effective_storage 0.4.5 → 0.4.6
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ce0b1d8d9b061e3e2a3b81d4662a6ff7f4bea772bb3b639068e4148867b79e7c
|
|
4
|
+
data.tar.gz: 88115f4894e78a14807ef47eaf8af3f4f20e300ca42ac5f8e6148ff4b56aa84f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c261ab3931f45c6892f7c1df8780e27f0f17fdf4af5b2eb1046682c8580496f23e9275f0a649f795c91421c33a012eacce8d352d335cf7150412640f97afe16a
|
|
7
|
+
data.tar.gz: e8bd885fe445aeb7b9b071cb101225199ff411ceb8da2194ed727ee18cb2e66d433640ef4e455190c6184ff40f1e6f350a43e67a0fc24e602ccf06a52c825917
|
|
@@ -14,6 +14,13 @@
|
|
|
14
14
|
module ActiveStorageAuthorization
|
|
15
15
|
extend ActiveSupport::Concern
|
|
16
16
|
|
|
17
|
+
AUTHORIZED_EFFECTIVE_DOWNLOADS = [
|
|
18
|
+
'Effective::CarouselItem',
|
|
19
|
+
'Effective::PageBanner',
|
|
20
|
+
'Effective::PageSection',
|
|
21
|
+
'Effective::Permalink'
|
|
22
|
+
]
|
|
23
|
+
|
|
17
24
|
included do
|
|
18
25
|
rescue_from(Effective::UnauthorizedStorageException, with: :unauthorized_active_storage_request)
|
|
19
26
|
end
|
|
@@ -54,12 +61,18 @@ module ActiveStorageAuthorization
|
|
|
54
61
|
def authorize_active_storage!
|
|
55
62
|
return unless @blob.present?
|
|
56
63
|
|
|
64
|
+
# Disable strict loading and let the @blob just pull :attachments
|
|
65
|
+
@blob.strict_loading!(false) if @blob.try(:strict_loading?)
|
|
66
|
+
|
|
57
67
|
# If the blob is not attached to anything, permit the blob
|
|
58
68
|
return true if @blob.attachments.blank?
|
|
59
69
|
|
|
60
70
|
# If the blob is an ActiveStorage::Variant it's been previously authorized
|
|
61
71
|
return true if @blob.attachments.any? { |attachment| authorized_variant_download?(attachment) }
|
|
62
72
|
|
|
73
|
+
# If the blob is a known good effective class fast path it
|
|
74
|
+
return true if @blob.attachments.any? { |attachment| authorized_effective_download?(attachment) }
|
|
75
|
+
|
|
63
76
|
# If we are authorized on any attached record, permit the download
|
|
64
77
|
return true if @blob.attachments.any? { |attachment| authorized_attachment_download?(attachment) }
|
|
65
78
|
|
|
@@ -106,6 +119,12 @@ module ActiveStorageAuthorization
|
|
|
106
119
|
attachment.record_type == 'ActiveStorage::VariantRecord'
|
|
107
120
|
end
|
|
108
121
|
|
|
122
|
+
# These are always public images
|
|
123
|
+
# Fast path them so we don't have to load any user for a permission check
|
|
124
|
+
def authorized_effective_download?(attachment)
|
|
125
|
+
AUTHORIZED_EFFECTIVE_DOWNLOADS.include?(attachment.record_type)
|
|
126
|
+
end
|
|
127
|
+
|
|
109
128
|
# This is a has_one_attached or has_many_attached record
|
|
110
129
|
# Or an ActionText::RichText object, that belongs_to a record
|
|
111
130
|
def authorized_attachment_download?(attachment)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: effective_storage
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Code and Effect
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-12-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|