cloudinary 1.17.0 → 1.20.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e36bd9efd91c46b00fc0f52a3448ee076990a85b88a470e2cc8e7ccc610ed368
-  data.tar.gz: dbf3cb94bc5cae2b502b2ca1bea558c93c11e0f77d91fe0577e019452c2acc93
+  metadata.gz: 9b641514503d45c3a6c4e8ba5ed87f0f5b8e521260eda789212543be5ccf77a1
+  data.tar.gz: 0f65e99aa08e446f01d783af5284a1265aaa4f28a1e95c284addd30beb36ec8c
 SHA512:
-  metadata.gz: ba800e50f02feb8cd582a4ca42f6bdfe0fd77c6e36c9dd7e0c3314c9d944bafc451329c79276b02b417f04357aad5ff0ad71e32d3b433f36f2732bfbba70fa84
-  data.tar.gz: de478592b7552f4aa1b6459effe907b692d22b334b63eb1dc02e7a3ca5e0e5779c7fe82306d3211935df1964f085fdba0e3e6f159716a0055dc45e370be8f6c4
+  metadata.gz: 191f627013b5f97fca44e748fd1c4631f9af58a69680b02fdc6b4604e2ddf31216542fcb88e2d1daa825c0ff22a138f2c7d0b41d4895a69cc1b7eaa42a1ab16a
+  data.tar.gz: 8a5abe09f562e188e1e6d43d05f462939c62c4070ac50e93c3acaf876998e651aa2fc50775a10c5fb324d388fac9d599c5fe0e60480cdbbebeb7eedf699057e8

data/CHANGELOG.md

@@ -1,3 +1,64 @@
+1.20.0 / 2021-03-26
+==================
+
+New functionality and features
+------------------------------
+
+  * Add support for `download_backedup_asset` helper method
+  * Add support for `filename_override` upload parameter
+  * Add support for `SHA-256` algorithm in auth signatures
+    
+Other Changes
+-------------
+
+* Fix `type` parameter support in ActiveStorage service
+* Fix expression normalization in advanced cases
+* Add test for context metadata as user variables
+* Improve validation of auth token generation
+
+
+1.19.0 / 2021-03-05
+==================
+
+New functionality and features
+------------------------------
+
+* Add Account Provisioning API
+* Add support for `api_proxy` parameter
+* Add support for `date` parameter in `usage`  Admin API
+
+Other Changes
+-------------
+
+* Fix direct upload of raw files
+* Improve unit testing of add-ons
+* Change test for `eval` upload parameter
+* Bump vulnerable version of rubyzip
+* Fix `cloudinary.gemspec` glob issue
+
+1.18.1 / 2020-09-30
+===================
+
+  * Update embedded `jquery.cloudinary.js` to fix ES5 compatibility issue
+
+1.18.0 / 2020-09-27
+===================
+
+New functionality and features
+------------------------------
+  * Add `download_folder` helper
+  * Add support for `sources` in `video` tag
+  * Add structured metadata to Admin and Upload API
+  
+Other Changes
+-------------
+  * Fix download of a raw file in ActiveStorage
+  * Update embedded `jquery.cloudinary.js` to fix ES5 compatibility issue
+  
+1.17.1 / 2020-08-25
+===================
+
+  * Fix options handling issue in SassC
 
 1.17.0 / 2020-08-21
 ===================

data/cloudinary.gemspec

@@ -15,12 +15,17 @@ Gem::Specification.new do |s|
 
   s.rubyforge_project = "cloudinary"
 
-  s.files         = (`git ls-files`.split("\n") - `git ls-files {test,spec,features,samples}/*`.split("\n")) + Dir.glob("vendor/assets/javascripts/*/*") + Dir.glob("vendor/assets/html/*")
+  s.files         = `git ls-files`.split("\n").select { |f| !f.start_with?("test", "spec", "features", "samples") } + Dir.glob("vendor/assets/javascripts/*/*") + Dir.glob("vendor/assets/html/*")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
   s.add_dependency "aws_cf_signer"
-  s.add_dependency "rest-client"
+
+  if RUBY_VERSION >= "2.0.0"
+    s.add_dependency "rest-client", ">= 2.0.0"
+  else
+    s.add_dependency "rest-client"
+  end
 
   s.add_development_dependency "actionpack"
   s.add_development_dependency "nokogiri"
@@ -39,7 +44,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency "railties", "<= 4.2.7" if RUBY_VERSION <= "1.9.3"
   s.add_development_dependency "rspec-rails"
 
-  s.add_development_dependency "rubyzip", "<=1.2.0" # support testing Ruby 1.9
+  s.add_development_dependency "rubyzip"
 
   if RUBY_VERSION <= "2.4.0"
     s.add_development_dependency "simplecov", "<= 0.17.1" # support testing Ruby 1.9

data/lib/active_storage/service/cloudinary_service.rb

@@ -1,5 +1,6 @@
 require 'active_storage/blob_key'
 require 'cloudinary/helper'
+require 'net/http'
 
 unless ActiveStorage::Blob.method_defined? :original_key
   class ActiveStorage::Blob
@@ -57,7 +58,7 @@ module ActiveStorage
         url = Cloudinary::Utils.cloudinary_url(
           public_id(key),
           resource_type: resource_type(nil, key),
-          format: ext_for_file(filename, content_type),
+          format: ext_for_file(key, filename, content_type),
           **@options.merge(options.symbolize_keys)
         )
 
@@ -71,6 +72,14 @@ module ActiveStorage
       instrument :url, key: key do |payload|
         options = {:resource_type => resource_type(nil, key)}.merge(@options.merge(options.symbolize_keys))
         options[:public_id] = public_id_internal(key)
+        # Provide file format for raw files, since js client does not include original file name.
+        #
+        # When the file is uploaded from the server, the request includes original filename. That allows Cloudinary
+        # to identify file extension and append it to the public id of the file (raw files include file extension
+        # in their public id, opposed to transformable assets (images/video) that use only basename). When uploading
+        # through direct upload (client side js), filename is missing, and that leads to inconsistent/broken URLs.
+        # To avoid that, we explicitly pass file format in options.
+        options[:format] = ext_for_file(key) if options[:resource_type] == "raw"
         options[:context] = {active_storage_key: key}
         options.delete(:file)
         payload[:url] = api_uri("upload", options)
@@ -86,7 +95,12 @@ module ActiveStorage
 
     def delete(key)
       instrument :delete, key: key do
-        Cloudinary::Uploader.destroy public_id(key), resource_type: resource_type(nil, key)
+        options = {
+          resource_type: resource_type(nil, key),
+          type: @options[:type]
+        }.compact
+
+        Cloudinary::Uploader.destroy public_id(key), **options
       end
     end
 
@@ -98,7 +112,12 @@ module ActiveStorage
     def exist?(key)
       instrument :exist, key: key do |payload|
         begin
-          Cloudinary::Api.resource public_id(key), resource_type: resource_type(nil, key)
+          options = {
+            resource_type: resource_type(nil, key),
+            type: @options[:type]
+          }.compact
+
+          Cloudinary::Api.resource public_id(key), **options
           true
         rescue Cloudinary::Api::NotFound => e
           false
@@ -107,8 +126,7 @@ module ActiveStorage
     end
 
     def download(key, &block)
-      url = Cloudinary::Utils.unsigned_download_url(public_id(key), resource_type: resource_type(nil, key))
-      uri = URI(url)
+      uri = URI(url(key))
       if block_given?
         instrument :streaming_download, key: key do
           Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') do |http|
@@ -169,12 +187,18 @@ module ActiveStorage
     #
     # It does the best effort when original filename does not include extension, but we know the mime-type.
     #
+    # @param [ActiveStorage::BlobKey]   key          The blob key with attributes.
     # @param [ActiveStorage::Filename]  filename     The original filename.
     # @param [string]                   content_type The content type of the file.
     #
     # @return [string] The extension of the filename.
-    def ext_for_file(filename, content_type)
+    def ext_for_file(key, filename = nil, content_type = nil)
+      if filename.blank?
+        options = key.respond_to?(:attributes) ? key.attributes : {}
+        filename = ActiveStorage::Filename.new(options[:filename]) if options.has_key?(:filename)
+      end
       ext = filename.respond_to?(:extension_without_delimiter) ? filename.extension_without_delimiter : nil
+
       return ext unless ext.blank?
 
       # Raw files are not convertible, no extension guessing for them
@@ -194,6 +218,8 @@ module ActiveStorage
     end
 
     def content_type_to_resource_type(content_type)
+      return 'image' if content_type.nil?
+
       type, subtype = content_type.split('/')
       case type
       when 'video', 'audio'

data/lib/cloudinary.rb

@@ -16,7 +16,12 @@ require "cloudinary/missing"
 module Cloudinary
   autoload :Utils, 'cloudinary/utils'
   autoload :Uploader, 'cloudinary/uploader'
+  autoload :BaseConfig, "cloudinary/base_config"
+  autoload :Config, "cloudinary/config"
+  autoload :AccountConfig, "cloudinary/account_config"
+  autoload :BaseApi, "cloudinary/base_api"
   autoload :Api, "cloudinary/api"
+  autoload :AccountApi, "cloudinary/account_api"
   autoload :Downloader, "cloudinary/downloader"
   autoload :Blob, "cloudinary/blob"
   autoload :PreloadedFile, "cloudinary/preloaded_file"
@@ -58,64 +63,42 @@ module Cloudinary
     "ept"  => "eps"
   }
 
-  @@config = nil
-
+  # Cloudinary config
+  #
+  # @param [Hash] new_config If +new_config+ is passed, Config will be updated with it
+  # @yieldparam [OpenStruct] Config can be updated in the block
+  #
+  # @return [OpenStruct]
   def self.config(new_config=nil)
-    first_time = @@config.nil?
-    @@config   ||= OpenStruct.new((YAML.load(ERB.new(IO.read(config_dir.join("cloudinary.yml"))).result)[config_env] rescue {}))
-
-    config_from_env if first_time
+    @@config ||= make_new_config(Config)
 
-    set_config(new_config) if new_config
-    yield(@@config) if block_given?
+    @@config.update(new_config) if new_config
+    yield @@config if block_given?
 
     @@config
   end
 
-  def self.config_from_url(url)
-    @@config ||= OpenStruct.new
-    return unless url && !url.empty?
-    uri = URI.parse(url)
-    if !uri.scheme || "cloudinary" != uri.scheme.downcase
-      raise(CloudinaryException,
-        "Invalid CLOUDINARY_URL scheme. Expecting to start with 'cloudinary://'")
-    end
-    set_config(
-      "cloud_name"          => uri.host,
-      "api_key"             => uri.user,
-      "api_secret"          => uri.password,
-      "private_cdn"         => !uri.path.blank?,
-      "secure_distribution" => uri.path[1..-1]
-    )
-    uri.query.to_s.split("&").each do
-    |param|
-      key, value = param.split("=")
-      if isNestedKey? key
-        putNestedKey key, value
-      else
-        set_config(key => Utils.smart_unescape(value))
-      end
-    end
-  end
+  # Cloudinary account config
+  #
+  # @param [Hash] new_config If +new_config+ is passed, Account Config will be updated with it
+  # @yieldparam [OpenStruct] Account config can be updated in the block
+  #
+  # @return [OpenStruct]
+  def self.account_config(new_config=nil)
+    @@account_config ||= make_new_config(AccountConfig)
 
-  def self.putNestedKey(key, value)
-    chain   = key.split(/[\[\]]+/).reject { |i| i.empty? }
-    outer   = @@config
-    lastKey = chain.pop()
-    chain.each do |innerKey|
-      inner = outer[innerKey]
-      if inner.nil?
-        inner           = OpenStruct.new
-        outer[innerKey] = inner
-      end
-      outer = inner
-    end
-    outer[lastKey] = value
+    @@account_config.update(new_config) if new_config
+    yield @@account_config if block_given?
+
+    @@account_config
   end
 
+  def self.config_from_url(url)
+    config.load_from_url(url)
+  end
 
-  def self.isNestedKey?(key)
-    /\w+\[\w+\]/ =~ key
+  def self.config_from_account_url(url)
+    account_config.load_from_url(url)
   end
 
   def self.app_root
@@ -129,22 +112,6 @@ module Cloudinary
 
   private
 
-  def self.config_from_env
-    # Heroku support
-    if ENV["CLOUDINARY_CLOUD_NAME"]
-      config_keys = ENV.keys.select! { |key| key.start_with? "CLOUDINARY_" }
-      config_keys -= ["CLOUDINARY_URL"] # ignore it when explicit options are passed
-      config_keys.each do |full_key|
-        conf_key = full_key["CLOUDINARY_".length..-1].downcase # convert "CLOUDINARY_CONFIG_NAME" to "config_name"
-        conf_val = ENV[full_key]
-        conf_val = conf_val == 'true' if %w[true false].include?(conf_val) # cast relevant boolean values
-        set_config(conf_key => conf_val)
-      end
-    elsif ENV["CLOUDINARY_URL"]
-      config_from_url(ENV["CLOUDINARY_URL"])
-    end
-  end
-
   def self.config_env
     return ENV["CLOUDINARY_ENV"] if ENV["CLOUDINARY_ENV"]
     return Rails.env if defined? Rails::env
@@ -159,6 +126,20 @@ module Cloudinary
   def self.set_config(new_config)
     new_config.each{|k,v| @@config.send(:"#{k}=", v) if !v.nil?}
   end
+
+  # Builds config from yaml file, extends it with specific module and loads configuration from environment variable
+  #
+  # @param [Module] config_module Config is extended with this module after being built
+  #
+  # @return [OpenStruct]
+  def self.make_new_config(config_module)
+    OpenStruct.new((YAML.load(ERB.new(IO.read(config_dir.join("cloudinary.yml"))).result)[config_env] rescue {})).tap do |config|
+      config.extend(config_module)
+      config.load_config_from_env
+    end
+  end
+
+  private_class_method :make_new_config
 end
   # Prevent require loop if included after Rails is already initialized.
   require "cloudinary/helper" if defined?(::ActionView::Base)

data/lib/cloudinary/account_api.rb

@@ -0,0 +1,231 @@
+class Cloudinary::AccountApi
+  extend Cloudinary::BaseApi
+
+  # Creates a new sub-account. Any users that have access to all sub-accounts will also automatically have access to the
+  # new sub-account.
+  # @param [String] name The display name as shown in the management console
+  # @param [String] cloud_name A case-insensitive cloud name comprised of alphanumeric and underscore characters.
+  #   Generates an error if the specified cloud name is not unique across all Cloudinary accounts.
+  #   Note: Once created, the name can only be changed for accounts with fewer than 1000 assets.
+  # @param [Object] custom_attributes Any custom attributes you want to associate with the sub-account
+  # @param [Boolean] enabled Whether to create the account as enabled (default is enabled)
+  # @param [String] base_account ID of sub-account from which to copy settings
+  # @param [Object] options additional options
+  def self.create_sub_account(name, cloud_name = nil, custom_attributes = {}, enabled = nil, base_account = nil, options = {})
+    params = {
+      name: name,
+      cloud_name: cloud_name,
+      custom_attributes: custom_attributes,
+      enabled: enabled,
+      base_sub_account_id: base_account
+    }
+
+    call_account_api(:post, 'sub_accounts', params, options.merge(content_type: :json))
+  end
+
+  # Updates the specified details of the sub-account.
+  # @param [String] sub_account_id The ID of the sub-account.
+  # @param [String] name The display name as shown in the management console
+  # @param [String] cloud_name A case-insensitive cloud name comprised of alphanumeric and underscore characters.
+  #   Generates an error if the specified cloud name is not unique across all Cloudinary accounts.
+  #   Note: Once created, the name can only be changed for accounts with fewer than 1000 assets.
+  # @param [Object] custom_attributes Any custom attributes you want to associate with the sub-account, as a map/hash
+  #   of key/value pairs.
+  # @param [Boolean] enabled Whether the sub-account is enabled.
+  # @param [Object] options additional options
+  def self.update_sub_account(sub_account_id, name = nil, cloud_name = nil, custom_attributes = nil, enabled = nil, options = {})
+    params = {
+      name: name,
+      cloud_name: cloud_name,
+      custom_attributes: custom_attributes,
+      enabled: enabled
+    }
+
+    call_account_api(:put, ['sub_accounts', sub_account_id], params, options.merge(content_type: :json))
+  end
+
+  # Lists sub-accounts.
+  # @param [Boolean] enabled Whether to only return enabled sub-accounts (true) or disabled accounts (false).
+  #  Default: all accounts are returned (both enabled and disabled).
+  # @param [Array<String>] ids A list of up to 100 sub-account IDs. When provided, other parameters are ignored.
+  # @param [String] prefix Returns accounts where the name begins with the specified case-insensitive string.
+  # @param [Object] options additional options
+  def self.sub_accounts(enabled = nil, ids = [], prefix = nil, options = {})
+    params = {
+      enabled: enabled,
+      ids: ids,
+      prefix: prefix
+    }
+
+    call_account_api(:get, 'sub_accounts', params, options.merge(content_type: :json))
+  end
+
+  # Retrieves the details of the specified sub-account.
+  # @param [String] sub_account_id The ID of the sub-account.
+  # @param [Object] options additional options
+  def self.sub_account(sub_account_id, options = {})
+    call_account_api(:get, ['sub_accounts', sub_account_id], {}, options.merge(content_type: :json))
+  end
+
+  # Deletes the specified sub-account. Supported only for accounts with fewer than 1000 assets.
+  # @param [String] sub_account_id The ID of the sub-account.
+  # @param [Object] options additional options
+  def self.delete_sub_account(sub_account_id, options = {})
+    call_account_api(:delete, ['sub_accounts', sub_account_id], {}, options)
+  end
+
+  # Creates a new user in the account.
+  # @param [String] name The name of the user.
+  # @param [String] email A unique email address, which serves as the login name and notification address.
+  # @param [String] role The role to assign. Possible values: master_admin, admin, billing, technical_admin, reports,
+  #   media_library_admin, media_library_user
+  # @param [Array<String>] sub_account_ids The list of sub-account IDs that this user can access.
+  #   Note: This parameter is ignored if the role is specified as master_admin.
+  # @param [Object] options additional options
+  def self.create_user(name, email, role, sub_account_ids = [], options = {})
+    params = {
+      name: name,
+      email: email,
+      role: role,
+      sub_account_ids: sub_account_ids
+    }
+
+    call_account_api(:post, 'users', params, options.merge(content_type: :json))
+  end
+
+  # Deletes an existing user.
+  # @param [String] user_id The ID of the user to delete.
+  # @param [Object] options additional options
+  def self.delete_user(user_id, options = {})
+    call_account_api(:delete, ['users', user_id], {}, options)
+  end
+
+  # Updates the details of the specified user.
+  # @param [String] user_id The ID of the user to update.
+  # @param [String] name The name of the user.
+  # @param [String] email A unique email address, which serves as the login name and notification address.
+  # @param [String] role The role to assign. Possible values: master_admin, admin, billing, technical_admin, reports,
+  #   media_library_admin, media_library_user
+  # @param [Array<String>] sub_account_ids The list of sub-account IDs that this user can access.
+  #   Note: This parameter is ignored if the role is specified as master_admin.
+  # @param [Object] options additional options
+  def self.update_user(user_id, name = nil, email = nil, role = nil, sub_account_ids = nil, options = {})
+    params = {
+      name: name,
+      email: email,
+      role: role,
+      sub_account_ids: sub_account_ids
+    }
+
+    call_account_api(:put, ['users', user_id], params, options.merge(content_type: :json))
+  end
+
+  # Returns the user with the specified ID.
+  # @param [String] user_id The ID of the user.
+  # @param [Object] options additional options
+  def self.user(user_id, options = {})
+    call_account_api(:get, ['users', user_id], {}, options.merge(content_type: :json))
+  end
+
+  # Lists users in the account.
+  # @param [Boolean] pending Whether to only return pending users. Default: all users
+  # @param [Array<String>] user_ids A list of up to 100 user IDs. When provided, other parameters are ignored.
+  # @param [String] prefix Returns users where the name or email address begins with the specified case-insensitive string.
+  # @param [String] sub_account_id Only returns users who have access to the specified account.
+  # @param [Object] options additional options
+  def self.users(pending = nil, user_ids = [], prefix = nil, sub_account_id = nil, options = {})
+    params = if user_ids && user_ids.count > 0
+               {
+                 ids: user_ids
+               }
+             else
+               {
+                 prefix: prefix,
+                 sub_account_id: sub_account_id,
+                 pending: pending
+               }
+             end
+
+    call_account_api(:get, 'users', params, options.merge(content_type: :json))
+  end
+
+  # Creates a new user group.
+  # @param [String] name The name for the user group.
+  # @param [Object] options additional options
+  def self.create_user_group(name, options = {})
+    params = {
+      name: name
+    }
+
+    call_account_api(:post, 'user_groups', params, options.merge(content_type: :json))
+  end
+
+  # Updates the specified user group.
+  # @param [String] group_id The ID of the user group to update.
+  # @param [String] name The name for the user group.
+  # @param [Object] options additional options
+  def self.update_user_group(group_id, name, options = {})
+    params = {
+      name: name
+    }
+
+    call_account_api(:put, ['user_groups', group_id], params, options.merge(content_type: :json))
+  end
+
+  # Adds a user to a group with the specified ID.
+  # @param [String] group_id The ID of the user group.
+  # @param [String] user_id The ID of the user.
+  # @param [Object] options additional options
+  def self.add_user_to_group(group_id, user_id, options = {})
+    call_account_api(:post, ['user_groups', group_id, 'users', user_id], {}, options.merge(content_type: :json))
+  end
+
+  # Removes a user from a group with the specified ID.
+  # @param [String] group_id The ID of the user group.
+  # @param [String] user_id The ID of the user.
+  # @param [Object] options additional options
+  def self.remove_user_from_group(group_id, user_id, options = {})
+    call_account_api(:delete, ['user_groups', group_id, 'users', user_id], {}, options.merge(content_type: :json))
+  end
+
+  # Deletes the user group with the specified ID.
+  # @param [String] group_id The ID of the user group to delete.
+  # @param [Object] options additional options
+  def self.delete_user_group(group_id, options = {})
+    call_account_api(:delete, ['user_groups', group_id], {}, options)
+  end
+
+  # Lists user groups in the account.
+  # @param [Object] options additional options
+  def self.user_groups(options = {})
+    call_account_api(:get, 'user_groups', {}, options.merge(content_type: :json))
+  end
+
+  # Retrieves the details of the specified user group.
+  # @param [String] group_id The ID of the user group to retrieve.
+  # @param [Object] options additional options
+  def self.user_group(group_id, options = {})
+    call_account_api(:get, ['user_groups', group_id], {}, options.merge(content_type: :json))
+  end
+
+  # Lists users in the specified user group.
+  # @param [String] group_id The ID of the user group.
+  # @param [Object] options additional options
+  def self.user_group_users(group_id, options = {})
+    call_account_api(:get, ['user_groups', group_id, 'users'], {}, options.merge(content_type: :json))
+  end
+
+  def self.call_account_api(method, uri, params, options)
+    account_id = options[:account_id] || Cloudinary.account_config.account_id || raise('Must supply account_id')
+    api_key    = options[:provisioning_api_key] || Cloudinary.account_config.provisioning_api_key || raise('Must supply provisioning api_key')
+    api_secret = options[:provisioning_api_secret] || Cloudinary.account_config.provisioning_api_secret || raise('Must supply provisioning api_secret')
+
+    params.reject! { |_, v| v.nil? }
+
+    call_cloudinary_api(method, uri, api_key, api_secret, params, options) do |cloudinary, inner_uri|
+      [cloudinary, 'v1_1', 'provisioning', 'accounts', account_id, inner_uri]
+    end
+  end
+
+  private_class_method :call_account_api
+end