RubyGems - dragonfly - Versions diffs - 0.9.5 → 0.9.8 - Mend

dragonfly 0.9.5 → 0.9.8

Potentially problematic release.

This version of dragonfly might be problematic. Click here for more details.

Files changed (39) hide show

data/Gemfile +1 -2
data/History.md +29 -0
data/README.md +1 -1
data/VERSION +1 -1
data/dragonfly.gemspec +15 -14
data/extra_docs/DataStorage.md +5 -2
data/extra_docs/Rails3.md +6 -4
data/features/steps/rails_steps.rb +18 -6
data/features/support/setup.rb +10 -1
data/fixtures/rails/files/features/step_definitions/image_steps.rb +1 -1
data/lib/dragonfly.rb +4 -0
data/lib/dragonfly/analysis/file_command_analyser.rb +2 -1
data/lib/dragonfly/data_storage/couch_data_store.rb +1 -1
data/lib/dragonfly/data_storage/mongo_data_store.rb +4 -2
data/lib/dragonfly/data_storage/s3data_store.rb +5 -1
data/lib/dragonfly/image_magick/generator.rb +2 -2
data/lib/dragonfly/image_magick/processor.rb +2 -2
data/lib/dragonfly/image_magick/utils.rb +3 -25
data/lib/dragonfly/rails/images.rb +17 -12
data/lib/dragonfly/railtie.rb +1 -1
data/lib/dragonfly/shell.rb +44 -0
data/lib/dragonfly/temp_object.rb +13 -6
data/spec/dragonfly/analysis/file_command_analyser_spec.rb +1 -0
data/spec/dragonfly/cookie_monster_spec.rb +4 -2
data/spec/dragonfly/data_storage/file_data_store_spec.rb +1 -1
data/spec/dragonfly/data_storage/mongo_data_store_spec.rb +23 -8
data/spec/dragonfly/image_magick/generator_spec.rb +0 -5
data/spec/dragonfly/job_spec.rb +5 -1
data/spec/dragonfly/shell_spec.rb +34 -0
data/spec/dragonfly/temp_object_spec.rb +44 -12
data/spec/functional/image_magick_app_spec.rb +1 -1
data/spec/functional/remote_on_the_fly_spec.rb +6 -6
data/spec/functional/shell_commands_spec.rb +23 -0
data/spec/functional/to_response_spec.rb +1 -1
data/spec/spec_helper.rb +6 -3
data/spec/support/image_matchers.rb +1 -0
data/tmp/.gitignore +2 -0
metadata +71 -85
data/spec/dragonfly/image_magick/utils_spec.rb +0 -18

data/spec/functional/shell_commands_spec.rb ADDED Viewed

@@ -0,0 +1,23 @@
+require 'spec_helper'
+describe "a configured imagemagick app" do
+  before(:each) do
+    @app = test_app.configure_with(:imagemagick)
+  end
+  describe "shell injection" do
+    it "should not allow it!" do
+      begin
+        suppressing_stderr do
+          @app.generate(:plain, 10, 10, 'white').convert("-resize 5x5 ; touch tmp/stuff").apply
+        end
+      rescue Dragonfly::FunctionManager::UnableToHandle
+      end
+      File.exist?('tmp/stuff').should be_false
+    end
+  end
+end

data/spec/functional/to_response_spec.rb CHANGED Viewed

@@ -3,7 +3,7 @@ require 'spec_helper'
 describe "getting rack response directly" do
   before(:each) do
-    @app = Dragonfly[:to_response].configure do |c|
+    @app = test_app.configure do |c|
       c.generator.add :test do
         "bunheads"
       end

data/spec/spec_helper.rb CHANGED Viewed

@@ -20,7 +20,7 @@ def todo
 end
 require 'logger'
-LOG_FILE = File.dirname(__FILE__) + '/spec.log' unless defined?(LOG_FILE)
+LOG_FILE = 'tmp/test.log' unless defined?(LOG_FILE)
 FileUtils.rm_rf(LOG_FILE)
 def mock_app(extra_stubs={})
   mock('app', {
@@ -37,13 +37,16 @@ def mock_app(extra_stubs={})
 end
 def test_app
-  Dragonfly::App.send(:new)
+  app = Dragonfly::App.send(:new)
+  app.log = Logger.new(LOG_FILE)
+  app.datastore.root_path = 'tmp/file_data_store_test'
+  app
 end
 def suppressing_stderr
   original_stderr = $stderr.dup
   tempfile = Tempfile.new('stderr')
-  $stderr.reopen(tempfile)
+  $stderr.reopen(tempfile) rescue
   yield
 ensure
   tempfile.close!

data/spec/support/image_matchers.rb CHANGED Viewed

@@ -3,6 +3,7 @@ def image_properties(image)
     tempfile = image
   else
     tempfile = Tempfile.new('image')
+    tempfile.binmode
     tempfile.write(image.is_a?(Dragonfly::TempObject) ? image.data : image)
     tempfile.close
   end

data/tmp/.gitignore ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ *
2	+ !.gitignore

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dragonfly
 version: !ruby/object:Gem::Version
-  hash: 49
+  hash: 43
   prerelease:
   segments:
   - 0
   - 9
-  - 5
-  version: 0.9.5
+  - 8
+  version: 0.9.8
 platform: ruby
 authors:
 - Mark Evans
@@ -15,10 +15,10 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-08-02 00:00:00 +01:00
-default_executable:
+date: 2011-09-08 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
+  type: :runtime
   requirement: &id001 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -28,11 +28,11 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
-  name: rack
-  type: :runtime
   version_requirements: *id001
+  name: rack
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id002 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -42,11 +42,11 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
-  name: capybara
-  type: :development
   version_requirements: *id002
+  name: capybara
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id003 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -58,11 +58,11 @@ dependencies:
         - 10
         - 0
         version: 0.10.0
-  prerelease: false
-  name: cucumber
-  type: :development
   version_requirements: *id003
+  name: cucumber
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id004 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -74,11 +74,11 @@ dependencies:
         - 5
         - 2
         version: 0.5.2
-  prerelease: false
-  name: cucumber-rails
-  type: :development
   version_requirements: *id004
+  name: cucumber-rails
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id005 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -88,11 +88,11 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
-  name: database_cleaner
-  type: :development
   version_requirements: *id005
+  name: database_cleaner
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id006 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -104,11 +104,11 @@ dependencies:
         - 5
         - 2
         version: 1.5.2
-  prerelease: false
-  name: jeweler
-  type: :development
   version_requirements: *id006
+  name: jeweler
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id007 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -118,11 +118,11 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
-  name: fog
-  type: :development
   version_requirements: *id007
+  name: fog
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id008 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -132,11 +132,11 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
-  name: mongo
-  type: :development
   version_requirements: *id008
+  name: mongo
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id009 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -147,11 +147,11 @@ dependencies:
         - 1
         - 0
         version: "1.0"
-  prerelease: false
-  name: couchrest
-  type: :development
   version_requirements: *id009
+  name: couchrest
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id010 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -161,44 +161,28 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
-  name: rack-cache
-  type: :development
   version_requirements: *id010
+  name: rack-cache
+  prerelease: false
 - !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id011 !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - "="
+    - - ~>
       - !ruby/object:Gem::Version
-        hash: 21
+        hash: 3
         segments:
         - 3
+        - 1
         - 0
-        - 9
-        version: 3.0.9
-  prerelease: false
-  name: rails
-  type: :development
+        version: 3.1.0
   version_requirements: *id011
-- !ruby/object:Gem::Dependency
-  requirement: &id012 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - "="
-      - !ruby/object:Gem::Version
-        hash: 49
-        segments:
-        - 0
-        - 8
-        - 7
-        version: 0.8.7
+  name: rails
   prerelease: false
-  name: rake
-  type: :development
-  version_requirements: *id012
 - !ruby/object:Gem::Dependency
-  requirement: &id013 !ruby/object:Gem::Requirement
+  type: :development
+  requirement: &id012 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -208,12 +192,12 @@ dependencies:
         - 2
         - 5
         version: "2.5"
-  prerelease: false
+  version_requirements: *id012
   name: rspec
-  type: :development
-  version_requirements: *id013
+  prerelease: false
 - !ruby/object:Gem::Dependency
-  requirement: &id014 !ruby/object:Gem::Requirement
+  type: :development
+  requirement: &id013 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -222,12 +206,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
+  version_requirements: *id013
   name: webmock
-  type: :development
-  version_requirements: *id014
+  prerelease: false
 - !ruby/object:Gem::Dependency
-  requirement: &id015 !ruby/object:Gem::Requirement
+  type: :development
+  requirement: &id014 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -236,12 +220,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
+  version_requirements: *id014
   name: yard
-  type: :development
-  version_requirements: *id015
+  prerelease: false
 - !ruby/object:Gem::Dependency
-  requirement: &id016 !ruby/object:Gem::Requirement
+  type: :development
+  requirement: &id015 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -250,12 +234,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
+  version_requirements: *id015
   name: bluecloth
-  type: :development
-  version_requirements: *id016
+  prerelease: false
 - !ruby/object:Gem::Dependency
-  requirement: &id017 !ruby/object:Gem::Requirement
+  type: :development
+  requirement: &id016 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -264,12 +248,12 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
+  version_requirements: *id016
   name: bson_ext
-  type: :development
-  version_requirements: *id017
+  prerelease: false
 - !ruby/object:Gem::Dependency
-  requirement: &id018 !ruby/object:Gem::Requirement
+  type: :development
+  requirement: &id017 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
@@ -278,10 +262,9 @@ dependencies:
         segments:
         - 0
         version: "0"
-  prerelease: false
+  version_requirements: *id017
   name: sqlite3-ruby
-  type: :development
-  version_requirements: *id018
+  prerelease: false
 description: |-
   Dragonfly is a framework that enables on-the-fly processing for any content type.
     It is especially suited to image handling. Its uses range from image thumbnails to standard attachments to on-demand text generation.
@@ -399,6 +382,7 @@ files:
 - lib/dragonfly/routed_endpoint.rb
 - lib/dragonfly/serializer.rb
 - lib/dragonfly/server.rb
+- lib/dragonfly/shell.rb
 - lib/dragonfly/simple_cache.rb
 - lib/dragonfly/temp_object.rb
 - lib/dragonfly/url_mapper.rb
@@ -430,7 +414,6 @@ files:
 - spec/dragonfly/image_magick/encoder_spec.rb
 - spec/dragonfly/image_magick/generator_spec.rb
 - spec/dragonfly/image_magick/processor_spec.rb
-- spec/dragonfly/image_magick/utils_spec.rb
 - spec/dragonfly/job_builder_spec.rb
 - spec/dragonfly/job_definitions_spec.rb
 - spec/dragonfly/job_endpoint_spec.rb
@@ -440,6 +423,7 @@ files:
 - spec/dragonfly/routed_endpoint_spec.rb
 - spec/dragonfly/serializer_spec.rb
 - spec/dragonfly/server_spec.rb
+- spec/dragonfly/shell_spec.rb
 - spec/dragonfly/simple_cache_spec.rb
 - spec/dragonfly/temp_object_spec.rb
 - spec/dragonfly/url_mapper_spec.rb
@@ -447,19 +431,20 @@ files:
 - spec/functional/image_magick_app_spec.rb
 - spec/functional/model_urls_spec.rb
 - spec/functional/remote_on_the_fly_spec.rb
+- spec/functional/shell_commands_spec.rb
 - spec/functional/to_response_spec.rb
 - spec/spec_helper.rb
 - spec/support/argument_matchers.rb
 - spec/support/image_matchers.rb
 - spec/support/simple_matchers.rb
 - spec/test_imagemagick.ru
+- tmp/.gitignore
 - yard/handlers/configurable_attr_handler.rb
 - yard/setup.rb
 - yard/templates/default/fulldoc/html/css/common.css
 - yard/templates/default/layout/html/layout.erb
 - yard/templates/default/module/html/configuration_summary.erb
 - yard/templates/default/module/setup.rb
-has_rdoc: true
 homepage: http://github.com/markevans/dragonfly
 licenses:
 - MIT
@@ -489,7 +474,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 rubyforge_project:
-rubygems_version: 1.5.2
+rubygems_version: 1.8.6
 signing_key:
 specification_version: 3
 summary: Ideal gem for handling attachments in Rails, Sinatra and Rack applications.
@@ -516,7 +501,6 @@ test_files:
 - spec/dragonfly/image_magick/encoder_spec.rb
 - spec/dragonfly/image_magick/generator_spec.rb
 - spec/dragonfly/image_magick/processor_spec.rb
-- spec/dragonfly/image_magick/utils_spec.rb
 - spec/dragonfly/job_builder_spec.rb
 - spec/dragonfly/job_definitions_spec.rb
 - spec/dragonfly/job_endpoint_spec.rb
@@ -526,6 +510,7 @@ test_files:
 - spec/dragonfly/routed_endpoint_spec.rb
 - spec/dragonfly/serializer_spec.rb
 - spec/dragonfly/server_spec.rb
+- spec/dragonfly/shell_spec.rb
 - spec/dragonfly/simple_cache_spec.rb
 - spec/dragonfly/temp_object_spec.rb
 - spec/dragonfly/url_mapper_spec.rb
@@ -533,6 +518,7 @@ test_files:
 - spec/functional/image_magick_app_spec.rb
 - spec/functional/model_urls_spec.rb
 - spec/functional/remote_on_the_fly_spec.rb
+- spec/functional/shell_commands_spec.rb
 - spec/functional/to_response_spec.rb
 - spec/spec_helper.rb
 - spec/support/argument_matchers.rb