file_validators 2.1.0 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 451e981eb130a49dc6c51834bd7ed4dd30652c9a
-  data.tar.gz: e6b28941ccf9ced999b0e201ad17738efb8bc767
+SHA256:
+  metadata.gz: 3a55a08bc74303b69e964f61e3726e8ee00278c4cd0cd6fc217691c85114bcfb
+  data.tar.gz: be3b6d628de09d262a97abf3099ff66fd2e89dd27eec3030523a7f36c82e17df
 SHA512:
-  metadata.gz: 8c40fa1dae6faf187cc4d3ba77db40691b9bfe58fe9fa99bc88b9fc36477b49ef06bd360ffa8a8af4e2d6f4d56421259b9d9623ab3732a06883b8e64c3f57eb4
-  data.tar.gz: 4c6aed01f6c15c42c3f917dcdbbbb4c28907ed662a16f823e33d7416005122e159f2504d4991f5fd4b7b20405b332566a1d52137164f224ce5c1504df1c45407
+  metadata.gz: cf5b75fb78eaf84f42abef75255572b1917012fbdbdd70d771da14c366619677fb69f4c45d688b8851d5b99dbba44ccd08da6c7025c3819c40259e23502f5c61
+  data.tar.gz: 92e9c49f94d8cbc1c2f8aa7425527e84555e94d25c12b6ca1b51e4d5e51f765defb274264996174e6757d8606270f5513232be64d234717075abab8680d8f7c9

data/.gitignore

@@ -11,3 +11,5 @@ gemfiles/*.lock
 coverage/
 /.idea
 .ruby-version
+.agignore
+tags

data/.rubocop.yml

@@ -0,0 +1,32 @@
+Bundler/OrderedGems:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/MissingRespondToMissing:
+  Enabled: false
+
+Style/CaseEquality:
+  Enabled: false
+
+Style/GuardClause:
+  Enabled: false
+
+Style/RegexpLiteral:
+  Enabled: false
+
+Style/Next:
+  Enabled: false
+
+Metrics/LineLength:
+  Max: 110
+
+Metrics/ModuleLength:
+  Enabled: false
+
+Metrics/BlockLength:
+  Enabled: false
+
+Metrics/MethodLength:
+  Enabled: false

data/.tool-versions

@@ -0,0 +1 @@
+ruby 2.3.1

data/.travis.yml

@@ -1,19 +1,55 @@
 language: ruby
 
 rvm:
-  - 2.0
   - 2.2.3
+  - 2.5.0
+  - 3.0.0
   - ruby-head
-  - jruby-9.0.4.0
+  - jruby-9.1.7.0
+  - jruby-9.2.13.0
 
 gemfile:
-  - gemfiles/activemodel_4.2.gemfile
-  - gemfiles/activemodel_4.1.gemfile
+  - gemfiles/activemodel_6.1.gemfile
+  - gemfiles/activemodel_6.0.gemfile
+  - gemfiles/activemodel_5.0.gemfile
   - gemfiles/activemodel_4.0.gemfile
   - gemfiles/activemodel_3.2.gemfile
-  - gemfiles/activemodel_3.1.gemfile
-  - gemfiles/activemodel_3.0.gemfile
 
 matrix:
+  exclude:
+  - rvm: 2.2.3
+    gemfile: gemfiles/activemodel_6.0.gemfile
+  - rvm: 2.2.3
+    gemfile: gemfiles/activemodel_6.1.gemfile
+
+  - rvm: 2.5.0
+    gemfile: gemfiles/activemodel_3.2.gemfile
+  - rvm: 2.5.0
+    gemfile: gemfiles/activemodel_4.0.gemfile
+
+  - rvm: 3.0.0
+    gemfile: gemfiles/activemodel_3.2.gemfile
+  - rvm: 3.0.0
+    gemfile: gemfiles/activemodel_4.0.gemfile
+  - rvm: 3.0.0
+    gemfile: gemfiles/activemodel_5.0.gemfile
+
+  - rvm: ruby-head
+    gemfile: gemfiles/activemodel_3.2.gemfile
+  - rvm: ruby-head
+    gemfile: gemfiles/activemodel_4.0.gemfile
+  - rvm: ruby-head
+    gemfile: gemfiles/activemodel_5.0.gemfile
+
+  - rvm: jruby-9.1.7.0
+    gemfile: gemfiles/activemodel_6.0.gemfile
+  - rvm: jruby-9.1.7.0
+    gemfile: gemfiles/activemodel_6.1.gemfile
+
+  - rvm: jruby-9.2.13.0
+    gemfile: gemfiles/activemodel_3.2.gemfile
+  - rvm: jruby-9.2.13.0
+    gemfile: gemfiles/activemodel_4.0.gemfile
+
   allow_failures:
-    - rvm: ruby-head
+  - rvm: ruby-head

data/Appraisals

@@ -1,23 +1,23 @@
-appraise 'activemodel-3.0' do
-  gem 'activemodel', '3.0.20'
-end
-
-appraise 'activemodel-3.1' do
-  gem 'activemodel', '3.1.12'
-end
+# frozen_string_literal: true
 
 appraise 'activemodel-3.2' do
-  gem 'activemodel', '3.2.18'
+  gem 'activemodel', '3.2.22.5'
+  gem 'rack', '1.6.5'
 end
 
 appraise 'activemodel-4.0' do
-  gem 'activemodel', '4.0.10'
+  gem 'activemodel', '4.0.13'
+  gem 'rack', '1.6.5'
+end
+
+appraise 'activemodel-5.0' do
+  gem 'activemodel', '5.0.1'
 end
 
-appraise 'activemodel-4.1' do
-  gem 'activemodel', '4.1.6'
+appraise 'activemodel-6.0' do
+  gem 'activemodel', '6.0.3'
 end
 
-appraise 'activemodel-4.2' do
-  gem 'activemodel', '4.2.3'
+appraise 'activemodel-6.1' do
+  gem 'activemodel', '6.1.0'
 end

data/CHANGELOG.md

@@ -0,0 +1,31 @@
+# 3.0.0
+
+* [#32](https://github.com/musaffa/file_validators/pull/32) Removed cocaine/terrapin. Added options for choosing MIME type analyzers with `:tool` option.
+* [#40](https://github.com/musaffa/file_validators/pull/40) Added Support for Ruby 3.
+* Rubocop style guide
+
+# 3.0.0.beta2
+
+* [#32](https://github.com/musaffa/file_validators/pull/32) Removed terrapin. Added options for choosing MIME type analyzers with `:tool` option.
+
+# 3.0.0.beta1
+
+* [#29](https://github.com/musaffa/file_validators/pull/29) Upgrade cocaine to terrapin
+* Rubocop style guide
+
+# 2.3.0
+
+* [#19](https://github.com/musaffa/file_validators/pull/19) Return false with blank size
+* [#27](https://github.com/musaffa/file_validators/pull/27) Fix file size validator for ActiveStorage
+
+# 2.2.0-beta.1
+
+* [#17](https://github.com/musaffa/file_validators/pull/17) Now Supports multiple file uploads
+* As activemodel 3.0 and 3.1 doesn't support `added?` method on the Errors class, the support for both of them have been deprecated in this release.
+
+# 2.1.0
+
+* Use autoload for lazy loading of libraries.
+* Media type spoof valiation is moved to content type detector.
+* `spoofed_file_media_type` message isn't needed anymore.
+* Logger info and warning is added.

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 # Declare your gem's dependencies in file_validators.gemspec.

data/README.md

@@ -2,7 +2,6 @@
 
 [![Gem Version](https://badge.fury.io/rb/file_validators.svg)](http://badge.fury.io/rb/file_validators)
 [![Build Status](https://travis-ci.org/musaffa/file_validators.svg)](https://travis-ci.org/musaffa/file_validators)
-[![Dependency Status](https://gemnasium.com/musaffa/file_validators.svg)](https://gemnasium.com/musaffa/file_validators)
 [![Coverage Status](https://coveralls.io/repos/musaffa/file_validators/badge.png)](https://coveralls.io/r/musaffa/file_validators)
 [![Code Climate](https://codeclimate.com/github/musaffa/file_validators/badges/gpa.svg)](https://codeclimate.com/github/musaffa/file_validators)
 [![Inline docs](http://inch-ci.org/github/musaffa/file_validators.svg)](http://inch-ci.org/github/musaffa/file_validators)
@@ -12,8 +11,11 @@ Any module that uses ActiveModel, for example ActiveRecord, can use these file v
 
 ## Support
 
-* ActiveModel versions: 3 and 4.
-* Rails versions: 3 and 4.
+* ActiveModel versions: 3.2, 4, 5 and 6.
+* Rails versions: 3.2, 4, 5 and 6.
+
+As of version `2.2`, activemodel 3.0 and 3.1 will no longer be supported.
+For activemodel 3.0 and 3.1, please use file_validators version `<= 2.1`.
 
 It has been tested to work with Carrierwave, Paperclip, Dragonfly, Refile etc file uploading solutions.
 Validations works both before and after uploads.
@@ -36,7 +38,7 @@ class Profile
 
   attr_accessor :avatar
   validates :avatar, file_size: { less_than_or_equal_to: 100.kilobytes },
-                     file_content_type: { allow: ['image/jpeg', 'image/png'] } 
+                     file_content_type: { allow: ['image/jpeg', 'image/png'] }
 end
 ```
 ActiveRecord example:
@@ -64,23 +66,23 @@ validates :avatar, file_size: { less_than: 2.gigabytes }
 ```
 * `less_than_or_equal_to`: Less than or equal to a number in bytes or a proc that returns a number
 ```ruby
-validates :avatar, file_size: { less_than_or_equal_to: 50.bytes } 
+validates :avatar, file_size: { less_than_or_equal_to: 50.bytes }
 ```
 * `greater_than`: greater than a number in bytes or a proc that returns a number
 ```ruby
-validates :avatar, file_size: { greater_than: 1.byte } 
+validates :avatar, file_size: { greater_than: 1.byte }
 ```
 * `greater_than_or_equal_to`: Greater than or equal to a number in bytes or a proc that returns a number
 ```ruby
-validates :avatar, file_size: { greater_than_or_equal_to: 50.bytes } 
+validates :avatar, file_size: { greater_than_or_equal_to: 50.bytes }
 ```
-* `message`: Error message to display. With all the options above except `:in`, you will get `count` as a replacement. 
-With `:in` you will get `min` and `max` as replacements. 
+* `message`: Error message to display. With all the options above except `:in`, you will get `count` as a replacement.
+With `:in` you will get `min` and `max` as replacements.
 `count`, `min` and `max` each will have its value and unit together.
 You can write error messages without using any replacement.
 ```ruby
 validates :avatar, file_size: { less_than: 100.kilobytes,
-                                message: 'avatar should be less than %{count}' } 
+                                message: 'avatar should be less than %{count}' }
 ```
 ```ruby
 validates :document, file_size: { in: 1.kilobyte..1.megabyte,
@@ -139,8 +141,13 @@ validates :video, file_content_type: { allow: lambda { |record| record.content_t
 can be a String or a Regexp. It also accepts `proc`. See `:allow` options examples.
 * `mode`: `:strict` or `:relaxed`. `:strict` mode can detect content type based on the contents
 of the files. It also detects media type spoofing (see more in [security](#security)).
-`:relaxed` mode uses file name to detect the content type using `mime-types` gem.
-If mode option is not set then the validator uses form supplied content type.
+`:file` analyzer is used in `:strict` mode. `:relaxed` mode uses file name to detect
+the content type. `mime_types` analyzer is used in `relaxed` mode. If mode option is not
+set then the validator uses form supplied content type.
+* `tool`: `:file`, `:fastimage`, `:filemagic`, `:mimemagic`, `:marcel`, `:mime_types`, `:mini_mime`.
+You can choose one of these built-in MIME type analyzers. You have to install the analyzer gem you choose.
+By default supplied content type is used to determine the MIME type. This option takes precedence
+over `mode` option.
 ```ruby
 validates :avatar, file_content_type: { allow: 'image/jpeg', mode: :strict }
 validates :avatar, file_content_type: { allow: 'image/jpeg', mode: :relaxed }
@@ -169,7 +176,7 @@ validates :avatar, file_content_type: { allow: /^image\/.*/, exclude: ['image/pn
 This gem can use Unix file command to get the content type based on the content of the file rather
 than the extension. This prevents fake content types inserted in the request header.
 
-It also prevents file media type spoofing. For example, user may upload a .html document as 
+It also prevents file media type spoofing. For example, user may upload a .html document as
 a part of the EXIF header of a valid JPEG file. Content type validator will identify its content type
 as `image/jpeg` and, without spoof detection, it may pass the validation and be saved as .html document
 thus exposing your application to a security vulnerability. Media type spoof detector wont let that happen.
@@ -177,8 +184,8 @@ It will not allow a file having `image/jpeg` content type to be saved as `text/p
 type mismatch, for example `text` of `text/plain` and `image` of `image/jpeg`. So it will not prevent
 `image/jpeg` from saving as `image/png` as both have the same `image` media type.
 
-**note**: This security feature is disabled by default. To enable it, first add `cocaine` gem in
-your Gemfile and then add `mode: :strict` option in [content type validations](#file-content-type-validator).
+**note**: This security feature is disabled by default. To enable it, add `mode: :strict` option
+in [content type validations](#file-content-type-validator).
 `:strict` mode may not work in direct file uploading systems as the file is not passed along with the form.
 
 ## i18n Translations
@@ -198,7 +205,7 @@ of the file matches anyone of them. takes `types` as replacement.
 
 This gem provides `en` translations for this errors under `errors.messages` namespace.
 If you want to override and/or create other locales, you can
-check [this](https://github.com/musaffa/file_validators/blob/master/lib/file_validators/locale/en.yml) out to see how translations are done.  
+check [this](https://github.com/musaffa/file_validators/blob/master/lib/file_validators/locale/en.yml) out to see how translations are done.
 
 You can override all of them with the `:message` option.
 
@@ -251,10 +258,11 @@ uploaders start processing a file immediately after its assignment (even before
 $ rake
 $ rake test:unit
 $ rake test:integration
+$ rubocop
 
 # test different active model versions
-$ appraisal install
-$ appraisal rake
+$ bundle exec appraisal install
+$ bundle exec appraisal rake
 ```
 
 ## Problems

data/Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 begin
   require 'bundler/setup'
 rescue LoadError
@@ -16,7 +18,7 @@ namespace :test do
   end
 end
 
-task :default => ['test:unit', 'test:integration']
+task default: ['test:unit', 'test:integration']
 
 # require 'rdoc/task'
 

data/file_validators.gemspec

@@ -1,4 +1,6 @@
-$:.push File.expand_path('../lib', __FILE__)
+# frozen_string_literal: true
+
+$LOAD_PATH.push File.expand_path('lib', __dir__)
 
 require 'file_validators/version'
 
@@ -12,17 +14,21 @@ Gem::Specification.new do |s|
   s.homepage    = 'https://github.com/musaffa/file_validators'
   s.license     = 'MIT'
 
-  s.files         = `git ls-files`.split($/)
+  s.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
   s.executables   = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
   s.test_files    = s.files.grep(%r{^spec/})
-  s.require_paths  = ['lib']
+  s.require_paths = ['lib']
 
-  s.add_dependency 'activemodel', '>= 3.0'
+  s.add_dependency 'activemodel', '>= 3.2'
   s.add_dependency 'mime-types', '>= 1.0'
 
-  s.add_development_dependency 'cocaine', '~> 0.5.4'
-  s.add_development_dependency 'rake'
-  s.add_development_dependency 'rspec', '~> 3.1.0'
   s.add_development_dependency 'coveralls'
+  s.add_development_dependency 'fastimage'
+  s.add_development_dependency 'marcel', '~> 0.3' if RUBY_VERSION >= '2.2.0'
+  s.add_development_dependency 'mimemagic', '>= 0.3.2'
+  s.add_development_dependency 'mini_mime', '~> 1.0'
   s.add_development_dependency 'rack-test'
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rspec', '~> 3.5.0'
+  s.add_development_dependency 'rubocop', '~> 0.58.2'
 end

data/gemfiles/activemodel_3.2.gemfile

@@ -3,6 +3,7 @@
 source "https://rubygems.org"
 
 gem "appraisal"
-gem "activemodel", "3.2.18"
+gem "activemodel", "3.2.22.5"
+gem "rack", "1.6.5"
 
 gemspec :path => "../"

data/gemfiles/activemodel_4.0.gemfile

@@ -3,6 +3,7 @@
 source "https://rubygems.org"
 
 gem "appraisal"
-gem "activemodel", "4.0.10"
+gem "activemodel", "4.0.13"
+gem "rack", "1.6.5"
 
 gemspec :path => "../"

data/gemfiles/{activemodel_4.2.gemfile → activemodel_5.0.gemfile}

@@ -3,6 +3,6 @@
 source "https://rubygems.org"
 
 gem "appraisal"
-gem "activemodel", "4.2.3"
+gem "activemodel", "5.0.1"
 
 gemspec :path => "../"

data/gemfiles/{activemodel_4.1.gemfile → activemodel_6.0.gemfile}

@@ -3,6 +3,6 @@
 source "https://rubygems.org"
 
 gem "appraisal"
-gem "activemodel", "4.1.6"
+gem "activemodel", "6.0.3"
 
 gemspec :path => "../"

data/gemfiles/{activemodel_3.0.gemfile → activemodel_6.1.gemfile}

@@ -3,6 +3,6 @@
 source "https://rubygems.org"
 
 gem "appraisal"
-gem "activemodel", "3.0.20"
+gem "activemodel", "6.1.0"
 
 gemspec :path => "../"

data/lib/file_validators.rb

@@ -1,16 +1,15 @@
+# frozen_string_literal: true
+
 require 'active_model'
 require 'ostruct'
 
 module FileValidators
-  module Utils
-    extend ActiveSupport::Autoload
-
-    autoload :ContentTypeDetector
-    autoload :MediaTypeSpoofDetector
-  end
+  extend ActiveSupport::Autoload
+  autoload :Error
+  autoload :MimeTypeAnalyzer
 end
 
-Dir[File.dirname(__FILE__) + "/file_validators/validators/*.rb"].each { |file| require file }
+Dir[File.dirname(__FILE__) + '/file_validators/validators/*.rb'].each { |file| require file }
 
 locale_path = Dir.glob(File.dirname(__FILE__) + '/file_validators/locale/*.yml')
 I18n.load_path += locale_path unless I18n.load_path.include?(locale_path)

data/lib/file_validators/error.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module FileValidators
+  class Error < StandardError
+  end
+end

data/lib/file_validators/mime_type_analyzer.rb

@@ -0,0 +1,106 @@
+# frozen_string_literal: true
+
+# Extracted from shrine/plugins/determine_mime_type.rb
+module FileValidators
+  class MimeTypeAnalyzer
+    SUPPORTED_TOOLS = %i[fastimage file filemagic mimemagic marcel mime_types mini_mime].freeze
+    MAGIC_NUMBER    = 256 * 1024
+
+    def initialize(tool)
+      raise Error, "unknown mime type analyzer #{tool.inspect}, supported analyzers are: #{SUPPORTED_TOOLS.join(',')}" unless SUPPORTED_TOOLS.include?(tool)
+
+      @tool = tool
+    end
+
+    def call(io)
+      mime_type = send(:"extract_with_#{@tool}", io)
+      io.rewind
+
+      mime_type
+    end
+
+    private
+
+    def extract_with_file(io)
+      require 'open3'
+
+      return nil if io.eof? # file command returns "application/x-empty" for empty files
+
+      Open3.popen3(*%W[file --mime-type --brief -]) do |stdin, stdout, stderr, thread|
+        begin
+          IO.copy_stream(io, stdin.binmode)
+        rescue Errno::EPIPE
+        end
+        stdin.close
+
+        status = thread.value
+
+        raise Error, "file command failed to spawn: #{stderr.read}" if status.nil?
+        raise Error, "file command failed: #{stderr.read}" unless status.success?
+        $stderr.print(stderr.read)
+
+        stdout.read.strip
+      end
+    rescue Errno::ENOENT
+      raise Error, 'file command-line tool is not installed'
+    end
+
+    def extract_with_fastimage(io)
+      require 'fastimage'
+
+      type = FastImage.type(io)
+      "image/#{type}" if type
+    end
+
+    def extract_with_filemagic(io)
+      require 'filemagic'
+
+      return nil if io.eof? # FileMagic returns "application/x-empty" for empty files
+
+      FileMagic.open(FileMagic::MAGIC_MIME_TYPE) do |filemagic|
+        filemagic.buffer(io.read(MAGIC_NUMBER))
+      end
+    end
+
+    def extract_with_mimemagic(io)
+      require 'mimemagic'
+
+      mime = MimeMagic.by_magic(io)
+      mime.type if mime
+    end
+
+    def extract_with_marcel(io)
+      require 'marcel'
+
+      return nil if io.eof? # marcel returns "application/octet-stream" for empty files
+
+      Marcel::MimeType.for(io)
+    end
+
+    def extract_with_mime_types(io)
+      require 'mime/types'
+
+      if filename = extract_filename(io)
+        mime_type = MIME::Types.of(filename).first
+        mime_type.content_type if mime_type
+      end
+    end
+
+    def extract_with_mini_mime(io)
+      require 'mini_mime'
+
+      if filename = extract_filename(io)
+        info = MiniMime.lookup_by_filename(filename)
+        info.content_type if info
+      end
+    end
+
+    def extract_filename(io)
+      if io.respond_to?(:original_filename)
+        io.original_filename
+      elsif io.respond_to?(:path)
+        File.basename(io.path)
+      end
+    end
+  end
+end