effective_storage 0.4.6 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/concerns/active_storage_authorization.rb +10 -16
  3. data/lib/effective_storage/engine.rb +12 -0
  4. data/lib/effective_storage/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ce0b1d8d9b061e3e2a3b81d4662a6ff7f4bea772bb3b639068e4148867b79e7c
4
- data.tar.gz: 88115f4894e78a14807ef47eaf8af3f4f20e300ca42ac5f8e6148ff4b56aa84f
3
+ metadata.gz: 56132c2df34a8e92e79e9535604ac3f9e0b3c63196419190434b0fc2d9c30626
4
+ data.tar.gz: 85cbf1b08714cf40672cc78a4368d1c1a6320e63368a8a827a952c8d0d54486a
5
5
  SHA512:
6
- metadata.gz: c261ab3931f45c6892f7c1df8780e27f0f17fdf4af5b2eb1046682c8580496f23e9275f0a649f795c91421c33a012eacce8d352d335cf7150412640f97afe16a
7
- data.tar.gz: e8bd885fe445aeb7b9b071cb101225199ff411ceb8da2194ed727ee18cb2e66d433640ef4e455190c6184ff40f1e6f350a43e67a0fc24e602ccf06a52c825917
6
+ metadata.gz: c379ef05a4d7c81d591e6a43f2c74e01c6488ccafae3b138cbbc982f5f241ce744191527be08d1e95817ac2f1324491ff8dd229d439dd7f31d867407cf5f0a0e
7
+ data.tar.gz: 2aeac15bc355e1d8704ba7d32793ad4d85bd30647ffebb869a5c43408395c5b3291abf64109475277dc4ae5edfa040a7263b685a7d8b27e2f7d358619f5079cc
data/app/models/concerns/active_storage_authorization.rb CHANGED
@@ -14,12 +14,12 @@
14
14
  module ActiveStorageAuthorization
15
15
  extend ActiveSupport::Concern
16
16
 
17
- AUTHORIZED_EFFECTIVE_DOWNLOADS = [
18
- 'Effective::CarouselItem',
19
- 'Effective::PageBanner',
20
- 'Effective::PageSection',
17
+ AUTHORIZED_EFFECTIVE_DOWNLOADS = Set.new([
18
+ 'Effective::CarouselItem',
19
+ 'Effective::PageBanner',
20
+ 'Effective::PageSection',
21
21
  'Effective::Permalink'
22
- ]
22
+ ]).freeze
23
23
 
24
24
  included do
25
25
  rescue_from(Effective::UnauthorizedStorageException, with: :unauthorized_active_storage_request)
@@ -42,19 +42,13 @@ module ActiveStorageAuthorization
42
42
  # Send an ExceptionNotification email with the unauthorized details
43
43
  # This is not visible to users
44
44
  def unauthorized_active_storage_request(exception)
45
-
46
- if defined?(ExceptionNotifier)
47
- data = { 'current_user_id': current_user&.id || 'none' }.merge(@blob&.attributes || {})
48
- ExceptionNotifier.notify_exception(exception, env: request.env, data: data)
49
- else
50
- raise(exception)
51
- end
45
+ EffectiveResources.send_error(exception, current_user_id: (current_user&.id || 'none'))
52
46
  end
53
47
 
54
48
  private
55
49
 
56
50
  def set_download_blob
57
- @blob ||= ActiveStorage::Blob.where(key: decode_verified_key().try(:dig, :key)).first
51
+ @blob ||= ActiveStorage::Blob.includes(:attachments, :active_storage_extensions).where(key: decode_verified_key().try(:dig, :key)).first
58
52
  end
59
53
 
60
54
  # Authorize the current blob and prevent it from being served if unauthorized
@@ -73,12 +67,12 @@ module ActiveStorageAuthorization
73
67
  # If the blob is a known good effective class fast path it
74
68
  return true if @blob.attachments.any? { |attachment| authorized_effective_download?(attachment) }
75
69
 
70
+ # If the blob has been marked public, permit the download (in-memory check, no queries)
71
+ return true if @blob.permission_public?
72
+
76
73
  # If we are authorized on any attached record, permit the download
77
74
  return true if @blob.attachments.any? { |attachment| authorized_attachment_download?(attachment) }
78
75
 
79
- # If the blob has been given permission using Mark Public
80
- return true if authorized?(@blob)
81
-
82
76
  # Otherwise raise a 404 Not Found and block the download
83
77
  head(:not_found)
84
78
 
data/lib/effective_storage/engine.rb CHANGED
@@ -30,10 +30,22 @@ module EffectiveStorage
30
30
 
31
31
  ActiveStorage::Blobs::RedirectController.class_eval do
32
32
  before_action :authorize_active_storage_redirect!, only: [:show]
33
+
34
+ private
35
+
36
+ def blob_scope
37
+ ActiveStorage::Blob.includes(:attachments, :active_storage_extensions)
38
+ end
33
39
  end
34
40
 
35
41
  ActiveStorage::Representations::RedirectController.class_eval do
36
42
  before_action :authorize_active_storage_redirect!, only: [:show]
43
+
44
+ private
45
+
46
+ def blob_scope
47
+ ActiveStorage::Blob.scope_for_strict_loading.includes(:attachments, :active_storage_extensions)
48
+ end
37
49
  end
38
50
  end
39
51
  end
data/lib/effective_storage/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EffectiveStorage
2
- VERSION = '0.4.6'.freeze
2
+ VERSION = '0.5.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_storage
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.6
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-01 00:00:00.000000000 Z
11
+ date: 2026-02-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails