effective_storage 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f43ada6fb79a20117caa0e82a3a2853852e4db3e38c80bf6278b539b05fcdb3a
+  data.tar.gz: b727658f31266edf3646e8f6658b0b16c9b524439efd034caa83438e5c5a88a3
+SHA512:
+  metadata.gz: e0d0f65d241af25b65e7e326a908614e4d439126edd464a15449a4a2d93a7cf2e5539cd5929b98902f1e346ac3854ceb86e690af0a312b79a97aa19b960c90ab
+  data.tar.gz: d6c1f5c005c079b9a3af3347c5f4fa590ddb4c788890683220b2202b2f574e82bedfde51d2b34964ea4e4359baf105f1af6dab1e4dc85a5a8a0ba26b231223c0

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2022 Code and Effect Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,94 @@
+# Effective Storage
+
+Adds an authentication layer to the Active Storage downloads controller.
+
+Authorizes the user downloading each file and raises an exception for unauthorized requests.
+
+Adds an admin screen to browse Active Storage attachments and mark them as inherited or public.
+
+## Getting Started
+
+This requires Rails 6+ and Twitter Bootstrap 4 and just works with Devise.
+
+Please first install the [effective_datatables](https://github.com/code-and-effect/effective_datatables) gem.
+
+Please download and install the [Twitter Bootstrap4](http://getbootstrap.com)
+
+Add to your Gemfile:
+
+```ruby
+gem 'haml-rails' # or try using gem 'hamlit-rails'
+gem 'effective_storage'
+```
+
+Run the bundle command to install it:
+
+```console
+bundle install
+```
+
+Then run the generator:
+
+```ruby
+rails generate effective_storage:install
+```
+
+The generator will install an initializer which describes all configuration options and creates a database migration.
+
+If you want to tweak the table names, manually adjust both the configuration file and the migration now.
+
+Then migrate the database:
+
+```ruby
+rake db:migrate
+```
+
+Add a link to the admin menu:
+
+```haml
+- if can?(:admin, :effective_storage) && can?(:index, ActiveStorage::Attachment)
+  = nav_link_to 'Storage', effective_storage.admin_storage_path
+```
+
+## Configuration
+
+## Authorization
+
+All authorization checks are handled via the effective_resources gem found in the `config/initializers/effective_resources.rb` file.
+
+## Permissions
+
+The permissions you actually want to define are as follows (using CanCan):
+
+```ruby
+can(:show, ActiveStorage::Attachment) { |attachment| attachment.permission_public? }
+
+if user.persisted?
+end
+
+if user.admin?
+  can :admin, :effective_storage
+  can :index, ActiveStorage::Attachment
+end
+```
+
+## License
+
+MIT License.  Copyright [Code and Effect Inc.](http://www.codeandeffect.com/)
+
+## Testing
+
+Run tests by:
+
+```ruby
+rails test
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Bonus points for test coverage
+6. Create new Pull Request

data/Rakefile

@@ -0,0 +1,18 @@
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"
+
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+task default: :test

data/app/controllers/admin/storage_controller.rb

@@ -0,0 +1,20 @@
+module Admin
+  class StorageController < ApplicationController
+    before_action(:authenticate_user!) if defined?(Devise)
+    before_action { EffectiveResources.authorize!(self, :admin, :effective_storage) }
+
+    include Effective::CrudController
+
+    page_title 'Storage'
+
+    resource_scope -> { ActiveStorage::Attachment.all }
+    datatable -> { Admin::EffectiveStorageDatatable.new }
+
+    private
+
+    def permitted_params
+      params.require(:active_storage_extension).permit!
+    end
+
+  end
+end

data/app/datatables/admin/effective_storage_datatable.rb

@@ -0,0 +1,64 @@
+module Admin
+  class EffectiveStorageDatatable < Effective::Datatable
+    datatable do
+      order :created_at
+
+      col :created_at, as: :date
+      col :updated_at, visible: false
+      col :id, visible: false
+
+      col :record_type, visible: false
+      col :record_id, label: 'Record Id', visible: false
+
+      col :related_type, visible: false do |attachment|
+        attachment.record.try(:record_type)
+      end
+
+      col :related_id, label: 'Related Id', visible: false do |attachment|
+        attachment.record.try(:record_id)
+      end
+
+      col :resource_type do |attachment|
+        attachment.record.try(:record_type) || attachment.record_type
+      end
+
+      col :resource do |attachment|
+        record = attachment.record
+        record = attachment.record.record if record.respond_to?(:record) # ActionText::RichText will
+
+        url = Effective::Resource.new(record, namespace: :admin).action_path(:edit)
+        link_to(record, url, target: '_blank') if url
+      end
+
+      col :filename, label: 'File' do |attachment|
+        content_tag(:div, class: 'col-resource_item') do
+          link_to(attachment.blob.filename, url_for(attachment.blob), target: '_blank')
+        end
+      end
+
+      col :permission, search: Effective::ActiveStorageExtension::PERMISSIONS do |attachment|
+        if attachment.permission_public?
+          content_tag(:span, attachment.permission, class: 'badge badge-warning')
+        else
+          content_tag(:span, attachment.permission, class: 'badge badge-info')
+        end
+      end
+
+      col :content_type do |attachment|
+        attachment.blob.content_type
+      end
+
+      col :byte_size do |attachment|
+        number_to_human_size(attachment.blob.byte_size)
+      end
+
+      actions_col partial: 'admin/storage/datatable_actions', partial_as: :attachment
+    end
+
+    collection do
+      ActiveStorage::Attachment.all.deep
+    end
+
+  end
+
+end

data/app/helpers/effective_storage_helper.rb

@@ -0,0 +1,2 @@
+module EffectiveStorageHelper
+end

data/app/models/concerns/active_storage_attachment_extension.rb

@@ -0,0 +1,48 @@
+# This is included into ActiveStorage::Attachment automatically by engine.rb
+module ActiveStorageAttachmentExtension
+  extend ActiveSupport::Concern
+
+  included do
+    has_many :active_storage_extensions, class_name: 'Effective::ActiveStorageExtension', inverse_of: :attachment, dependent: :destroy
+    accepts_nested_attributes_for :active_storage_extensions, allow_destroy: true
+
+    scope :deep, -> { includes(:active_storage_extensions, :blob, record: :record) }
+  end
+
+  module ClassMethods
+  end
+
+  # Instance methods
+
+  def to_s
+    'attachment'
+  end
+
+  # Find or build
+  def active_storage_extension
+    active_storage_extensions.to_a.first || active_storage_extensions.build(permission: 'inherited')
+  end
+
+  def permission
+    active_storage_extension.permission
+  end
+
+  def permission_inherited?
+    permission == 'inherited'
+  end
+
+  def permission_public?
+    permission == 'public'
+  end
+
+  def mark_inherited!
+    active_storage_extension.assign_attributes(permission: 'inherited')
+    save!
+  end
+
+  def mark_public!
+    active_storage_extension.assign_attributes(permission: 'public')
+    save!
+  end
+
+end

data/app/models/concerns/active_storage_authorization.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+# This authorizes all ActiveStorage downloads
+# This is included automatically by the engine
+# It can be disabled by setting config.authorize_active_storage = false in config/initializers/effective_storage.rb
+#
+# There are 3 ways to add permissions:
+# 1.) can?(:show, resource)
+# 2.) can?(:show, ActionText::RichText) { |text| ... }
+# 3.) can?(:show, ActiveStorage::Attachment) { |attachment| ... }
+#
+# The :show and :edit will both work.
+#
+module ActiveStorageAuthorization
+  extend ActiveSupport::Concern
+
+  included do
+    rescue_from(Exception, with: :unauthorized_active_storage_request)
+  end
+
+  # Authorize ActiveStorage DiskController downloads
+  # Used for local storage
+  def authorize_active_storage_download!
+    @blob || set_download_blob()
+    authorize_active_storage!
+  end
+
+  # Authorize ActiveStorage Blob and Representation redirects
+  # Used for amazon storage
+  def authorize_active_storage_redirect!
+    @blob || set_blob()
+    authorize_active_storage!
+  end
+
+  # Send an ExceptionNotification email with the unauthorized details
+  # This is not visible to users
+  def unauthorized_active_storage_request(exception)
+    return if request.referer.to_s.include?('.test:')
+
+    if defined?(ExceptionNotifier)
+      data = { 'current_user_id': current_user&.id || 'none' }.merge(@blob&.attributes || {})
+      ExceptionNotifier.notify_exception(exception, env: request.env, data: data)
+    else
+      raise(exception)
+    end
+  end
+
+  private
+
+  def set_download_blob
+    @blob ||= ActiveStorage::Blob.where(key: decode_verified_key().try(:dig, :key)).first
+  end
+
+  # Authorize the current blob and prevent it from being served if unauthorized
+  def authorize_active_storage!
+    return unless @blob.present?
+
+    # If the blob is not attached to anything, permit the blob
+    return true if @blob.attachments.blank? && authorize_content_download?(@blob)
+
+    # If the blob is an ActiveStorage::Variant it's been previously authorized
+    return true if @blob.attachments.any? { |attachment| authorized_variant_download?(attachment) }
+
+    # If we are authorized on any attached record, permit the download
+    return true if @blob.attachments.any? { |attachment| authorized_attachment_download?(attachment) }
+
+    # Otherwise raise a 403 Forbidden and block the download
+    head :forbidden
+
+    # Raise an exception to log unauthorized request
+    raise_exception()
+  end
+
+  def raise_exception
+    attachment = @blob.attachments.first
+    record = attachment.record if attachment
+    resource = record.record if record.respond_to?(:record)
+
+    error = [
+      "unauthorized active storage request for #{@blob.filename}",
+      ("on #{record.class.name} #{record.id}" if record.present?),
+      ("from #{resource.class.name} #{resource.id}" if resource.present?),
+      ("with current_user #{current_user.class.name } #{current_user&.id}"),
+    ].compact.join(' ')
+
+    resolution = "Missing can?(:show, #{(resource || record || attachment).class.name})"
+
+    raise(error + '. ' + resolution)
+  end
+
+  # This is a file that was drag & drop or inserted into the article editor
+  # I think this might only happen with article editor edit screens
+  def authorize_content_download?(blob)
+    # Allow signed out users to view images
+    return true if blob.image?
+
+    # Require sign in to view any attached files
+    current_user.present?
+  end
+
+  # This was included and resized in an ActionText::RichText object
+  # But these ones don't belong_to any record
+  def authorized_variant_download?(attachment)
+    attachment.record_type == 'ActiveStorage::VariantRecord'
+  end
+
+  # This is a has_one_attached or has_many_attached record
+  # Or an ActionText::RichText object, that belongs_to a record
+  def authorized_attachment_download?(attachment)
+    return false if attachment.record.blank?
+
+    # Associated Record
+    record = attachment.record
+    return true if authorized?(record)
+
+    # ActionText::RichText
+    resource = record.record if record.respond_to?(:record)
+    return true if authorized?(resource)
+
+    # Attachment itself
+    return true if authorized?(attachment)
+
+    false
+  end
+
+  def authorized?(record)
+    return false if record.blank?
+
+    # If they can show or edit the resource, they are authorized.
+    return true if EffectiveResources.authorized?(self, :show, record)
+    return true if EffectiveResources.authorized?(self, :edit, record)
+
+    false
+  end
+
+  def current_user
+    (defined?(Tenant) ? send("current_#{Tenant.current}_user") : super)
+  end
+
+  def current_ability
+    @current_ability ||= (defined?(Tenant) ? Tenant.Ability.new(current_user) : super)
+  end
+
+end

data/app/models/effective/active_storage_extension.rb

@@ -0,0 +1,31 @@
+module Effective
+  class ActiveStorageExtension < ActiveRecord::Base
+    belongs_to :attachment, class_name: 'ActiveStorage::Attachment'
+
+    PERMISSIONS = ['inherited', 'public']
+
+    effective_resource do
+      permission :string
+
+      timestamps
+    end
+
+    scope :deep, -> { includes(:attachment) }
+    scope :sorted, -> { order(:id) }
+
+    validates :permission, presence: true, inclusion: { in: PERMISSIONS }
+
+    def to_s
+      permission.presence || 'active storage extension'
+    end
+
+    def permission_inherited?
+      permission == 'inherited'
+    end
+
+    def permission_public?
+      permission == 'public'
+    end
+
+  end
+end

data/app/views/admin/storage/_datatable_actions.html.haml

@@ -0,0 +1,8 @@
+= dropdown(variation: :dropleft) do
+  - if EffectiveResources.authorized?(self, :mark_inherited, attachment)
+    = dropdown_link_to 'Mark as Inherited', effective_storage.mark_inherited_admin_storage_path(attachment),
+      data: { method: :post, remote: true, confirm: "Mark as Inherited Permission?" }
+
+  - if EffectiveResources.authorized?(self, :mark_public, attachment)
+    = dropdown_link_to 'Mark as Public', effective_storage.mark_public_admin_storage_path(attachment),
+      data: { method: :post, remote: true, confirm: "Mark as Public Permission?" }

data/app/views/admin/storage/index.html.haml

@@ -0,0 +1,8 @@
+%h1.effective-admin-heading= @page_title
+
+= collapse('Show legend') do
+  %ul
+    %li Inherited - If the resource is public, anyone may access the file without signing in. If the resource has restricted access, only signed in users who can access the resource are able to access the file. This is the default permission.
+    %li Public - Anyone may access the file without signing in, regardless of the resource's access restrictions.
+
+= render_datatable @datatable

data/config/effective_storage.rb

@@ -0,0 +1,9 @@
+EffectiveStorage.setup do |config|
+  # Layout Settings
+  # Configure the Layout per controller, or all at once
+  # config.layout = { application: 'application', admin: 'admin' }
+
+  # Perform authorization on ActiveStorage downloads
+  # When false any request will be permitted (the default)
+  config.authorize_active_storage = true
+end

data/config/routes.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+Rails.application.routes.draw do
+  mount EffectiveStorage::Engine => '/', as: 'effective_storage'
+end
+
+EffectiveStorage::Engine.routes.draw do
+  namespace :admin do
+    resources :storage, only: [] do
+      post :mark_inherited, on: :member
+      post :mark_public, on: :member
+    end
+
+    get '/storage', to: 'storage#index', as: :storage
+  end
+
+end

data/db/migrate/01_create_effective_storage.rb.erb

@@ -0,0 +1,13 @@
+class CreateEffectiveStorage < ActiveRecord::Migration[6.0]
+  def change
+
+    create_table :active_storage_extensions do |t|
+      t.integer :attachment_id
+      t.string :permission
+
+      t.datetime :updated_at
+      t.datetime :created_at
+    end
+
+  end
+end

data/db/seeds.rb

@@ -0,0 +1 @@
+puts "Running effective_storage seeds"

data/lib/effective_storage/engine.rb

@@ -0,0 +1,43 @@
+module EffectiveStorage
+  class Engine < ::Rails::Engine
+    engine_name 'effective_storage'
+
+    # Set up our default configuration options.
+    initializer 'effective_storage.defaults', before: :load_config_initializers do |app|
+      eval File.read("#{config.root}/config/effective_storage.rb")
+    end
+
+    # Include active_storage_attachment_extension concern
+    initializer 'effective_storage.active_storage_attachment_extension' do |app|
+      app.config.to_prepare do
+        ActiveStorage::Attachment.include(ActiveStorageAttachmentExtension)
+      end
+    end
+
+    # Adds user authorization for all active storage requests
+    # Please see upside/app/models/concerns/active_storage_authorization.rb
+    # https://github.com/rails/rails/blob/v6.1.4.1/activestorage/app/controllers/active_storage/disk_controller.rb
+    initializer 'effective_storage.active_storage_authorization' do |app|
+      if EffectiveStorage.authorize_active_storage?
+        app.config.to_prepare do
+          ActiveStorage::BaseController.class_eval do
+            include ActiveStorageAuthorization
+          end
+
+          ActiveStorage::DiskController.class_eval do
+            before_action :authorize_active_storage_download!, only: [:show]
+          end
+
+          ActiveStorage::Blobs::RedirectController.class_eval do
+            before_action :authorize_active_storage_redirect!, only: [:show]
+          end
+
+          ActiveStorage::Representations::RedirectController.class_eval do
+            before_action :authorize_active_storage_redirect!, only: [:show]
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/effective_storage/version.rb

@@ -0,0 +1,3 @@
+module EffectiveStorage
+  VERSION = '0.1.0'.freeze
+end

data/lib/effective_storage.rb

@@ -0,0 +1,18 @@
+require 'effective_resources'
+require 'effective_datatables'
+require 'effective_storage/engine'
+require 'effective_storage/version'
+
+module EffectiveStorage
+
+  def self.config_keys
+    [:layout, :authorize_active_storage]
+  end
+
+  include EffectiveGem
+
+  def self.authorize_active_storage?
+    authorize_active_storage == true
+  end
+
+end

data/lib/generators/effective_storage/install_generator.rb

@@ -0,0 +1,28 @@
+module EffectiveStorage
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
+
+      desc 'Creates an EffectiveStorage initializer in your application.'
+
+      source_root File.expand_path('../../templates', __FILE__)
+
+      def self.next_migration_number(dirname)
+        if not ActiveRecord::Base.timestamped_migrations
+          Time.new.utc.strftime("%Y%m%d%H%M%S")
+        else
+          '%.3d' % (current_migration_number(dirname) + 1)
+        end
+      end
+
+      def copy_initializer
+        template ('../' * 3) + 'config/effective_storage.rb', 'config/initializers/effective_storage.rb'
+      end
+
+      def create_migration_file
+        migration_template ('../' * 3) + 'db/migrate/01_create_effective_storage.rb.erb', 'db/migrate/create_effective_storage.rb'
+      end
+
+    end
+  end
+end

data/lib/tasks/effective_storage_tasks.rake

@@ -0,0 +1,8 @@
+namespace :effective_storage do
+
+  # bundle exec rake effective_storage:seed
+  task seed: :environment do
+    load "#{__dir__}/../../db/seeds.rb"
+  end
+
+end

metadata

@@ -0,0 +1,175 @@
+--- !ruby/object:Gem::Specification
+name: effective_storage
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Code and Effect
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2022-08-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+- !ruby/object:Gem::Dependency
+  name: effective_bootstrap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: effective_datatables
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+- !ruby/object:Gem::Dependency
+  name: effective_resources
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: haml-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Authorize and browse Active Storage attachments
+email:
+- info@codeandeffect.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/admin/storage_controller.rb
+- app/datatables/admin/effective_storage_datatable.rb
+- app/helpers/effective_storage_helper.rb
+- app/models/concerns/active_storage_attachment_extension.rb
+- app/models/concerns/active_storage_authorization.rb
+- app/models/effective/active_storage_extension.rb
+- app/views/admin/storage/_datatable_actions.html.haml
+- app/views/admin/storage/index.html.haml
+- config/effective_storage.rb
+- config/routes.rb
+- db/migrate/01_create_effective_storage.rb.erb
+- db/seeds.rb
+- lib/effective_storage.rb
+- lib/effective_storage/engine.rb
+- lib/effective_storage/version.rb
+- lib/generators/effective_storage/install_generator.rb
+- lib/tasks/effective_storage_tasks.rake
+homepage: https://github.com/code-and-effect/effective_storage
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key:
+specification_version: 4
+summary: Authorize and browse Active Storage attachments
+test_files: []