dragonfly 1.1.0 → 1.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 84cc06b313ddc9f160196e61b36307ea6654d979
-  data.tar.gz: 181e3671a18a1d2c56cd97134cab2969ccdb4bcd
+  metadata.gz: 4918846aff69a7cb7483d21babadf9f74d674d91
+  data.tar.gz: e015447812e545b186c422b355de1916fc474201
 SHA512:
-  metadata.gz: 6f4d6a4787d47bd693cffa4499ff1160e2632625c1de3d89b565b4144bbbed89ac52d9340f2dd052f9aab75b3d7b505c2495b013df0858eebfffa26d58ad8ed3
-  data.tar.gz: e66731899aa80963b5cb478a04860680f3a428b1e581b10425da4fe1bda9f4b068d7f15ac2263ffea9609485cf4df11dffff6144124259bf5cbc9863f56e2500
+  metadata.gz: 5642ce50bb25ffd86a4960be6d69e011d285c749e54c572a2977399775ce7e30f9634bfe72bae98f5f2d1cb3e24ba860e6e711457a288b02f920a184142123c9
+  data.tar.gz: c665ecd2f6c045a668abc45197900ca9a4fd75c3028dcf7085cc6cf1799d82c3c882d97d48eb11f792dfc59947143198ad918b60ee92155a981e5f1d40904dd9

data/History.md

@@ -1,3 +1,18 @@
+1.1.1 (2016-10-26)
+===================
+Features
+--------
+- Added delegate option for imagemagick (Will Fisher)
+
+Fixes
+-----
+- Use `Base64.urlsafe_encode64` (Jan Raasch)
+  Note that this changes b64 encodings from '/' to `'_'` and '+' to '-' in URLs, which will change a very
+  small number of generated URLs (but shouldn't be enough to cause big recaching problems)
+  URLs are encoded now according to the URL safe base64 specification in RFC 4648.
+  Old URLs are still recognized so won't break.
+
+
 1.1.0 (2016-10-24)
 ===================
 Fixes

data/README.md

@@ -44,7 +44,7 @@ Installation
 
 or in your Gemfile
 ```ruby
-gem 'dragonfly', '~> 1.1.0'
+gem 'dragonfly', '~> 1.1.1'
 ```
 
 Require with

data/lib/dragonfly/image_magick/plugin.rb

@@ -69,8 +69,7 @@ module Dragonfly
         end
 
         # Extra methods
-        app.define :identify do |*args|
-          cli_args = args.first # because ruby 1.8.7 can't deal with default args in blocks
+        app.define :identify do |cli_args=nil|
           shell_eval do |path|
             "#{app.env[:identify_command]} #{cli_args} #{path}"
           end

data/lib/dragonfly/image_magick/processors/convert.rb

@@ -8,10 +8,11 @@ module Dragonfly
           format = opts['format']
 
           input_args = opts['input_args'] if opts['input_args']
+          delegate_string = "#{opts['delegate']}:" if opts['delegate']
           frame_string = "[#{opts['frame']}]" if opts['frame']
 
           content.shell_update :ext => format do |old_path, new_path|
-            "#{convert_command} #{input_args} #{old_path}#{frame_string} #{args} #{new_path}"
+            "#{convert_command} #{input_args} #{delegate_string}#{old_path}#{frame_string} #{args} #{new_path}"
           end
 
           if format

data/lib/dragonfly/job.rb

@@ -60,7 +60,7 @@ module Dragonfly
           Serializer.json_b64_decode(string)
         rescue Serializer::BadString
           if app.allow_legacy_urls
-            Serializer.marshal_b64_decode(string, :check_malicious => true) # legacy strings
+            Serializer.marshal_b64_decode(string) # legacy strings
           else
             raise
           end

data/lib/dragonfly/serializer.rb

@@ -13,22 +13,20 @@ module Dragonfly
     extend self # So we can do Serializer.b64_encode, etc.
 
     def b64_encode(string)
-      Base64.encode64(string).tr("\n=",'')
+      Base64.urlsafe_encode64(string).tr('=','')
     end
 
     def b64_decode(string)
-      padding_length = string.length % 4
-      string = string.tr('~', '/')
-      Base64.decode64(string + '=' * padding_length)
+      padding_length = (-(string.length % 4)) % 4
+      string = string.tr('+','-').tr('~/','_')
+      Base64.urlsafe_decode64(string + '=' * padding_length)
+    rescue ArgumentError => e
+      raise BadString, "couldn't b64_decode string - got #{e}"
     end
 
-    def marshal_b64_encode(object)
-      b64_encode(Marshal.dump(object))
-    end
-
-    def marshal_b64_decode(string, opts={})
+    def marshal_b64_decode(string)
       marshal_string = b64_decode(string)
-      raise MaliciousString, "potentially malicious marshal string #{marshal_string.inspect}" if opts[:check_malicious] && marshal_string[/@[a-z_]/i]
+      raise MaliciousString, "potentially malicious marshal string #{marshal_string.inspect}" if marshal_string[/@[a-z_]/i]
       Marshal.load(marshal_string)
     rescue TypeError, ArgumentError => e
       raise BadString, "couldn't marshal decode string - got #{e}"

data/lib/dragonfly/server.rb

@@ -37,11 +37,7 @@ module Dragonfly
 
     def url_format=(url_format)
       @url_format = url_format
-      self.url_mapper = UrlMapper.new(url_format,
-        :basename => '[^\/]',
-        :name => '[^\/]',
-        :format => '[^\.]'
-      )
+      self.url_mapper = UrlMapper.new(url_format)
     end
 
     def before_serve(&block)

data/lib/dragonfly/shell.rb

@@ -27,10 +27,10 @@ module Dragonfly
 
     private
 
-    # Annoyingly, Open3 seems buggy on jruby/1.8.7:
+    # Annoyingly, Open3 seems buggy on jruby:
     # Some versions don't yield a wait_thread in the block and
     # you can't run sub-shells (if explicitly turning shell-escaping off)
-    if RUBY_PLATFORM == 'java' || RUBY_VERSION < '1.9'
+    if RUBY_PLATFORM == 'java'
 
       # Unfortunately we have no control over stderr this way
       def run_command(command)

data/lib/dragonfly/temp_object.rb

@@ -2,7 +2,6 @@ require 'stringio'
 require 'tempfile'
 require 'pathname'
 require 'fileutils'
-require 'dragonfly/core_ext/tempfile'
 
 module Dragonfly
 

data/lib/dragonfly/url_mapper.rb

@@ -4,6 +4,15 @@ require 'dragonfly/utils'
 module Dragonfly
   class UrlMapper
 
+    PATTERNS = {
+      basename: '[^\/]',
+      name: '[^\/]',
+      ext: '[^\.]',
+      format: '[^\.]',
+      job: '[^\/\.]'
+    }
+    DEFAULT_PATTERN = '[^\/\-\.]'
+
     # Exceptions
     class BadUrlFormat < StandardError; end
 
@@ -13,10 +22,10 @@ module Dragonfly
       end
     end
 
-    def initialize(url_format, patterns={})
+    def initialize(url_format)
       @url_format = url_format
       raise BadUrlFormat, "bad url format #{url_format}" if url_format[/[\w_]:[\w_]/]
-      init_segments(patterns)
+      init_segments
       init_url_regexp
     end
 
@@ -51,13 +60,13 @@ module Dragonfly
 
     private
 
-    def init_segments(patterns)
+    def init_segments
       @segments = []
       url_format.scan(/([^\w_]):([\w_]+)/).each do |seperator, param|
         segments << Segment.new(
           param,
           seperator,
-          patterns[param.to_sym] || '[^\/\-\.]'
+          PATTERNS[param.to_sym] || DEFAULT_PATTERN
         )
       end
     end

data/lib/dragonfly/version.rb

@@ -1,3 +1,3 @@
 module Dragonfly
-  VERSION = '1.1.0'
+  VERSION = '1.1.1'
 end

data/lib/rails/generators/dragonfly/dragonfly_generator.rb

@@ -11,14 +11,4 @@ class DragonflyGenerator < Rails::Generators::Base
     SecureRandom.hex(32)
   end
 
-  if RUBY_VERSION > "1.9"
-    def hash_key(key)
-      "#{key}:"
-    end
-  else
-    def hash_key(key)
-      ":#{key} =>"
-    end
-  end
 end
-

data/lib/rails/generators/dragonfly/templates/initializer.rb.erb

@@ -9,8 +9,8 @@ Dragonfly.app.configure do
   url_format "/media/:job/:name"
 
   datastore :file,
-    <%= hash_key(:root_path) %> Rails.root.join('public/system/dragonfly', Rails.env),
-    <%= hash_key(:server_root) %> Rails.root.join('public')
+    root_path: Rails.root.join('public/system/dragonfly', Rails.env),
+    server_root: Rails.root.join('public')
 end
 
 # Logger

data/spec/dragonfly/image_magick/processors/convert_spec.rb

@@ -62,4 +62,9 @@ describe Dragonfly::ImageMagick::Processors::Convert do
     pdf.should_not equal_image(pdf2)
   end
 
+  it "allows converting using specific delegates" do
+    expect {
+      processor.call(image, '', 'format' => 'jpg', 'delegate' => 'png')
+    }.to call_command(app.shell, %r{'convert' 'png:/[^']+?/beach\.png' '/[^']+?\.jpg'})
+  end
 end

data/spec/dragonfly/job_spec.rb

@@ -292,7 +292,7 @@ describe Dragonfly::Job do
       end
 
       it "checks for potentially malicious strings" do
-        string = Dragonfly::Serializer.marshal_b64_encode(Dragonfly::TempObject.new('a'))
+        string = Base64.encode64(Marshal.dump(Dragonfly::TempObject.new('a'))).tr("\n=",'')
         expect{
           Dragonfly::Job.deserialize(string, @app)
         }.to raise_error(Dragonfly::Serializer::MaliciousString)

data/spec/dragonfly/model/model_spec.rb

@@ -1136,7 +1136,11 @@ describe "models" do
       }.should raise_error(Dragonfly::Model::Attachment::BadAssignmentKey)
     end
 
-    [nil, "", "asdfsad"].each do |value|
+    [
+      nil,
+      "",
+      "asdfsad" # assigning with rubbish shouldn't break it
+    ].each do |value|
       it "should do nothing if assigned with #{value}" do
         @item.retained_preview_image = value
         @item.preview_image_uid.should be_nil

data/spec/dragonfly/serializer_spec.rb

@@ -13,10 +13,11 @@ describe Dragonfly::Serializer do
       '//..',
       'whats/up.egg.frog',
       '£ñçùí;',
-      '~'
+      '~',
+      '-umlaut_ö'
     ].each do |string|
-      it "should encode #{string.inspect} properly with no padding/line break" do
-        b64_encode(string).should_not =~ /\n|=/
+      it "should encode #{string.inspect} properly with no padding/line break or slash" do
+        b64_encode(string).should_not =~ /\n|=|\//
       end
       it "should correctly encode and decode #{string.inspect} to the same string" do
         str = b64_decode(b64_encode(string))
@@ -26,31 +27,21 @@ describe Dragonfly::Serializer do
     end
 
     describe "b64_decode" do
-      it "converts (deprecated) '~' characters to '/' characters" do
-        b64_decode('asdf~asdf').should == b64_decode('asdf/asdf')
+      if RUBY_PLATFORM != 'java'
+        # jruby doesn't seem to throw anything - it just removes non b64 characters
+        it "raises an error if the string passed in is not base 64" do
+          expect {
+            b64_decode("eggs for breakfast")
+          }.to raise_error(Dragonfly::Serializer::BadString)
+        end
+      end
+      it "converts (deprecated) '~' and '/' characters to '_' characters" do
+        b64_decode('LXVtbGF1dF~Dtg').should == b64_decode('LXVtbGF1dF_Dtg')
+        b64_decode('LXVtbGF1dF/Dtg').should == b64_decode('LXVtbGF1dF_Dtg')
+      end
+      it "converts '+' characters to '-' characters" do
+        b64_decode('LXVtbGF1dF+Dtg').should == b64_decode('LXVtbGF1dF-Dtg')
       end
-    end
-
-  end
-
-  [
-    :hello,
-    nil,
-    true,
-    4,
-    2.3,
-    'wassup man',
-    [3,4,5],
-    {:wo => 'there'},
-    [{:this => 'should', :work => [3, 5.3, nil, {false => 'egg'}]}, [], true]
-  ].each do |object|
-    it "should correctly marshal encode #{object.inspect} properly with no padding/line break" do
-      encoded = marshal_b64_encode(object)
-      encoded.should be_a(String)
-      encoded.should_not =~ /\n|=/
-    end
-    it "should correctly marshal encode and decode #{object.inspect} to the same object" do
-      marshal_b64_decode(marshal_b64_encode(object)).should == object
     end
   end
 
@@ -66,18 +57,14 @@ describe Dragonfly::Serializer do
       }.should raise_error(Dragonfly::Serializer::BadString)
     end
     describe "potentially harmful strings" do
-      it "doesn't raise if not flagged to check for malicious strings" do
-        class C; end
-        marshal_b64_decode('BAhvOgZDBjoOQF9fc2VuZF9faQY').should be_a(C)
-      end
       ['_', 'hello', 'h2', '__send__', 'F'].each do |variable_name|
-        it "raises if flagged to check for malicious strings and finds one" do
+        it "raises if it finds a malicious string" do
           class C; end
           c = C.new
           c.instance_eval{ instance_variable_set("@#{variable_name}", 1) }
           string = Dragonfly::Serializer.b64_encode(Marshal.dump(c))
           lambda{
-            marshal_b64_decode(string, :check_malicious => true)
+            marshal_b64_decode(string)
           }.should raise_error(Dragonfly::Serializer::MaliciousString)
         end
       end

data/spec/dragonfly/url_mapper_spec.rb

@@ -24,21 +24,7 @@ describe Dragonfly::UrlMapper do
   describe "url_regexp" do
     it "should return a regexp with non-greedy optional groups that include the preceding slash/dot/dash" do
       url_mapper = Dragonfly::UrlMapper.new('/media/:job/:basename-:size.:format')
-      url_mapper.url_regexp.should == %r{\A/media(/[^\/\-\.]+?)?(/[^\/\-\.]+?)?(\-[^\/\-\.]+?)?(\.[^\/\-\.]+?)?\z}
-    end
-
-    it "should allow setting custom patterns in the url" do
-      url_mapper = Dragonfly::UrlMapper.new('/media/:job-:size.:format',
-        :job => '\w',
-        :size => '\d',
-        :format => '[^\.]'
-      )
-      url_mapper.url_regexp.should == %r{\A/media(/\w+?)?(\-\d+?)?(\.[^\.]+?)?\z}
-    end
-
-    it "should make optional match patterns (ending in ?) apply to the whole group including the preceding seperator" do
-      url_mapper = Dragonfly::UrlMapper.new('/media/:job', :job => '\w')
-      url_mapper.url_regexp.should == %r{\A/media(/\w+?)?\z}
+      url_mapper.url_regexp.should == %r{\A/media(/[^\/\.]+?)?(/[^\/]+?)?(\-[^\/\-\.]+?)?(\.[^\.]+?)?\z}
     end
   end
 
@@ -98,33 +84,36 @@ describe Dragonfly::UrlMapper do
     it "should correctly url-unescape funny characters" do
       @url_mapper.params_for('/media/a%23c').should == {'job' => 'a#c'}
     end
+
+    it "should work when the job contains the '-' character" do
+      @url_mapper = Dragonfly::UrlMapper.new('/media/:job-:size.:format')
+      @url_mapper.params_for('/media/asdf-30x30.jpg').should == {'job' => 'asdf', 'size' => '30x30', 'format' => 'jpg'}
+      @url_mapper.params_for('/media/as-df-30x30.jpg').should == {'job' => 'as-df', 'size' => '30x30', 'format' => 'jpg'}
+    end
   end
 
-  describe "matching urls with standard format /media/:job/:basename.:format" do
+  describe "matching urls with standard format /media/:job/:name" do
     before(:each) do
-      @url_mapper = Dragonfly::UrlMapper.new('/media/:job/:basename.:format',
-        :basename => '[^\/]',
-        :format => '[^\.]'
-      )
+      @url_mapper = Dragonfly::UrlMapper.new('/media/:job/:name')
     end
 
     {
       '' => nil,
       '/' => nil,
-      '/media' => {'job' => nil, 'basename' => nil, 'format' => nil},
+      '/media' => {'job' => nil, 'name' => nil},
       '/media/' => nil,
       '/moodia/asdf' => nil,
       '/media/asdf/' => nil,
       '/mount/media/asdf' => nil,
-      '/media/asdf/stuff.egg' => {'job' => 'asdf', 'basename' => 'stuff', 'format' => 'egg'},
-      '/media/asdf' =>           {'job' => 'asdf', 'basename' => nil,     'format' => nil},
-      '/media/asdf/stuff' =>     {'job' => 'asdf', 'basename' => 'stuff', 'format' => nil},
-      '/media/asdf.egg' =>       {'job' => 'asdf', 'basename' => nil,     'format' => 'egg'},
+      '/media/asdf/stuff.egg' => {'job' => 'asdf', 'name' => 'stuff.egg'},
+      '/media/asdf' =>           {'job' => 'asdf', 'name' => nil},
+      '/media/asdf/stuff' =>     {'job' => 'asdf', 'name' => 'stuff'},
+      '/media/asdf.egg' =>       {'job' => nil, 'name' => 'asdf.egg'},
       '/media/asdf/stuff/egg' => nil,
-      '/media/asdf/stuff.dog.egg' => {'job' => 'asdf', 'basename' => 'stuff.dog', 'format' => 'egg'},
-      '/media/asdf/s%3D2%2B-.d.e' => {'job' => 'asdf', 'basename' => 's=2+-.d', 'format' => 'e'},
-      '/media/asdf-40x40/stuff.egg' => nil,
-      '/media/a%23c' => {'job' => 'a#c', 'basename' => nil, 'format' => nil}
+      '/media/asdf/stuff.dog.egg' => {'job' => 'asdf', 'name' => 'stuff.dog.egg'},
+      '/media/asdf/s%3D2%2B-.d.e' => {'job' => 'asdf', 'name' => 's=2+-.d.e'},
+      '/media/asdf-40x40/stuff.egg' => {'job' => 'asdf-40x40', 'name' => 'stuff.egg'},
+      '/media/a%23c' => {'job' => 'a#c', 'name' => nil}
     }.each do |path, params|
 
       it "should turn the url #{path} into params #{params.inspect}" do

data/spec/functional/urls_spec.rb

@@ -45,7 +45,7 @@ describe "urls" do
 
   it "works with potentially tricky url characters for the url" do
     url = app.fetch('uid []=~/+').url(:name => 'name []=~/+')
-    url.should =~ %r(^/[\w%]+/name%20%5B%5D%3D%7E%2F%2B$)
+    url.should =~ %r(^/[\w-]+/name%20%5B%5D%3D%7E%2F%2B$)
     job_should_match [["f", "uid []=~/+"]]
     response = request(app, url)
   end

data/spec/spec_helper.rb

@@ -9,7 +9,7 @@ require 'dragonfly'
 require 'fileutils'
 require 'tempfile'
 require 'webmock/rspec'
-require 'pry' if RUBY_VERSION >= '1.9'
+require 'pry'
 
 # Requires supporting files with custom matchers and macros, etc,
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}

data/spec/support/simple_matchers.rb

@@ -62,3 +62,16 @@ RSpec::Matchers.define :increase_num_tempfiles do
     true
   end
 end
+
+RSpec::Matchers.define :call_command do |shell, command|
+  match do |block|
+    # run_command is private so this is slightly naughty but it does the job
+    allow(shell).to receive(:run_command).and_call_original
+    block.call
+    expect(shell).to have_received(:run_command).with(command)
+  end
+
+  def supports_block_expectations?
+    true
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dragonfly
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.1
 platform: ruby
 authors:
 - Mark Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-10-24 00:00:00.000000000 Z
+date: 2016-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -126,7 +126,6 @@ files:
 - lib/dragonfly/core_ext/array.rb
 - lib/dragonfly/core_ext/hash.rb
 - lib/dragonfly/core_ext/object.rb
-- lib/dragonfly/core_ext/tempfile.rb
 - lib/dragonfly/file_data_store.rb
 - lib/dragonfly/has_filename.rb
 - lib/dragonfly/hash_with_css_style_keys.rb
@@ -259,7 +258,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.7
 signing_key: 
 specification_version: 4
 summary: Ideal gem for handling attachments in Rails, Sinatra and Rack applications.

data/lib/dragonfly/core_ext/tempfile.rb

@@ -1,19 +0,0 @@
-# Tempfile#size reports size of 0 after the tempfile has been
-# closed (without unlinking).  This happens because internal
-# @tmpfile is set to nil when the Tempfile is closed.
-# Alternatively @tmpname is set to nil when file is unlinked.
-
-if RUBY_VERSION < '1.9'
-  class Tempfile
-    def size
-      if @tmpfile
-        @tmpfile.flush
-        @tmpfile.stat.size
-      elsif @tmpname
-        File.size(@tmpname)
-      else
-        0
-      end
-    end
-  end
-end