cloudinary 1.9.0 → 1.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c78db40dfbd0f2a2fa579c3817208c11c89136be
-  data.tar.gz: c1f15ae49d99c4c1edb404cd6c49eb4a6c992a58
+  metadata.gz: aa2967c1b17b93efadf7db793ac1110b7bd411f6
+  data.tar.gz: 79d2beeae5fe07afd1c4aaffb3bc17d442b2f418
 SHA512:
-  metadata.gz: e8b61e2b1660f36ed2f4cb2b85a38010b8135455e1c1ad743dfe3f267c695c7f88195d038a7548fbe2f6c6d63a005dd458e396ba1f33370c937cf424f5ad14b0
-  data.tar.gz: dbec90b6f71bbad87e31740e419d225bd8804a012310ee55121661d93a48e4d136ae1b86e8ed80b86111d9f004dde54399c72e3f39138686b77616fc7624b92e
+  metadata.gz: a46e2e84655389ac281378a44212964acd0f43f0ff66b9d7ef6fc0ce5cbf8a6b6467925dca57768174f0246780f844d6f4f08683fac95d46a49d3bee1d3ec18b
+  data.tar.gz: 873cf3dbb2ad9296c31d0aacfbbacf66b210bad3220c73e27014f7c386295cad91ae1347fd4c4d5c1631d311bc88c8fe899404bc68aa91a6e12f37e7346028f5

data/CHANGELOG.md

@@ -1,4 +1,11 @@
 
+1.9.1 / 2018-03-06
+==================
+
+  * Add instructions for using the source code. Fixes #291 and #292
+  * Fix check for CarrierWave in `Migrator`. Fixes #286
+  * Fix acl and url escaping in auth_token generation
+
 1.9.0 / 2018-02-27
 ==================
 

data/CONTRIBUTING.md

@@ -41,6 +41,20 @@ cd cloudinary_gem
 git remote add upstream https://github.com/cloudinary/cloudinary_gem.git
 ```
 
+#### Install dependencies
+
+```
+gem install bundler
+bundle install
+```
+
+#### Run the tests
+You can obtain the configuration URL from https://cloudinary.com/console.
+
+```
+export CLOUDINARY_URL=cloudinary://<api_key>:<api_secret>@<cloud>
+bundle exec rspec -f d
+```
 #### Create a Topic Branch
 
 Make sure your fork is up-to-date and create a topic branch for your feature or bug fix.

data/README.md

@@ -17,6 +17,7 @@ For Ruby on Rails, Cloudinary provides a GEM for simplifying the integration eve
 
 ## Setup ######################################################################
 
+### Installing the gem
 To install the Cloudinary Ruby GEM, run:
 
     $ gem install cloudinary
@@ -44,6 +45,21 @@ Rails 2.x environment.rb:
 
 *Note: The CarrierWave GEM should be loaded before the Cloudinary GEM.*
 
+### Using the source code directly
+
+You can use the source code of this library directly instead of installing the packaged gem file.
+
+    git clone https://github.com/cloudinary/cloudinary_gem.git
+    
+    # if you haven't installed bundler, do so now with:
+    # gem install bundler
+    
+    bundle install
+    
+Finally, fetch the related assets. This process is done automatically when the packaged gem is installed.
+
+    rake cloudinary:fetch_assets 
+
 ## Try it right away
 
 Sign up for a [free account](https://cloudinary.com/users/register/free) so you can try out image transformations and seamless image delivery through CDN.

data/lib/cloudinary/auth_token.rb

@@ -9,6 +9,7 @@ end
 module Cloudinary
   module AuthToken
     SEPARATOR = '~'
+    UNSAFE = /[ "#%&\'\/:;<=>?@\[\\\]^`{\|}~]/
 
     def self.generate(options = {})
       key = options[:key]
@@ -56,9 +57,12 @@ module Cloudinary
 
     # escape URI pattern using lowercase hex. For example "/" -> "%2f".
     def self.escape_to_lower(url)
-      CGI::escape(url).gsub(/%../) { |h| h.downcase }
+      Utils.smart_escape(url, UNSAFE).gsub(/%[0-9A-F]{2}/) do |h|
+        h.downcase
+      end.force_encoding(Encoding::US_ASCII)
     end
 
+
     def self.digest(message, key)
       bin_key = Array(key).pack("H*")
       digest = OpenSSL::Digest::SHA256.new

data/lib/cloudinary/migrator.rb

@@ -87,8 +87,8 @@ class Cloudinary::Migrator
   end
   
   def process(options={})    
-    raise CloudinaryException, "url not given and no retieve callback given" if options[:url].nil? && self.retrieve.nil?
-    raise CloudinaryException, "id not given and retieve or complete callback given" if options[:id].nil? && (!self.retrieve.nil? || !self.complete.nil?)
+    raise CloudinaryException, "url not given and no retrieve callback given" if options[:url].nil? && self.retrieve.nil?
+    raise CloudinaryException, "id not given and retrieve or complete callback given" if options[:id].nil? && (!self.retrieve.nil? || !self.complete.nil?)
 
     debug("Process: #{options.inspect}")
     start
@@ -248,7 +248,7 @@ class Cloudinary::Migrator
               if defined?(ActiveRecord::Base) && data.is_a?(ActiveRecord::Base)
                 cw = true
                 data.save!
-              elsif defined?(Cloudinary::CarrierWave) && data.is_a?(Cloudinary::CarrierWave)
+              elsif defined?(::CarrierWave) && defined?(Cloudinary::CarrierWave) && data.is_a?(Cloudinary::CarrierWave)
                 cw = true
                 begin
                   data.model.save! 

data/lib/cloudinary/utils.rb

@@ -638,8 +638,8 @@ class Cloudinary::Utils
 
   # Based on CGI::unescape. In addition does not escape / :
   def self.smart_escape(string, unsafe = /([^a-zA-Z0-9_.\-\/:]+)/)
-    string.gsub(unsafe) do
-      '%' + $1.unpack('H2' * $1.bytesize).join('%').upcase
+    string.gsub(unsafe) do |m|
+      '%' + m.unpack('H2' * m.bytesize).join('%').upcase
     end
   end
 

data/lib/cloudinary/version.rb

@@ -1,4 +1,4 @@
 # Copyright Cloudinary
 module Cloudinary
-  VERSION = "1.9.0"
+  VERSION = "1.9.1"
 end

data/spec/auth_token_spec.rb

@@ -16,7 +16,7 @@ describe 'auth_token' do
   end
   it "should generate with start and duration" do
     token = Cloudinary::Utils.generate_auth_token :start_time => 1111111111, :acl => "/image/*", :duration => 300
-    expect(token).to eq '__cld_token__=st=1111111111~exp=1111111411~acl=%2fimage%2f%2a~hmac=0d5b0c9c1485ee162c459879fe62e06caa23bc26fec92d58bd100f2e1592eac6'
+    expect(token).to eq '__cld_token__=st=1111111111~exp=1111111411~acl=%2fimage%2f*~hmac=1751370bcc6cfe9e03f30dd1a9722ba0f2cdca283fa3e6df3342a00a7528cc51'
   end
 
   describe "authenticated url" do
@@ -46,7 +46,7 @@ describe 'auth_token' do
     end
     it "explicit authToken should override global setting" do
       url = Cloudinary::Utils.cloudinary_url "sample.jpg", :sign_url => true, :auth_token => { :key => ALT_KEY, :start_time => 222222222, :duration => 100 }, :type => "authenticated", :transformation => { :crop => "scale", :width => 300 }
-      expect(url).to eq("http://test123-res.cloudinary.com/image/authenticated/c_scale,w_300/sample.jpg?__cld_token__=st=222222222~exp=222222322~hmac=7d276841d70c4ecbd0708275cd6a82e1f08e47838fbb0bceb2538e06ddfa3029")
+      expect(url).to eq("http://test123-res.cloudinary.com/image/authenticated/c_scale,w_300/sample.jpg?__cld_token__=st=222222222~exp=222222322~hmac=55cfe516530461213fe3b3606014533b1eca8ff60aeab79d1bb84c9322eebc1f")
 
     end
     it "should compute expiration as start time + duration" do
@@ -71,7 +71,7 @@ describe 'auth_token' do
       tokenOptions              = { :key => KEY, :duration => 300, :acl => "/*/t_#{user}" }
       tokenOptions[:start_time] = 222222222 # we can't rely on the default "now" value in tests
       cookieToken               = Cloudinary::Utils.generate_auth_token tokenOptions
-      expect(cookieToken).to eq("__cld_token__=st=222222222~exp=222222522~acl=%2f%2a%2ft_foobar~hmac=1284376353c1c43d6f6a98f2813c5596f4ff6f34d837cd853fd8c3c9e7f8428c")
+      expect(cookieToken).to eq("__cld_token__=st=222222222~exp=222222522~acl=%2f*%2ft_foobar~hmac=8e39600cc18cec339b21fe2b05fcb64b98de373355f8ce732c35710d8b10259f")
 
     end
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cloudinary
 version: !ruby/object:Gem::Version
-  version: 1.9.0
+  version: 1.9.1
 platform: ruby
 authors:
 - Nadav Soferman
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-27 00:00:00.000000000 Z
+date: 2018-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws_cf_signer