effective_storage 0.4.4 → 0.4.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3fd5855eb03beb973377deab121f3a632fe8afc28999b802717ab8300c1bfb60
-  data.tar.gz: b519d27a7ad134900899897874b40bf6a10cf36b34c64a3836507731880a8ba0
+  metadata.gz: 8de0c7807726e325a8a2f34f1e205c14dd27740daed1f7622db12dd39fb865a2
+  data.tar.gz: 126797b758eed3ad5d192cde7ce3f365096dfad96ebdf232f217b8b5428b91b1
 SHA512:
-  metadata.gz: '0093a45fdfe5cabef645f11913770d36070ccc395dc6aa85b71a9aa0fb750e8319be4f752dc628f8e9379ebf229503c0b5cdcf2d5179fec304d86a0f3504041e'
-  data.tar.gz: 255295667680f5a9dd9b5c9a097ea06d4b7d93ea1e849ecd5fb84cf5966634b9ec844acc92ce0148683f3e1a04c29fa2d034e78f044ff1f1b3c8126492725290
+  metadata.gz: bba482aece015938fa979889a7d7da64ab68681100250409a3a147698c97274fe237c7257b2e2d5c6dec6ed97f8ab234e8b7cab654a36ab2a12ca53577996d07
+  data.tar.gz: 837259796bbbe60101329b80e96bfc0a1743b2b5afbcf42e2a59ef70b6ad97c433a5400bd8aeb91e5f9a5d01a44407599982f37c311fd29353a3b240341bf4e4

data/app/models/concerns/active_storage_authorization.rb

@@ -54,11 +54,8 @@ module ActiveStorageAuthorization
   def authorize_active_storage!
     return unless @blob.present?
 
-    # If the blob has been given permission
-    return true if authorized?(@blob)
-
     # If the blob is not attached to anything, permit the blob
-    return true if @blob.attachments.blank? && authorize_content_download?(@blob)
+    return true if @blob.attachments.blank?
 
     # If the blob is an ActiveStorage::Variant it's been previously authorized
     return true if @blob.attachments.any? { |attachment| authorized_variant_download?(attachment) }
@@ -66,6 +63,9 @@ module ActiveStorageAuthorization
     # If we are authorized on any attached record, permit the download
     return true if @blob.attachments.any? { |attachment| authorized_attachment_download?(attachment) }
 
+    # If the blob has been given permission using Mark Public
+    return true if authorized?(@blob)
+
     # Otherwise raise a 404 Not Found and block the download
     head(:not_found)
 
@@ -100,19 +100,6 @@ module ActiveStorageAuthorization
     false
   end
 
-  # This is a file that was drag & drop or inserted into the article editor
-  # I think this might only happen with article editor edit screens
-  def authorize_content_download?(blob)
-    # Allow signed out users to view images
-    return true if blob.image?
-
-    # Require sign in to view any attached files
-    # current_user.present?
-
-    # Let anyone view these files
-    true
-  end
-
   # This was included and resized in an ActionText::RichText object
   # But these ones don't belong_to any record
   def authorized_variant_download?(attachment)
@@ -122,10 +109,14 @@ module ActiveStorageAuthorization
   # This is a has_one_attached or has_many_attached record
   # Or an ActionText::RichText object, that belongs_to a record
   def authorized_attachment_download?(attachment)
+    return false if attachment.record_type.blank?
+
+    # Attachment itself
+    return true if EffectiveResources.authorized?(self, :show, attachment)
+
     # DO NOT USE .blank? or .present? here. They return incorrect values.
     return false if attachment.record.nil?
 
-    # Associated Record
     record = attachment.record
     return true if authorized?(record)
 
@@ -133,9 +124,6 @@ module ActiveStorageAuthorization
     resource = record.record if record.respond_to?(:record)
     return true if authorized?(resource)
 
-    # Attachment itself
-    return true if authorized?(attachment)
-
     false
   end
 

data/lib/effective_storage/version.rb

@@ -1,3 +1,3 @@
 module EffectiveStorage
-  VERSION = '0.4.4'.freeze
+  VERSION = '0.4.5'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_storage
 version: !ruby/object:Gem::Version
-  version: 0.4.4
+  version: 0.4.5
 platform: ruby
 authors:
 - Code and Effect
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-11 00:00:00.000000000 Z
+date: 2023-11-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails