effective_storage 0.3.0 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/concerns/active_storage_authorization.rb +4 -3
  3. data/lib/effective_storage/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ddb75c58fe70421e642837cd9af4f53f90d8c4b01d56489d95410b293da9509d
4
- data.tar.gz: 01dfc8e5af3dc6ce51181989c4d3a30b75295dd384c616ef14dc994f03ca9490
3
+ metadata.gz: e4d882d7dc41b30bee6a440cffcbcc0008dc697fc5ace3455ff2f427910325d1
4
+ data.tar.gz: a6a536963a71e23feeb0106193a7d731372f3190cf48632aa5cb70388636df31
5
5
  SHA512:
6
- metadata.gz: 9f11e509b1a5a92c007a87178f8bb53b9f6d1a5563fe1d7f14e04b8db13d39c1757197050a79bc6807be703d7257d10424f92d4d1a5f4493f984dd949094f40f
7
- data.tar.gz: 6eae6952c076bab26ab2a67ffe403d4eb51d0aa9242dcff992fb5473580982fdefff44fa36bc635b52d98f9b8866752e53f9d296037bb9a2136487d6acff94ca
6
+ metadata.gz: fc59eaafef6892fb1b3826e7ad0ee0f5aacf175f553cdae2eb8bc15a2631a72ea4681f2ef6b7c594f5497007df06f7acfd91c9f76480b4d49e96811b1a637781
7
+ data.tar.gz: 12d4c064a19a72670545e52f61c986c80455c90ae4852af9c3e272aea56a4331d7e7e0065e9cdfeff860f25f1e12f282b180815dd1145e1af33e66d7e2c863a4
data/app/models/concerns/active_storage_authorization.rb CHANGED
@@ -67,8 +67,8 @@ module ActiveStorageAuthorization
67
67
  # If we are authorized on any attached record, permit the download
68
68
  return true if @blob.attachments.any? { |attachment| authorized_attachment_download?(attachment) }
69
69
 
70
- # Otherwise raise a 403 Forbidden and block the download
71
- head(:forbidden, 'X-Robots-Tag': 'noindex')
70
+ # Otherwise raise a 404 Not Found and block the download
71
+ head(:not_found)
72
72
 
73
73
  # Raise an exception to log unauthorized request
74
74
  raise_exception()
@@ -113,7 +113,8 @@ module ActiveStorageAuthorization
113
113
  # This is a has_one_attached or has_many_attached record
114
114
  # Or an ActionText::RichText object, that belongs_to a record
115
115
  def authorized_attachment_download?(attachment)
116
- return false if attachment.record.blank?
116
+ # DO NOT USE .blank? or .present? here. They return incorrect values.
117
+ return false if attachment.record.nil?
117
118
 
118
119
  # Associated Record
119
120
  record = attachment.record
data/lib/effective_storage/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EffectiveStorage
2
- VERSION = '0.3.0'.freeze
2
+ VERSION = '0.3.2'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_storage
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-06 00:00:00.000000000 Z
11
+ date: 2023-02-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails