condo 0.0.1

data/lib/condo/configuration.rb

@@ -0,0 +1,129 @@
+require 'singleton'
+
+module Condo
+	
+	class Configuration
+		include Singleton
+		
+		@@callbacks = {
+			#:resident_id		# Must be defined by the including class
+			:bucket_name => proc {"#{Rails.application.class.parent_name}#{instance_eval @@callbacks[:resident_id]}"},
+			:object_key => proc {params[:file_name]},
+			:object_options => proc {{:permissions => :private}},
+			:pre_validation => proc {true},	# To respond with errors use: lambda {return false, {:errors => {:param_name => 'wtf are you doing?'}}}
+			:sanitize_filename => proc {
+				params[:file_name].tap do |filename|
+					filename.gsub!(/^.*(\\|\/)/, '')	# get only the filename (just in case)
+					filename.gsub!(/[^\w\.\-]/,'_')		# replace all non alphanumeric or periods with underscore
+				end
+			}
+			#:upload_complete	# Must be defined by the including class
+			#:destroy_upload	# the actual delete should be done by the application
+			#:dynamic_residence	# If the data stores are dynamically stored by the application
+		}
+		
+		@@dynamics = {}
+		
+		def self.callbacks
+			@@callbacks
+		end
+		
+		def self.set_callback(name, callback = nil, &block)
+			if callback.is_a?(Proc)
+				@@callbacks[name.to_sym] = callback
+			elsif block.present?
+				@@callbacks[name.to_sym] = block
+			else
+				raise ArgumentError, 'Condo callbacks must be defined with a Proc or Proc (lamba) object present'
+			end
+		end
+		
+		
+		#
+		# Provides a callback whenever attempting to select a provider for the current request
+		# => Allows multiple providers for different users / controllers or dynamic providers
+		#
+		def self.set_dynamic_provider(namespace, callback = nil, &block)
+			if callback.is_a?(Proc)
+				@@dynamics[namespace.to_sym] = callback
+			elsif block.present?
+				@@dynamics[namespace.to_sym] = block
+			else
+				raise ArgumentError, 'Condo callbacks must be defined with a Proc or Proc (lamba) object present'
+			end
+		end
+		
+		def dynamic_provider_present?(namespace)
+			return false if @@dynamics.nil? || @@dynamics[namespace.to_sym].nil?
+			true
+		end
+		
+		
+		#
+		# Allows for predefined storage providers (maybe you only use Amazon?)
+		#
+		def self.add_residence(name, options = {})
+			@@residencies ||= []
+			@@residencies << ("Condo::Strata::#{name.to_s.camelize}".constantize.new(options)).tap do |res|
+				name = name.to_sym
+				namespace = (options[:namespace] || :global).to_sym
+				
+				@@locations ||= {}
+				@@locations[namespace] ||= {}
+				@@locations[namespace][name] ||= {}
+				
+				if options[:location].present?
+					@@locations[namespace][name][options[:location].to_sym] = res
+				else
+					@@locations[namespace][name][:default] = res
+					@@locations[namespace][name][res.location] = res
+				end
+			end
+		end
+		
+		
+		def residencies
+			@@residencies
+		end
+		
+		
+		#
+		# Storage provider selection routine
+		# => pass in :dynamic => true with :name and connection options to create a new instance
+		#
+		def set_residence(name, options)
+			if options[:namespace].present? && dynamic_provider_present?(options[:namespace])
+				if options[:upload].present?
+					upload = options[:upload]
+					params = {
+						:user_id => upload.user_id,
+						:file_name => upload.file_name,
+						:file_size => upload.file_size,
+						:custom_params => upload.custom_params,
+						:provider_name => upload.provider_name,
+						:provider_location => upload.provider_location,
+						:provider_namespace => upload.provider_namespace
+					}
+					return instance_exec params, &@@dynamics[upload.provider_namespace]
+				else
+					params = {
+						:user_id => options[:resident],
+						:file_name => options[:params][:file_name],
+						:file_size => options[:params][:file_size],
+						:custom_params => options[:params][:custom_params],
+						:provider_namespace => options[:namespace]
+					}
+					return instance_exec params, &@@dynamics[options[:namespace]]
+				end
+			else
+				if !!options[:dynamic]
+					return "Condo::Strata::#{name.to_s.camelize}".constantize.new(options)
+				else
+					return options[:location].present? ? @@locations[options[:namespace]][name.to_sym][options[:location].to_sym] : @@locations[options[:namespace]][name.to_sym][:default]
+				end
+			end
+		end
+		
+	end
+	
+end

data/lib/condo/engine.rb

@@ -0,0 +1,36 @@
+module Condo
+	class Engine < ::Rails::Engine
+		
+		
+		#
+		# Define the base configuration options
+		#
+		#config.before_initialize do |app|						# Rails.configuration
+		#	app.config.condo = ActiveSupport::OrderedOptions.new
+		#	app.config.condo.providers = ActiveSupport::OrderedOptions.new
+		#end
+		
+		
+		config.autoload_paths << File.expand_path("../../../lib", __FILE__)
+		
+		#
+		# Set the proper error types for Rails.
+		#
+		initializer "load http errors" do |app|
+			config.after_initialize do
+				responses = {
+					"Condo::Errors::MissingFurniture" => :not_found,
+					"Condo::Errors::LostTheKeys" => :forbidden,
+					"Condo::Errors::NotYourPlace" => :unauthorized
+				}
+				if rescue_responses = config.action_dispatch.rescue_responses			# Rails 3.2+
+					rescue_responses.update(responses)
+				else
+					ActionDispatch::ShowExceptions.rescue_responses.update(responses)	# Rails 3.0/3.1
+				end
+			end
+		end
+		
+		
+	end
+end

data/lib/condo/errors.rb

@@ -0,0 +1,9 @@
+module Condo
+	
+	module Errors
+		class LostTheKeys < RuntimeError; end			# Authentication
+		class NotYourPlace < RuntimeError; end			# Authorisation
+		class MissingFurniture < RuntimeError; end		# File not found
+	end
+	
+end

data/lib/condo/strata/amazon_s3.rb

@@ -0,0 +1,301 @@
+module Condo; end
+module Condo::Strata; end
+
+
+class Condo::Strata::AmazonS3
+	
+	def initialize(options)
+		@options = {
+			:name => :AmazonS3,
+			:location => :'us-east-1',
+			:fog => {
+				:provider => :AWS,
+				:aws_access_key_id => options[:access_id],
+				:aws_secret_access_key => options[:secret_key],
+				:region => (options[:location] || 'us-east-1')
+			}
+		}.merge!(options)
+		
+		
+		raise ArgumentError, 'Amazon Access ID missing' if @options[:access_id].nil?
+		raise ArgumentError, 'Amazon Secret Key missing' if @options[:secret_key].nil?
+		
+		
+		@options[:location] = @options[:location].to_sym
+		@options[:region] = @options[:location] == :'us-east-1' ? 's3.amazonaws.com' : "s3-#{@options[:location]}.amazonaws.com"
+	end
+	
+	
+	def name
+		@options[:name]
+	end
+	
+	
+	def location
+		@options[:location]
+	end
+	
+	
+	
+	#
+	# Create a signed URL for accessing a private file
+	#
+	def get_object(options)
+		options = {}.merge!(options)	# Need to deep copy here
+		options[:object_options] = {
+			:expires => 5.minutes.from_now,
+			:date => Time.now,
+			:verb => :get,		# Post for multi-part uploads http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadInitiate.html
+			:headers => {},
+			:parameters => {},
+			:protocol => :https
+		}.merge!(options[:object_options] || {})
+		options.merge!(@options)
+		
+		#
+		# provide the signed request
+		#
+		sign_request(options)[:url]
+	end
+	
+	
+	#
+	# Creates a new upload request (either single shot or multi-part)
+	# => Passed: bucket_name, object_key, object_options, file_size
+	#
+	def new_upload(options)
+		options = {}.merge!(options)	# Need to deep copy here
+		options[:object_options] = {
+			:permissions => :private,
+			:expires => 5.minutes.from_now,
+			:date => Time.now,
+			:verb => :post,		# Post for multi-part uploads http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadInitiate.html
+			:headers => {},
+			:parameters => {},
+			:protocol => :https
+		}.merge!(options[:object_options])
+		options.merge!(@options)
+		
+		#
+		# Set the access control headers
+		#
+		if options[:object_options][:headers]['x-amz-acl'].nil?
+			options[:object_options][:headers]['x-amz-acl'] = case options[:object_options][:permissions]
+			when :public
+				:'public-read'
+			else
+				:private
+			end
+		end
+		
+		#
+		# Decide what type of request is being sent
+		#
+		request = {}
+		if options[:file_size] > 5.megabytes	# 5 mb (minimum chunk size)
+			options[:object_options][:parameters][:uploads] = ''	# Customise the request to be a chunked upload
+			options.delete(:file_id)								# Does not apply to chunked uploads
+			
+			request[:type] = :chunked_upload
+		else
+			if options[:file_id].present? && options[:object_options][:headers]['Content-Md5'].nil?
+				#
+				# The client side is sending hex formatted ids that will match the amazon etag
+				# => We need this to be base64 for the md5 header (this is now done at the client side)
+				#
+				# options[:file_id] = [[options[:file_id]].pack("H*")].pack("m0")	# (the 0 avoids the call to strip - now done client side)
+				# [ options[:file_id] ].pack('m').strip			# This wasn't correct
+				# Base64.encode64(options[:file_id]).strip		# This also wasn't correct
+				#
+				options[:object_options][:headers]['Content-Md5'] = options[:file_id]
+			end
+			options[:object_options][:headers]['Content-Type'] = 'binary/octet-stream' if options[:object_options][:headers]['Content-Type'].nil?
+			options[:object_options][:verb] = :put	# Put for direct uploads http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPUT.html
+			
+			request[:type] = :direct_upload
+		end
+		
+		
+		#
+		# provide the signed request
+		#
+		request[:signature] = sign_request(options)
+		request
+	end
+	
+	
+	#
+	# Returns the request to get the parts of a resumable upload
+	#
+	def get_parts(options)
+		options[:object_options] = {
+			:expires => 5.minutes.from_now,
+			:date => Time.now,
+			:verb => :get,
+			:headers => {},
+			:parameters => {},
+			:protocol => :https
+		}.merge!(options[:object_options])
+		options.merge!(@options)
+		
+		#
+		# Set the upload 
+		#
+		options[:object_options][:parameters]['uploadId'] = options[:resumable_id]
+		
+		#
+		# provide the signed request
+		#
+		{
+			:type => :parts,
+			:signature => sign_request(options)
+		}
+	end
+	
+	
+	#
+	# Returns the requests for uploading parts and completing a resumable upload
+	#
+	def set_part(options)
+		options[:object_options] = {
+			:expires => 5.minutes.from_now,
+			:date => Time.now,
+			:headers => {},
+			:parameters => {},
+			:protocol => :https
+		}.merge!(options[:object_options])
+		options.merge!(@options)
+		
+		
+		request = {}
+		if options[:part] == 'finish'
+			#
+			# Send the commitment response
+			#
+			options[:object_options][:headers]['Content-Type'] = 'application/xml; charset=UTF-8' if options[:object_options][:headers]['Content-Type'].nil?
+			options[:object_options][:verb] = :post
+			request[:type] = :finish
+		else
+			#
+			# Send the part upload request
+			#
+			options[:object_options][:headers]['Content-Md5'] = options[:file_id] if options[:file_id].present? && options[:object_options][:headers]['Content-Md5'].nil?
+			options[:object_options][:headers]['Content-Type'] = 'binary/octet-stream' if options[:object_options][:headers]['Content-Type'].nil?
+			options[:object_options][:parameters]['partNumber'] = options[:part]
+			options[:object_options][:verb] = :put
+			request[:type] = :part_upload
+		end
+		
+		
+		#
+		# Set the upload 
+		#
+		options[:object_options][:parameters]['uploadId'] = options[:resumable_id]
+		
+		
+		#
+		# provide the signed request
+		#
+		request[:signature] = sign_request(options)
+		request
+	end
+	
+	
+	def fog_connection
+		@fog = @fog || Fog::Storage.new(@options[:fog])
+		return @fog
+	end
+	
+	
+	def destroy(upload)
+		connection = fog_connection
+		directory = connection.directories.get(upload.bucket_name)	# it is assumed this exists - if not then the upload wouldn't have taken place
+		file = directory.files.get(upload.object_key)
+		
+		if upload.resumable
+			return file.destroy unless file.nil?
+			begin
+				if upload.resumable_id.present?
+					connection.abort_multipart_upload(upload.bucket_name, upload.object_key, upload.resumable_id)
+					return true
+				end
+			rescue
+				# In-case resumable_id was invalid or did not match the object key
+			end
+			
+			#
+			# The user may have provided an invalid upload key, we'll need to search for the upload and destroy it
+			#
+			begin
+				resp = connection.list_multipart_uploads(upload.bucket_name, {'prefix' => upload.object_key})
+				resp.body['Upload'].each do |file|
+					#
+					# TODO:: BUGBUG:: there is an edge case where there may be more multi-part uploads with this this prefix then will be provided in a single request
+					# => We'll need to handle this edge case to avoid abuse and dangling objects
+					#
+					connection.abort_multipart_upload(upload.bucket_name, upload.object_key, file['UploadId']) if file['Key'] == upload.object_key	# Ensure an exact match
+				end
+				return true	# The upload was either never initialised or has been destroyed
+			rescue
+				return false
+			end
+		else
+			return true if file.nil?
+			return file.destroy
+		end
+	end
+	
+	
+	
+	protected
+	
+	
+	
+	def sign_request(options)
+		
+		#
+		# Build base URL
+		#
+		options[:object_options][:date] = options[:object_options][:date].utc.httpdate
+		options[:object_options][:expires] = options[:object_options][:expires].utc.to_i
+		url = "/#{options[:bucket_name]}/#{options[:object_key]}"
+		
+		#
+		# Add request params
+		#
+		url << '?'
+		options[:object_options][:parameters].each do |key, value|
+			url += value.empty? ? "#{key}&" : "#{key}=#{value}&"
+		end
+		url.chop!
+		
+		#
+		# Build a request signature
+		#
+		signature = "#{options[:object_options][:verb].to_s.upcase}\n#{options[:file_id]}\n#{options[:object_options][:headers]['Content-Type']}\n#{options[:object_options][:expires]}\n"
+		options[:object_options][:headers].each do |key, value|
+			signature << "#{key}:#{value}\n" if key =~ /x-amz-/
+		end
+		signature << url
+		
+		
+		#
+		# Encode the request signature
+		#
+		signature = CGI::escape(Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha1'), @options[:secret_key], signature)).gsub("\n",""))
+		
+		
+		#
+		# Finish building the request
+		#
+		url += options[:object_options][:parameters].present? ? '&' : '?'
+		return {
+			:verb => options[:object_options][:verb].to_s.upcase,
+			:url => "#{options[:object_options][:protocol]}://#{options[:region]}#{url}AWSAccessKeyId=#{@options[:access_id]}&Expires=#{options[:object_options][:expires]}&Signature=#{signature}",
+			:headers => options[:object_options][:headers]
+		}
+	end
+	
+	
+end
+