effective_storage 0.4.1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/concerns/active_storage_authorization.rb +10 -1
  3. data/config/effective_storage.rb +5 -0
  4. data/lib/effective_storage/version.rb +1 -1
  5. data/lib/effective_storage.rb +9 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4f1b5a4ba6185fdd5c81e33afacd6dfb6ec8dc2e5c24fa07fb05be840d196740
4
- data.tar.gz: e82b0d3bea47958aabd007a0a444088b92124421149357dd9998e1f0c30c4346
3
+ metadata.gz: 0e845ec308c0f8172341a2a427b3f3d87dfae2bf970484cf35ffd57659cf0359
4
+ data.tar.gz: c36875b2f938f2bacad35031edc878998fb1000385ae63e91396f2906a3c81c9
5
5
  SHA512:
6
- metadata.gz: aebccce481ef3f36dac0a1f1855e957abca8f6d30465f3bb214875210a98aa24fd1ea7df14b5de80c727d503fb69ef2a226e81f23b7b7381ea88165ccdf85df3
7
- data.tar.gz: af51fe35aeed80cd5409aa39c3048b6e4128ad80429d383e2639d8b3afa19500ba05ee2647e6ff93c46fdca6d4af3700cfcc914d81aa3f1136afcf27e873d6ad
6
+ metadata.gz: '079f895f60a5bb4c4288f7c3d77b99f27822f44956f529baf98a7ec8982aaeecfa80addebdfb9363e61847974a30cd293a38b095d52c169a6c97e0544ed88f94'
7
+ data.tar.gz: b90dba9ec5b38775667539bbdd6bf84a0fcd4435f62e4da043fbc2263382bec0cce6cf1d808bc5e92145670d7cfde4e47a6999d676516550f235bf7dd0537cff
data/app/models/concerns/active_storage_authorization.rb CHANGED
@@ -35,7 +35,6 @@ module ActiveStorageAuthorization
35
35
  # Send an ExceptionNotification email with the unauthorized details
36
36
  # This is not visible to users
37
37
  def unauthorized_active_storage_request(exception)
38
- return if request.referer.to_s.include?('.test:')
39
38
 
40
39
  if defined?(ExceptionNotifier)
41
40
  data = { 'current_user_id': current_user&.id || 'none' }.merge(@blob&.attributes || {})
@@ -79,6 +78,8 @@ module ActiveStorageAuthorization
79
78
  record = attachment.record if attachment
80
79
  resource = record.record if record.respond_to?(:record)
81
80
 
81
+ return if skip_notification?(record || resource || @blob)
82
+
82
83
  error = [
83
84
  "unauthorized active storage request for #{@blob.filename}",
84
85
  ("on #{record.class.name} #{record.id}" if record.present?),
@@ -91,6 +92,14 @@ module ActiveStorageAuthorization
91
92
  raise Effective::UnauthorizedStorageException.new(error + '. ' + resolution)
92
93
  end
93
94
 
95
+ def skip_notification?(resource)
96
+ return true if EffectiveStorage.skip_notification?
97
+ return true if EffectiveStorage.skip_notifications.include?(resource.class.name)
98
+ return true if request.referer.to_s.include?('.test:')
99
+
100
+ false
101
+ end
102
+
94
103
  # This is a file that was drag & drop or inserted into the article editor
95
104
  # I think this might only happen with article editor edit screens
96
105
  def authorize_content_download?(blob)
data/config/effective_storage.rb CHANGED
@@ -9,4 +9,9 @@ EffectiveStorage.setup do |config|
9
9
 
10
10
  # Do not delete ActiveStorage::Blobs
11
11
  config.never_delete = true
12
+
13
+ # Skip Notifications for unauthorized active storage requests
14
+ # config.skip_notification = true
15
+ # config.skip_notification = ['Effective::Classified']
16
+
12
17
  end
data/lib/effective_storage/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EffectiveStorage
2
- VERSION = '0.4.1'.freeze
2
+ VERSION = '0.4.2'.freeze
3
3
  end
data/lib/effective_storage.rb CHANGED
@@ -6,7 +6,7 @@ require 'effective_storage/version'
6
6
  module EffectiveStorage
7
7
 
8
8
  def self.config_keys
9
- [:layout, :authorize_active_storage, :never_delete]
9
+ [:layout, :authorize_active_storage, :never_delete, :skip_notification]
10
10
  end
11
11
 
12
12
  include EffectiveGem
@@ -19,4 +19,12 @@ module EffectiveStorage
19
19
  never_delete == true
20
20
  end
21
21
 
22
+ def self.skip_notification?
23
+ skip_notification == true
24
+ end
25
+
26
+ def self.skip_notifications
27
+ Array(skip_notification)
28
+ end
29
+
22
30
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: effective_storage
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Code and Effect
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-03-20 00:00:00.000000000 Z
11
+ date: 2023-03-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails