 +223,7 @@ describe CarrierWaveDirect::ActiveRecord do
       context "where the file upload is" do
         context "nil" do
           before do
-            subject.key = nil
+            subject.video_key = nil
           end
 
           it "should be valid" do
@@ -222,7 +233,7 @@ describe CarrierWaveDirect::ActiveRecord do
 
         context "blank" do
           before do
-            subject.key = ""
+            subject.video_key = ""
           end
 
           it "should be valid" do
@@ -238,7 +249,7 @@ describe CarrierWaveDirect::ActiveRecord do
 
         context "and the uploaded file's extension is included in the list" do
           before do
-            subject.key = sample_key(:extension => "avi")
+            subject.video_key = sample_key(:extension => "avi")
           end
 
           it "should be valid" do
@@ -248,7 +259,7 @@ describe CarrierWaveDirect::ActiveRecord do
 
         context "but uploaded file's extension is not included in the list" do
           before do
-            subject.key = sample_key(:extension => "mp3")
+            subject.video_key = sample_key(:extension => "mp3")
           end
 
           it_should_behave_like "an invalid filename"
@@ -468,7 +479,7 @@ describe CarrierWaveDirect::ActiveRecord do
 
         context "with an upload by file" do
           before do
-            subject.key = sample_key
+            subject.video_key = sample_key
           end
 
           it "should be valid" do
@@ -520,7 +531,7 @@ describe CarrierWaveDirect::ActiveRecord do
 
     describe "#key" do
       it "should be accessible" do
-        party_class.new(:key => "some key").key.should == "some key"
+        party_class.new(:video_key => "some key").video_key.should == "some key"
       end
     end
 
@@ -554,7 +565,7 @@ describe CarrierWaveDirect::ActiveRecord do
       context "has an upload" do
         context "with a valid filename" do
           before do
-            subject.key = sample_key(:model_class => subject.class)
+            subject.video_key = sample_key(:model_class => subject.class)
           end
 
           it "should be true" do
@@ -565,7 +576,7 @@ describe CarrierWaveDirect::ActiveRecord do
         end
 
         context "with an invalid filename" do
-          before { subject.key = sample_key(:model_class => subject.class, :valid => false) }
+          before { subject.video_key = sample_key(:model_class => subject.class, :valid => false) }
 
           it "should be false" do
             subject.filename_valid?.should be false
@@ -582,4 +593,28 @@ describe CarrierWaveDirect::ActiveRecord do
       end
     end
   end
+
+  describe "class Resource < ActiveRecord::Base; mount_uploader :file, DirectUploader; end" do
+    include UploaderHelpers
+    include ModelHelpers
+
+    let(:resource_class) do
+      Class.new(Resource)
+    end
+
+    let(:subject) do
+      resource = resource_class.new
+    end
+
+    def mount_uploader
+      resource_class.mount_uploader :file, DirectUploader
+    end
+
+    #See resource table migration
+    it "should be valid still when a file column exists in table" do
+      expect(subject).to be_valid
+    end
+
+
+  end
 end

data/spec/orm/indirect_activerecord_spec.rb

@@ -10,7 +10,13 @@ describe CarrierWave::ActiveRecord do
     :database => ':memory:'
   }
 
-  class OtherTestMigration < ActiveRecord::Migration
+  if ActiveRecord::VERSION::MAJOR >= 5
+    migration_class = ::ActiveRecord::Migration[5.0]
+  else
+    migration_class = ::ActiveRecord::Migration
+  end
+
+  class OtherTestMigration < migration_class
     def self.up
       create_table :other_parties, :force => true do |t|
         t.column :video, :string

data/spec/support/view_helpers.rb

@@ -10,7 +10,7 @@ module ViewHelpers
   end
 
   def have_parent_selector(options = {})
-    have_selector(:xpath, parent_selector_xpath, options)
+    have_selector(:xpath, parent_selector_xpath, options.merge(visible: false))
   end
 
   def parent_selector_xpath

data/spec/test/capybara_helpers_spec.rb

@@ -44,7 +44,7 @@ describe CarrierWaveDirect::Test::CapybaraHelpers do
 
     def stub_common
       stub_page
-      find_element_value("input[name='success_action_redirect']", "http://example.com", visible: false)
+      find_element_value("input[name='success_action_redirect']", "http://example.com?custom_param=value", visible: false)
       allow(subject).to receive(:visit)
     end
 
@@ -79,8 +79,8 @@ describe CarrierWaveDirect::Test::CapybaraHelpers do
 
       it_should_behave_like "submitting the form"
 
-      it "should redirect to the page's success_action_redirect url" do
-        expect(subject).to receive(:visit).with(/^http:\/\/example.com/)
+      it "should redirect to the page's success_action_redirect url and preserve custom parameters" do
+        expect(subject).to receive(:visit).with(/^http:\/\/example.com\?.*custom_param=value/)
         upload_directly
       end
 
@@ -160,4 +160,3 @@ describe CarrierWaveDirect::Test::CapybaraHelpers do
     end
   end
 end
-

data/spec/uploader/direct_url_spec.rb

@@ -7,6 +7,8 @@ describe CarrierWaveDirect::Uploader::DirectUrl do
 
   let(:subject) { DirectUploader.new }
 
+  let(:mounted_subject) { DirectUploader.new(mounted_model, sample(:mounted_as)) }
+
   describe "#direct_fog_url" do
     it "should return the result from CarrierWave::Storage::Fog::File#public_url" do
       expect(subject.direct_fog_url).to eq CarrierWave::Storage::Fog::File.new(
@@ -22,6 +24,3 @@ describe CarrierWaveDirect::Uploader::DirectUrl do
     end
   end
 end
-
-
-

data/spec/uploader_spec.rb

@@ -7,7 +7,7 @@ describe CarrierWaveDirect::Uploader do
   include ModelHelpers
 
   let(:subject) { DirectUploader.new }
-  let(:mounted_model) { double(sample(:mounted_model_name)) }
+  let(:mounted_model) { double(sample(:mounted_model_name), video_identifier: sample(:stored_filename)) }
   let(:mounted_subject) { DirectUploader.new(mounted_model, sample(:mounted_as)) }
   let(:direct_subject) { DirectUploader.new }
 
@@ -73,6 +73,7 @@ describe CarrierWaveDirect::Uploader do
 
       context "but the uploaders url is '#{sample(:s3_file_url)}'" do
         before do
+          allow(mounted_subject).to receive(:store_dir).and_return(sample(:store_dir))
           allow(mounted_subject).to receive(:url).and_return(sample(:s3_file_url))
           allow(mounted_subject).to receive(:present?).and_return(true)
         end
@@ -253,19 +254,6 @@ describe CarrierWaveDirect::Uploader do
         end
       end
 
-      context "and the model's remote url contains already escaped characters" do
-        before do
-          subject.key = nil
-          allow(subject).to receive(:present?).and_return(:true)
-          allow(subject).to receive(:url).and_return("http://anyurl.com/any_path/video_dir/filename%20%28%29%2B%5B%5D2.avi")
-        end
-
-        it "should not double escape already escaped characters" do
-          expect(subject.key).to match /filename \(\)\+\[\]2.avi/
-        end
-
-      end
-
       context "and the model's remote #{sample(:mounted_as)} url is blank" do
         before do
           allow(mounted_model).to receive(
@@ -287,10 +275,30 @@ describe CarrierWaveDirect::Uploader do
   end
 
   # http://aws.amazon.com/articles/1434?_encoding=UTF8
+  #http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html
   describe "#policy" do
-    def decoded_policy(options = {})
+
+
+    def decoded_policy(options = {}, &block)
       instance = options.delete(:subject) || subject
-      JSON.parse(Base64.decode64(instance.policy(options)))
+      JSON.parse(Base64.decode64(instance.policy(options, &block)))
+    end
+
+    context "policy is given a block" do
+      it "should yield the options to the block" do
+        number = 0
+        subject.policy do |conditions|
+          number+=1
+        end
+        expect(number).to eq 1
+      end
+      it "should include new options in the conditions" do
+        policy = subject.policy do |conditions|
+          conditions << {"x-aws-storage-class" => "STANDARD"}
+        end
+        decoded = JSON.parse(Base64.decode64(policy))
+        expect(decoded['conditions'].last['x-aws-storage-class']).to eq "STANDARD"
+      end
     end
 
     it "should return Base64-encoded JSON" do
@@ -316,14 +324,15 @@ describe CarrierWaveDirect::Uploader do
         decoded_policy(options)["expiration"]
       end
 
+      # JSON times have no seconds, so accept upto one second inaccuracy
       def have_expiration(expires_in = DirectUploader.upload_expiration)
-        eql(
-          Time.parse(
-            JSON.parse({
-              "expiry" => Time.now + expires_in
-            }.to_json)["expiry"]
-          )
-        )
+        be_within(1.second).of (Time.now + expires_in)
+      end
+
+      it "should be valid ISO8601 and not use default Time#to_json" do
+        Time.any_instance.stub(:to_json) { '"Invalid time"' } # JSON gem
+        Time.any_instance.stub(:as_json) { '"Invalid time"' } # Active Support
+        expect { Time.iso8601(expiration) }.to_not raise_error
       end
 
       it "should be #{DirectUploader.upload_expiration / 3600} hours from now" do
@@ -353,9 +362,12 @@ describe CarrierWaveDirect::Uploader do
       end
 
       context "should include" do
-        # Rails form builder conditions
-        it "'utf8'" do
-          expect(conditions).to have_condition(:utf8)
+        it "'utf8' if enforce_ut8 is set" do
+          expect(conditions(enforce_utf8: true)).to have_condition(:utf8)
+        end
+
+        it "'utf8' if enforce_ut8 is set" do
+          expect(conditions).to_not have_condition(:utf8)
         end
 
         # S3 conditions
@@ -467,13 +479,24 @@ describe CarrierWaveDirect::Uploader do
       expect(subject.signature).to_not include("\n")
     end
 
-    it "should return a base64 encoded 'sha1' hash of the secret key and policy document" do
-      expect(Base64.decode64(subject.signature)).to eq OpenSSL::HMAC.digest(
-        OpenSSL::Digest.new('sha1'),
-        subject.aws_secret_access_key, subject.policy
+    it "should return a HMAC hexdigest encoded 'sha256' hash of the secret key and policy document" do
+      expect(subject.signature).to eq OpenSSL::HMAC.hexdigest(
+        OpenSSL::Digest.new('sha256'),
+        subject.send(:signing_key), subject.policy
       )
     end
   end
+  #http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html
+  describe "#signature_key" do
+    it "should include correct signature_key elements" do
+      kDate    = OpenSSL::HMAC.digest('sha256', "AWS4" + subject.aws_secret_access_key, Time.now.utc.strftime("%Y%m%d"))
+      kRegion  = OpenSSL::HMAC.digest('sha256', kDate, subject.region)
+      kService = OpenSSL::HMAC.digest('sha256', kRegion, 's3')
+      kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")
+
+      expect(subject.send(:signing_key)).to eq (kSigning)
+    end
+  end
 
 
   # note that 'video' is hardcoded into the MountedClass support file

metadata

@@ -1,45 +1,31 @@
 --- !ruby/object:Gem::Specification
 name: carrierwave_direct
 version: !ruby/object:Gem::Version
-  version: 0.0.15
+  version: 1.0.0
 platform: ruby
 authors:
 - David Wilkie
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-25 00:00:00.000000000 Z
+date: 2018-07-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: carrierwave
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.11'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: uuidtools
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.11'
 - !ruby/object:Gem::Dependency
-  name: fog
+  name: fog-aws
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -137,9 +123,8 @@ files:
 - README.md
 - Rakefile
 - carrierwave_direct.gemspec
-- gemfiles/3.2.gemfile
-- gemfiles/4.0.gemfile
-- gemfiles/4.1.gemfile
+- gemfiles/4.2.gemfile
+- gemfiles/5.1.gemfile
 - lib/carrierwave_direct.rb
 - lib/carrierwave_direct/action_view_extensions/form_helper.rb
 - lib/carrierwave_direct/form_builder.rb
@@ -187,7 +172,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.0
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -195,7 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: carrierwave_direct
-rubygems_version: 2.2.2
+rubygems_version: 2.5.2.3
 signing_key: 
 specification_version: 4
 summary: Upload direct to S3 using CarrierWave

data/gemfiles/3.2.gemfile

@@ -1,14 +0,0 @@
-source "https://rubygems.org"
-
-gem "carrierwave"
-gem "uuidtools"
-gem "fog"
-
-group :test do
-  gem "rspec", '3.0.0'
-  gem "timecop"
-  gem "rails", "~>3.2.12"
-  gem "sqlite3", :platform => [:ruby, :mswin, :mingw]
-  gem "capybara"
-  # gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby
-end