effective_storage 0.4.1 → 0.4.3
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9230c3cd21cf195cdf1b24f42bf4221c8a7a2619a78b2ba3cc4ef7d132906e4d
|
4
|
+
data.tar.gz: 7121042e8928e76541e60f595f93461ed767563e62d5e3f2251dda5f9b6239da
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8798dd36a2b61b525416d8eb27a4c4d291d8380df42690c088f17ec76ddd1ebef5e995a0a97293fa105a19b00bb44b12cb325073345a975a245aeaf25dfcd3b2
|
7
|
+
data.tar.gz: ab3c5af1ae73962ada0a37cfdb2edda28a81ff8bd3b081b62e5e90eb5a1ee4335eda7247c34af16982ca79adf4fdff11e0a7eb27150d98a47e8d1f2bce8dea40
|
@@ -35,7 +35,6 @@ module ActiveStorageAuthorization
|
|
35
35
|
# Send an ExceptionNotification email with the unauthorized details
|
36
36
|
# This is not visible to users
|
37
37
|
def unauthorized_active_storage_request(exception)
|
38
|
-
return if request.referer.to_s.include?('.test:')
|
39
38
|
|
40
39
|
if defined?(ExceptionNotifier)
|
41
40
|
data = { 'current_user_id': current_user&.id || 'none' }.merge(@blob&.attributes || {})
|
@@ -79,6 +78,8 @@ module ActiveStorageAuthorization
|
|
79
78
|
record = attachment.record if attachment
|
80
79
|
resource = record.record if record.respond_to?(:record)
|
81
80
|
|
81
|
+
return if skip_notification?(record || resource || @blob)
|
82
|
+
|
82
83
|
error = [
|
83
84
|
"unauthorized active storage request for #{@blob.filename}",
|
84
85
|
("on #{record.class.name} #{record.id}" if record.present?),
|
@@ -91,6 +92,14 @@ module ActiveStorageAuthorization
|
|
91
92
|
raise Effective::UnauthorizedStorageException.new(error + '. ' + resolution)
|
92
93
|
end
|
93
94
|
|
95
|
+
def skip_notification?(resource)
|
96
|
+
return true if EffectiveStorage.skip_notification?
|
97
|
+
return true if EffectiveStorage.skip_notifications.include?(resource.class.name)
|
98
|
+
return true if request.referer.to_s.include?('.test:')
|
99
|
+
|
100
|
+
false
|
101
|
+
end
|
102
|
+
|
94
103
|
# This is a file that was drag & drop or inserted into the article editor
|
95
104
|
# I think this might only happen with article editor edit screens
|
96
105
|
def authorize_content_download?(blob)
|
data/config/effective_storage.rb
CHANGED
@@ -9,4 +9,9 @@ EffectiveStorage.setup do |config|
|
|
9
9
|
|
10
10
|
# Do not delete ActiveStorage::Blobs
|
11
11
|
config.never_delete = true
|
12
|
+
|
13
|
+
# Skip Notifications for unauthorized active storage requests
|
14
|
+
# config.skip_notification = true
|
15
|
+
# config.skip_notification = ['Effective::Classified']
|
16
|
+
|
12
17
|
end
|
data/lib/effective_storage.rb
CHANGED
@@ -6,7 +6,7 @@ require 'effective_storage/version'
|
|
6
6
|
module EffectiveStorage
|
7
7
|
|
8
8
|
def self.config_keys
|
9
|
-
[:layout, :authorize_active_storage, :never_delete]
|
9
|
+
[:layout, :authorize_active_storage, :never_delete, :skip_notification]
|
10
10
|
end
|
11
11
|
|
12
12
|
include EffectiveGem
|
@@ -19,4 +19,12 @@ module EffectiveStorage
|
|
19
19
|
never_delete == true
|
20
20
|
end
|
21
21
|
|
22
|
+
def self.skip_notification?
|
23
|
+
skip_notification == true
|
24
|
+
end
|
25
|
+
|
26
|
+
def self.skip_notifications
|
27
|
+
Array(skip_notification)
|
28
|
+
end
|
29
|
+
|
22
30
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: effective_storage
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Code and Effect
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-08-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -95,7 +95,7 @@ dependencies:
|
|
95
95
|
- !ruby/object:Gem::Version
|
96
96
|
version: '0'
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
|
-
name: haml
|
98
|
+
name: haml
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
100
100
|
requirements:
|
101
101
|
- - ">="
|
@@ -170,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
170
170
|
- !ruby/object:Gem::Version
|
171
171
|
version: '0'
|
172
172
|
requirements: []
|
173
|
-
rubygems_version: 3.
|
173
|
+
rubygems_version: 3.3.7
|
174
174
|
signing_key:
|
175
175
|
specification_version: 4
|
176
176
|
summary: Authorize and browse Active Storage attachments
|