effective_storage 0.4.1 → 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/concerns/active_storage_authorization.rb +10 -1
  3. data/config/effective_storage.rb +5 -0
  4. data/lib/effective_storage/version.rb +1 -1
  5. data/lib/effective_storage.rb +9 -1
  6. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4f1b5a4ba6185fdd5c81e33afacd6dfb6ec8dc2e5c24fa07fb05be840d196740
4
- data.tar.gz: e82b0d3bea47958aabd007a0a444088b92124421149357dd9998e1f0c30c4346
3
+ metadata.gz: 9230c3cd21cf195cdf1b24f42bf4221c8a7a2619a78b2ba3cc4ef7d132906e4d
4
+ data.tar.gz: 7121042e8928e76541e60f595f93461ed767563e62d5e3f2251dda5f9b6239da
5
5
  SHA512:
6
- metadata.gz: aebccce481ef3f36dac0a1f1855e957abca8f6d30465f3bb214875210a98aa24fd1ea7df14b5de80c727d503fb69ef2a226e81f23b7b7381ea88165ccdf85df3
7
- data.tar.gz: af51fe35aeed80cd5409aa39c3048b6e4128ad80429d383e2639d8b3afa19500ba05ee2647e6ff93c46fdca6d4af3700cfcc914d81aa3f1136afcf27e873d6ad
6
+ metadata.gz: 8798dd36a2b61b525416d8eb27a4c4d291d8380df42690c088f17ec76ddd1ebef5e995a0a97293fa105a19b00bb44b12cb325073345a975a245aeaf25dfcd3b2
7
+ data.tar.gz: ab3c5af1ae73962ada0a37cfdb2edda28a81ff8bd3b081b62e5e90eb5a1ee4335eda7247c34af16982ca79adf4fdff11e0a7eb27150d98a47e8d1f2bce8dea40
data/app/models/concerns/active_storage_authorization.rb CHANGED
@@ -35,7 +35,6 @@ module ActiveStorageAuthorization
35
35
  # Send an ExceptionNotification email with the unauthorized details
36
36
  # This is not visible to users
37
37
  def unauthorized_active_storage_request(exception)
38
- return if request.referer.to_s.include?('.test:')
39
38
 
40
39
  if defined?(ExceptionNotifier)
41
40
  data = { 'current_user_id': current_user&.id || 'none' }.merge(@blob&.attributes || {})
@@ -79,6 +78,8 @@ module ActiveStorageAuthorization
79
78
  record = attachment.record if attachment
80
79
  resource = record.record if record.respond_to?(:record)
81
80
 
81
+ return if skip_notification?(record || resource || @blob)
82
+
82
83
  error = [
83
84
  "unauthorized active storage request for #{@blob.filename}",
84
85
  ("on #{record.class.name} #{record.id}" if record.present?),
@@ -91,6 +92,14 @@ module ActiveStorageAuthorization
91
92
  raise Effective::UnauthorizedStorageException.new(error + '. ' + resolution)
92
93
  end
93
94
 
95
+ def skip_notification?(resource)
96
+ return true if EffectiveStorage.skip_notification?
97
+ return true if EffectiveStorage.skip_notifications.include?(resource.class.name)
98
+ return true if request.referer.to_s.include?('.test:')
99
+
100
+ false
101
+ end
102
+
94
103
  # This is a file that was drag & drop or inserted into the article editor
95
104
  # I think this might only happen with article editor edit screens
96
105
  def authorize_content_download?(blob)
data/config/effective_storage.rb CHANGED
@@ -9,4 +9,9 @@ EffectiveStorage.setup do |config|
9
9
 
10
10
  # Do not delete ActiveStorage::Blobs
11
11
  config.never_delete = true
12
+
13
+ # Skip Notifications for unauthorized active storage requests
14
+ # config.skip_notification = true
15
+ # config.skip_notification = ['Effective::Classified']
16
+
12
17
  end
data/lib/effective_storage/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EffectiveStorage
2
- VERSION = '0.4.1'.freeze
2
+ VERSION = '0.4.3'.freeze
3
3
  end
data/lib/effective_storage.rb CHANGED
@@ -6,7 +6,7 @@ require 'effective_storage/version'
6
6
  module EffectiveStorage
7
7
 
8
8
  def self.config_keys
9
- [:layout, :authorize_active_storage, :never_delete]
9
+ [:layout, :authorize_active_storage, :never_delete, :skip_notification]
10
10
  end
11
11
 
12
12
  include EffectiveGem
@@ -19,4 +19,12 @@ module EffectiveStorage
19
19
  never_delete == true
20
20
  end
21
21
 
22
+ def self.skip_notification?
23
+ skip_notification == true
24
+ end
25
+
26
+ def self.skip_notifications
27
+ Array(skip_notification)
28
+ end
29
+
22
30
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_storage
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-03-20 00:00:00.000000000 Z
11
+ date: 2023-08-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -95,7 +95,7 @@ dependencies:
95
95
  - !ruby/object:Gem::Version
96
96
  version: '0'
97
97
  - !ruby/object:Gem::Dependency
98
- name: haml-rails
98
+ name: haml
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
101
  - - ">="
@@ -170,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
170
170
  - !ruby/object:Gem::Version
171
171
  version: '0'
172
172
  requirements: []
173
- rubygems_version: 3.1.2
173
+ rubygems_version: 3.3.7
174
174
  signing_key:
175
175
  specification_version: 4
176
176
  summary: Authorize and browse Active Storage attachments