carrierwave_direct 2.0.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2e621e1fb10f3bba48a832af319f33b716bd776f
-  data.tar.gz: 23229444c9b6dd113103e936540595ce02043a85
+SHA256:
+  metadata.gz: fc82b1086314ce00c9bda47de03a897ecd59f1e3dca2f0b7617de586c572e129
+  data.tar.gz: dea3d79dfd532cf823f49eb22790c39aeffa5d273b3010763345f0ccb00fb201
 SHA512:
-  metadata.gz: d3aba2a7b886f6d49d29dc76be5a0de541809dc3056da4c56bf7c93cf35b5437f3b231cbed14b45773f024fcfbddcd08c27e771369a238ba442da780177db5c3
-  data.tar.gz: 50b38cd5b7fe29eb7c0037390e712f3618ec68eb8e28d491bd2b0b9097c45b581698ff6e9573507cefa1aa58431a2900f92adf593ded249c87cd972b2936e6d7
+  metadata.gz: f489411ef1403569962e800e548e0511a258d1861b577c13d822d26a3d662e216694c213f43ba07898feabc47d2f5b9e6b3ac2b4df27a11a2826e97b07ea685f
+  data.tar.gz: b604ac58fe82f7d10077855f562665f93f7edf54261bc2f3556b9ed6fd7f378c5626dc9f7a0fad9218b8fa05802b4cc8d2a29023c20f6f18b760b4b8b66a816d

data/.travis.yml

@@ -5,10 +5,10 @@ rvm:
 
 script: 'bundle exec rspec spec'
 gemfile:
-  - Gemfile
   - gemfiles/4.2.gemfile
   - gemfiles/5.1.gemfile
-  
+  - gemfiles/5.2.gemfile
+
 # Move to containerized travis, see http://docs.travis-ci.com/user/migrating-from-legacy
 sudo: false
 cache: bundler

data/Changelog.md

@@ -1,3 +1,14 @@
+### 2.1.0
+
+Features:
+  * Refactor policies to seperate classes and add back the old policy for
+    backwards compatibility.
+  * Added `direct_fog_hash` method that can be used for returning json
+
+Misc:
+  * Removed deprecated `key` methods.
+  * Removed deprecated `:with_path` option for `direct_fog_url`
+
 ### 2.0.0
 
 Features:
@@ -10,7 +21,7 @@ Misc:
 ### 1.1.0
 
 Deprecations:
-  * Calling `direct_for_url` with `:with_path` is deprecated, please use `url` instead.
+  * Calling `direct_fog_url` with `:with_path` is deprecated, please use `url` instead.
 
 ### 1.0.0
 

data/README.md

@@ -363,7 +363,7 @@ Your users may find it convenient to upload a file from a location on the Intern
 class User < ActiveRecord::Base
   def save_and_process_avatar(options = {})
     if options[:now]
-      self.remote_avatar_url = has_remote_avatar_net_url? ? remote_avatar_net_url : avatar.direct_fog_url(:with_path => true)
+      self.remote_avatar_url = has_remote_avatar_net_url? ? remote_avatar_net_url : avatar.url
       save
     else
       Resque.enqueue(AvatarProcessor, attributes)

data/carrierwave_direct.gemspec

@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
   s.add_dependency "carrierwave", '>= 1.0.0'
   s.add_dependency "fog-aws"
 
-  s.add_development_dependency "rspec"
+  s.add_development_dependency "rspec", '~> 3.0'
   s.add_development_dependency "timecop"
   s.add_development_dependency "rails", ">= 3.2.12"
   s.add_development_dependency "sqlite3"

data/gemfiles/5.2.gemfile

@@ -0,0 +1,13 @@
+source "https://rubygems.org"
+
+gem "carrierwave"
+gem "fog-aws"
+
+group :test do
+  gem "rspec", '~> 3.0'
+  gem "timecop"
+  gem "rails", "~>5.2.0"
+  gem "sqlite3", :platform => [:ruby, :mswin, :mingw]
+  gem "capybara"
+  # gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby
+end

data/lib/carrierwave_direct/form_builder.rb

@@ -5,19 +5,21 @@ module CarrierWaveDirect
     def file_field(method, options = {})
       @object.policy(enforce_utf8: true)
 
-      options.merge!(:name => "file")
-
-      fields = required_base_fields
-
-      fields << content_type_field(options)
-
-      fields << success_action_field(options)
+      fields = hidden_fields(options)
 
       # The file field must be the last element in the form.
       # Any element after this will be ignored by Amazon.
+      options.merge!(:name => "file")
+
       fields << super
     end
 
+    def fields_except_file_field(options = {})
+      @object.policy(enforce_utf8: true)
+
+      hidden_fields(options)
+    end
+
     def content_type_label(content=nil)
       content ||= 'Content Type'
       @template.label_tag('Content-Type', content)
@@ -29,14 +31,28 @@ module CarrierWaveDirect
 
     private
 
+    def hidden_fields(options)
+      fields = required_base_fields
+      fields << content_type_field(options)
+      fields << success_action_field(options)
+      fields
+    end
+
     def required_base_fields
-      hidden_field(:key,                     :name => "key") <<
-      hidden_field(:acl,                     :name => "acl") <<
-      hidden_field(:policy,                  :name => "policy") <<
-      hidden_field(:signature,               :name => "X-Amz-Signature") <<
-      hidden_field(:credential,              :name => "X-Amz-Credential") <<
-      hidden_field(:algorithm,               :name => "X-Amz-Algorithm") <<
-      hidden_field(:date,                    :name => "X-Amz-Date")
+      fields = ''.html_safe
+      @object.direct_fog_hash(enforce_utf8: true).each do |key, value|
+        normalized_keys = {
+          'X-Amz-Signature':  'signature',
+          'X-Amz-Credential': 'credential',
+          'X-Amz-Algorithm':  'algorithm',
+          'X-Amz-Date': 'date'
+        }
+        id = "#{@template.dom_class(@object)}_#{normalized_keys[key] || key}"
+        if key != :uri
+          fields << @template.hidden_field_tag(key, value, id: id, required: false)
+        end
+      end
+      fields
     end
 
     def content_type_field(options)

data/lib/carrierwave_direct/mount.rb

@@ -14,7 +14,7 @@ module CarrierWaveDirect
            def #{column}; self; end
         RUBY
       end
- 
+
       self.instance_eval <<-RUBY, __FILE__, __LINE__+1
         attr_accessor :remote_#{column}_net_url
       RUBY
@@ -23,16 +23,6 @@ module CarrierWaveDirect
       include mod
       mod.class_eval <<-RUBY, __FILE__, __LINE__+1
 
-        def key
-          warn "key method is deprecated, please use column_key method instead."
-          send(:#{column}).key
-        end
-
-        def key=(k)
-          warn "key= method is deprecated, please use column_key= method instead."
-          send(:#{column}).key = k
-        end
-
         def #{column}_key
           send(:#{column}).key
         end

data/lib/carrierwave_direct/policies/aws4_hmac_sha256.rb

@@ -0,0 +1,93 @@
+require "carrierwave_direct/policies/base"
+
+module CarrierWaveDirect
+  module Policies
+    class Aws4HmacSha256 < Base
+
+      def direct_fog_hash(policy_options = {})
+        {
+          key:                uploader.key,
+          acl:                uploader.acl,
+          policy:             policy(policy_options),
+          'X-Amz-Signature':  signature,
+          'X-Amz-Credential': credential,
+          'X-Amz-Algorithm':  algorithm,
+          'X-Amz-Date':       date,
+          uri:                uploader.direct_fog_url,
+        }
+      end
+
+      def date
+        timestamp.strftime("%Y%m%dT%H%M%SZ")
+      end
+
+      def generate(options, &block)
+
+        return @policy if @policy.present?
+        conditions = []
+
+        conditions << ["starts-with", "$utf8", ""] if options[:enforce_utf8]
+        conditions << ["starts-with", "$key", uploader.key.sub(/#{Regexp.escape(CarrierWaveDirect::Uploader::FILENAME_WILDCARD)}\z/, "")]
+        conditions << {'X-Amz-Algorithm' => algorithm}
+        conditions << {'X-Amz-Credential' => credential}
+        conditions << {'X-Amz-Date' => date }
+        conditions << ["starts-with", "$Content-Type", ""] if uploader.will_include_content_type
+        conditions << {"bucket" => uploader.fog_directory}
+        conditions << {"acl" => uploader.acl}
+
+        if uploader.use_action_status
+          conditions << {"success_action_status" => uploader.success_action_status}
+        else
+          conditions << {"success_action_redirect" => uploader.success_action_redirect}
+        end
+
+        conditions << ["content-length-range", options[:min_file_size], options[:max_file_size]]
+
+        yield conditions if block_given?
+
+        @policy = Base64.encode64(
+          {
+            'expiration' => (Time.now + options[:expiration]).utc.iso8601,
+            'conditions' => conditions
+          }.to_json
+        ).gsub("\n","")
+      end
+
+      def credential
+        "#{uploader.aws_access_key_id}/#{timestamp.strftime("%Y%m%d")}/#{uploader.region}/s3/aws4_request"
+      end
+
+      def algorithm
+        'AWS4-HMAC-SHA256'
+      end
+
+      def clear!
+        super
+        @timestamp = nil
+      end
+
+      def signature
+        OpenSSL::HMAC.hexdigest(
+          'sha256',
+          signing_key,
+          policy
+        )
+      end
+
+      def signing_key(options = {})
+        #AWS Signature Version 4
+        kDate    = OpenSSL::HMAC.digest('sha256', "AWS4" + uploader.aws_secret_access_key, timestamp.strftime("%Y%m%d"))
+        kRegion  = OpenSSL::HMAC.digest('sha256', kDate, uploader.region)
+        kService = OpenSSL::HMAC.digest('sha256', kRegion, 's3')
+        kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")
+
+        kSigning
+      end
+
+      def timestamp
+        @timestamp ||= Time.now.utc
+      end
+
+    end
+  end
+end

data/lib/carrierwave_direct/policies/aws_base64_sha1.rb

@@ -0,0 +1,57 @@
+require "carrierwave_direct/policies/base"
+
+module CarrierWaveDirect
+  module Policies
+    class AwsBase64Sha1 < Base
+      def signature
+        Base64.encode64(
+          OpenSSL::HMAC.digest(
+            OpenSSL::Digest.new('sha1'),
+            uploader.aws_secret_access_key, policy
+          )
+        ).gsub("\n", "")
+      end
+
+      def direct_fog_hash(policy_options = {})
+        {
+          key:            uploader.key,
+          AWSAccessKeyId: uploader.aws_access_key_id,
+          acl:            uploader.acl,
+          policy:         policy(policy_options),
+          signature:      signature,
+          uri:            uploader.direct_fog_url
+        }
+      end
+
+      def generate(options, &block)
+
+        return @policy if @policy.present?
+        conditions = []
+
+        conditions << ["starts-with", "$utf8", ""] if options[:enforce_utf8]
+        conditions << ["starts-with", "$key", uploader.key.sub(/#{Regexp.escape(CarrierWaveDirect::Uploader::FILENAME_WILDCARD)}\z/, "")]
+        conditions << ["starts-with", "$Content-Type", ""] if uploader.will_include_content_type
+        conditions << {"bucket" => uploader.fog_directory}
+        conditions << {"acl" => uploader.acl}
+
+        if uploader.use_action_status
+          conditions << {"success_action_status" => uploader.success_action_status}
+        else
+          conditions << {"success_action_redirect" => uploader.success_action_redirect}
+        end
+
+        conditions << ["content-length-range", options[:min_file_size], options[:max_file_size]]
+
+        yield conditions if block_given?
+
+        @policy = Base64.encode64(
+          {
+            'expiration' => (Time.now + options[:expiration]).utc.iso8601,
+            'conditions' => conditions
+          }.to_json
+        ).gsub("\n","")
+      end
+
+    end
+  end
+end

data/lib/carrierwave_direct/policies/base.rb

@@ -0,0 +1,21 @@
+module CarrierWaveDirect
+  module Policies
+    class Base
+      attr_reader :uploader
+      def initialize(uploader)
+        @uploader = uploader
+      end
+
+      def policy(options = {}, &block)
+        options[:expiration] ||= uploader.upload_expiration
+        options[:min_file_size] ||= uploader.min_file_size
+        options[:max_file_size] ||= uploader.max_file_size
+        @policy ||= generate(options, &block)
+      end
+
+      def clear!
+        @policy = nil
+      end
+    end
+  end
+end

data/lib/carrierwave_direct/uploader.rb

@@ -2,7 +2,8 @@
 
 require "securerandom"
 require "carrierwave_direct/uploader/content_type"
-require "carrierwave_direct/uploader/direct_url"
+require "carrierwave_direct/policies/aws_base64_sha1"
+require "carrierwave_direct/policies/aws4_hmac_sha256"
 
 module CarrierWaveDirect
   module Uploader
@@ -24,7 +25,6 @@ module CarrierWaveDirect
     end
 
     include CarrierWaveDirect::Uploader::ContentType
-    include CarrierWaveDirect::Uploader::DirectUrl
 
     #ensure that region returns something. Since sig v4 it is required in the signing key & credentials
     def region
@@ -36,40 +36,27 @@ module CarrierWaveDirect
     end
 
     def policy(options = {}, &block)
-      options[:expiration] ||= upload_expiration
-      options[:min_file_size] ||= min_file_size
-      options[:max_file_size] ||= max_file_size
-
-      @date ||= Time.now.utc.strftime("%Y%m%d")
-      @timestamp ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
-      @policy ||= generate_policy(options, &block)
+      signing_policy.policy(options, &block)
     end
 
     def date
-      @timestamp ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
+      signing_policy.date
     end
 
     def algorithm
-      'AWS4-HMAC-SHA256'
+      signing_policy.algorithm
     end
 
     def credential
-      @date ||= Time.now.utc.strftime("%Y%m%d")
-      "#{aws_access_key_id}/#{@date}/#{region}/s3/aws4_request"
+      signing_policy.credential
     end
 
     def clear_policy!
-      @policy = nil
-      @date = nil
-      @timestamp = nil
+      signing_policy.clear!
     end
 
     def signature
-      OpenSSL::HMAC.hexdigest(
-        'sha256',
-        signing_key,
-        policy
-      )
+      signing_policy.signature
     end
 
     def url_scheme_white_list
@@ -80,13 +67,22 @@ module CarrierWaveDirect
       false
     end
 
+    def signing_policy_class
+      @signing_policy_class ||= Policies::Aws4HmacSha256
+    end
+
+    def signing_policy_class=(signing_policy_class)
+      @signing_policy_class = signing_policy_class
+    end
+
     def key
       return @key if @key.present?
       if present?
         identifier = model.send("#{mounted_as}_identifier")
-        self.key = "#{store_dir}/#{identifier}"
+        self.key = [store_dir, identifier].join("/")
       else
-        @key = "#{store_dir}/#{guid}/#{FILENAME_WILDCARD}"
+        guid = SecureRandom.uuid
+        @key = [store_dir, guid, FILENAME_WILDCARD].join("/")
       end
       @key
     end
@@ -96,10 +92,6 @@ module CarrierWaveDirect
       update_version_keys(:with => @key)
     end
 
-    def guid
-      SecureRandom.uuid
-    end
-
     def has_key?
       key !~ /#{Regexp.escape(FILENAME_WILDCARD)}\z/
     end
@@ -117,27 +109,37 @@ module CarrierWaveDirect
       unless has_key?
         # Use the attached models remote url to generate a new key otherwise return nil
         remote_url = model.send("remote_#{mounted_as}_url")
-        remote_url ? key_from_file(CarrierWave::SanitizedFile.new(remote_url).filename) : return
+        if remote_url
+          key_from_file(CarrierWave::SanitizedFile.new(remote_url).filename)
+        else
+          return
+        end
       end
 
-      key_path = key.split("/")
+      key_parts = key.split("/")
+      filename  = key_parts.pop
+      guid      = key_parts.pop
+
       filename_parts = []
-      filename_parts.unshift(key_path.pop)
-      unique_key = key_path.pop
-      filename_parts.unshift(unique_key) if unique_key
+      filename_parts << guid if guid
+      filename_parts << filename
       filename_parts.join("/")
     end
 
-    private
+    def direct_fog_url
+      CarrierWave::Storage::Fog::File.new(self, CarrierWave::Storage::Fog.new(self), nil).public_url
+    end
 
-    def decoded_key
-      URI.decode(URI.parse(url).path[1 .. -1])
+    def direct_fog_hash(policy_options = {})
+      signing_policy.direct_fog_hash(policy_options)
     end
 
-    def key_from_file(fname)
+    private
+
+    def key_from_file(filename)
       new_key_parts = key.split("/")
       new_key_parts.pop
-      new_key_parts << fname
+      new_key_parts << filename
       self.key = new_key_parts.join("/")
     end
 
@@ -155,45 +157,8 @@ module CarrierWaveDirect
       [for_file.chomp(extname), version_name].compact.join('_') << extname
     end
 
-    def generate_policy(options)
-      conditions = []
-
-      conditions << ["starts-with", "$utf8", ""] if options[:enforce_utf8]
-      conditions << ["starts-with", "$key", key.sub(/#{Regexp.escape(FILENAME_WILDCARD)}\z/, "")]
-      conditions << {'X-Amz-Algorithm' => algorithm}
-      conditions << {'X-Amz-Credential' => credential}
-      conditions << {'X-Amz-Date' => date}
-      conditions << ["starts-with", "$Content-Type", ""] if will_include_content_type
-      conditions << {"bucket" => fog_directory}
-      conditions << {"acl" => acl}
-
-      if use_action_status
-        conditions << {"success_action_status" => success_action_status}
-      else
-        conditions << {"success_action_redirect" => success_action_redirect}
-      end
-
-      conditions << ["content-length-range", options[:min_file_size], options[:max_file_size]]
-
-      yield conditions if block_given?
-
-      Base64.encode64(
-        {
-          'expiration' => (Time.now + options[:expiration]).utc.iso8601,
-          'conditions' => conditions
-        }.to_json
-      ).gsub("\n","")
-    end
-
-    def signing_key(options = {})
-      @date ||= Time.now.utc.strftime("%Y%m%d")
-      #AWS Signature Version 4
-      kDate    = OpenSSL::HMAC.digest('sha256', "AWS4" + aws_secret_access_key, @date)
-      kRegion  = OpenSSL::HMAC.digest('sha256', kDate, region)
-      kService = OpenSSL::HMAC.digest('sha256', kRegion, 's3')
-      kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")
-
-      kSigning
+    def signing_policy
+      @signing_policy ||= signing_policy_class.new(self)
     end
   end
 end