hyrax 1.0.4 → 1.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +28 -28
- data/app/actors/hyrax/create_with_remote_files_actor.rb +22 -0
- data/lib/generators/hyrax/templates/config/hyrax.rb +16 -0
- data/lib/hyrax/configuration.rb +12 -0
- data/lib/hyrax/version.rb +1 -1
- data/spec/actors/hyrax/create_with_remote_files_actor_spec.rb +38 -0
- data/spec/jobs/import_url_job_spec.rb +7 -1
- data/spec/lib/hyrax/configuration_spec.rb +2 -0
- data/template.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b0379fe162c5ff9207af59dc36af58aead2df14c
|
4
|
+
data.tar.gz: c5802ec9c6318be8056ff459a39441a80cc12b7c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cd7d19603b15aa26f5a8500f3f3249e71985e52ce8070b24d9a88d04efad6a239dc9b1d036d80e29c93774dc6839dd3366fdf497dbd6bf544de4f6e7d29e78b0
|
7
|
+
data.tar.gz: 29e50bbf459b2a8200d0adf473b6334cee516c8f4fb6f6ab6758ea8bdba86f257a7c9bd1cfde14ac323abf64438095331c0d8bde81a184a240c24e441c29e969
|
data/README.md
CHANGED
@@ -1,19 +1,19 @@
|
|
1
|
-
![Logo](https://raw.githubusercontent.com/
|
1
|
+
![Logo](https://raw.githubusercontent.com/samvera/hyrax/gh-pages/assets/images/hyrax_logo_horizontal_white_background.png)
|
2
2
|
|
3
3
|
Code: [![Version](https://badge.fury.io/rb/hyrax.png)](http://badge.fury.io/rb/hyrax)
|
4
|
-
[![Build Status](https://travis-ci.org/
|
5
|
-
[![Coverage Status](https://coveralls.io/repos/github/
|
6
|
-
[![Code Climate](https://codeclimate.com/github/
|
7
|
-
[![Dependency Update Status](https://gemnasium.com/
|
8
|
-
[![Dependency Maintenance Status](https://dependencyci.com/github/
|
4
|
+
[![Build Status](https://travis-ci.org/samvera/hyrax.png?branch=master)](https://travis-ci.org/samvera/hyrax)
|
5
|
+
[![Coverage Status](https://coveralls.io/repos/github/samvera/hyrax/badge.svg?branch=master)](https://coveralls.io/github/samvera/hyrax?branch=master)
|
6
|
+
[![Code Climate](https://codeclimate.com/github/samvera/hyrax/badges/gpa.svg)](https://codeclimate.com/github/samvera/hyrax)
|
7
|
+
[![Dependency Update Status](https://gemnasium.com/samvera/hyrax.png)](https://gemnasium.com/samvera/hyrax)
|
8
|
+
[![Dependency Maintenance Status](https://dependencyci.com/github/samvera/hyrax/badge)](https://dependencyci.com/github/samvera/hyrax)
|
9
9
|
|
10
|
-
Docs: [![Documentation Status](https://inch-ci.org/github/
|
10
|
+
Docs: [![Documentation Status](https://inch-ci.org/github/samvera/hyrax.svg?branch=master)](https://inch-ci.org/github/samvera/hyrax)
|
11
11
|
[![API Docs](http://img.shields.io/badge/API-docs-blue.svg)](http://rubydoc.info/gems/hyrax)
|
12
12
|
[![Contribution Guidelines](http://img.shields.io/badge/CONTRIBUTING-Guidelines-blue.svg)](./.github/CONTRIBUTING.md)
|
13
13
|
[![Apache 2.0 License](http://img.shields.io/badge/APACHE2-license-blue.svg)](./LICENSE)
|
14
14
|
|
15
|
-
Jump in: [![Slack Status](http://slack.
|
16
|
-
[![Ready Tickets](https://badge.waffle.io/
|
15
|
+
Jump in: [![Slack Status](http://slack.samvera.org/badge.svg)](http://slack.samvera.org/)
|
16
|
+
[![Ready Tickets](https://badge.waffle.io/samvera/hyrax.png?label=ready&milestone=1.x%20series&title=Ready)](https://waffle.io/samvera/hyrax?milestone=1.x%20series)
|
17
17
|
|
18
18
|
# Table of Contents
|
19
19
|
|
@@ -44,22 +44,22 @@ Jump in: [![Slack Status](http://slack.projecthydra.org/badge.svg)](http://slack
|
|
44
44
|
|
45
45
|
# What is Hyrax?
|
46
46
|
|
47
|
-
Hyrax is a front-end based on the robust [
|
47
|
+
Hyrax is a front-end based on the robust [Samvera](http://samvera.org) framework, providing a user interface for common repository features. Hyrax offers the ability to create repository object types on demand, to deposit content via multiple configurable workflows, and to describe content with flexible metadata. Numerous optional features may be turned on in the administrative dashboard or added through plugins. It is implemented as a Rails engine, so it may be the base of, or added to, a Rails application. Hyrax is the consolidation of Sufia and the CurationConcerns gems and behaves in much the same way.
|
48
48
|
|
49
49
|
## Feature list
|
50
50
|
|
51
|
-
Hyrax has many features. [Read more about what they are and how to turn them on](https://github.com/
|
51
|
+
Hyrax has many features. [Read more about what they are and how to turn them on](https://github.com/samvera/sufia/wiki/Feature-matrix). See the [Sufia Management Guide](https://github.com/samvera/sufia/wiki/Sufia-Management-Guide) to learn more.
|
52
52
|
|
53
53
|
For non-technical documentation about Hyrax, see the Hyrax [documentation site](http://hyr.ax/).
|
54
54
|
|
55
55
|
# Help
|
56
56
|
|
57
|
-
If you have questions or need help, please email [the
|
57
|
+
If you have questions or need help, please email [the Samvera community tech list](mailto:samvera-tech@googlegroups.com) or stop by the #dev channel in [the Samvera community Slack team](https://wiki.duraspace.org/pages/viewpage.action?pageId=43910187#Getintouch!-Slack).
|
58
58
|
|
59
59
|
# Getting started
|
60
60
|
|
61
61
|
This document contains instructions specific to setting up an app with __Hyrax
|
62
|
-
v1.0.
|
62
|
+
v1.0.5__. If you are looking for instructions on installing a different
|
63
63
|
version, be sure to select the appropriate branch or tag from the drop-down
|
64
64
|
menu above.
|
65
65
|
|
@@ -80,7 +80,7 @@ Hyrax requires the following software to work:
|
|
80
80
|
1. [FITS](#characterization) version 0.8.x (0.8.5 is known to be good)
|
81
81
|
1. [LibreOffice](#derivatives)
|
82
82
|
|
83
|
-
**NOTE: The [Sufia Development Guide](https://github.com/
|
83
|
+
**NOTE: The [Sufia Development Guide](https://github.com/samvera/sufia/wiki/Sufia-Development-Guide) has instructions for installing Solr and Fedora in a development environment.**
|
84
84
|
|
85
85
|
### Characterization
|
86
86
|
|
@@ -121,7 +121,7 @@ Hyrax requires Rails 5. We recommend the latest Rails 5.0 release.
|
|
121
121
|
|
122
122
|
```
|
123
123
|
# If you don't already have Rails at your disposal...
|
124
|
-
gem install rails -v 5.0.
|
124
|
+
gem install rails -v 5.0.3
|
125
125
|
```
|
126
126
|
|
127
127
|
### JavaScript runtime
|
@@ -133,7 +133,7 @@ Rails requires that you have a JavaScript runtime -- for example, nodejs -- inst
|
|
133
133
|
Generate a new Rails application using the template.
|
134
134
|
|
135
135
|
```
|
136
|
-
rails new my_app -m https://raw.githubusercontent.com/samvera/hyrax/v1.0.
|
136
|
+
rails new my_app -m https://raw.githubusercontent.com/samvera/hyrax/v1.0.5/template.rb
|
137
137
|
```
|
138
138
|
|
139
139
|
Generating a new Rails application using Hyrax's template above takes cares of a number of steps for you, including:
|
@@ -166,7 +166,7 @@ Namespaces can be included in the work My::MovingImage by adding the path.
|
|
166
166
|
rails generate hyrax:work My/MovingImage
|
167
167
|
```
|
168
168
|
|
169
|
-
You may wish to [customize your work type](https://github.com/
|
169
|
+
You may wish to [customize your work type](https://github.com/samvera/sufia/wiki/Customizing-your-work-types) now that it's been generated.
|
170
170
|
|
171
171
|
## Start servers
|
172
172
|
|
@@ -200,7 +200,7 @@ class Application < Rails::Application
|
|
200
200
|
end
|
201
201
|
```
|
202
202
|
|
203
|
-
**For production applications** you will want to use a more robust message queue system such as [Sidekiq](http://sidekiq.org/) or [Resque](https://github.com/resque/resque). The Sufia Development Guide has a detailed walkthrough of [installing and configuring Resque](https://github.com/
|
203
|
+
**For production applications** you will want to use a more robust message queue system such as [Sidekiq](http://sidekiq.org/) or [Resque](https://github.com/resque/resque). The Sufia Development Guide has a detailed walkthrough of [installing and configuring Resque](https://github.com/samvera/sufia/wiki/Background-Workers-(Resque-in-Sufia-7). Initial Sidekiq instructions for ActiveJob are available on the [Sidekiq wiki](https://github.com/mperham/sidekiq/wiki/Active-Job).
|
204
204
|
|
205
205
|
## Load workflows
|
206
206
|
Load workflows from the json files in `config/workflows` by running the following rake task:
|
@@ -221,7 +221,7 @@ rake hyrax:default_admin_set:create
|
|
221
221
|
|
222
222
|
# Managing a Hyrax-based app
|
223
223
|
|
224
|
-
The [Sufia Management Guide](https://github.com/
|
224
|
+
The [Sufia Management Guide](https://github.com/samvera/sufia/wiki/Sufia-Management-Guide) provides tips for how to manage, customize, and enhance your Hyrax application, including guidance specific to:
|
225
225
|
|
226
226
|
* Production implementations
|
227
227
|
* Configuration of background workers
|
@@ -254,23 +254,23 @@ Hyrax is available under [the Apache 2.0 license](LICENSE.md).
|
|
254
254
|
|
255
255
|
We'd love to accept your contributions. Please see our guide to [contributing to Hyrax](./.github/CONTRIBUTING.md).
|
256
256
|
|
257
|
-
If you'd like to help the development effort and you're not sure where to get started, you can always grab a ticket in the "Ready" column from our [Waffle board](https://waffle.io/
|
257
|
+
If you'd like to help the development effort and you're not sure where to get started, you can always grab a ticket in the "Ready" column from our [Waffle board](https://waffle.io/samvera/hyrax). There are other ways to help, too.
|
258
258
|
|
259
|
-
* [Contribute a user story](https://github.com/
|
260
|
-
* Help us improve [Hyrax's test coverage](https://coveralls.io/r/
|
261
|
-
* Refactor away [code smells](https://codeclimate.com/github/
|
259
|
+
* [Contribute a user story](https://github.com/samvera/hyrax/issues/new).
|
260
|
+
* Help us improve [Hyrax's test coverage](https://coveralls.io/r/samvera/hyrax) or [documentation coverage](https://inch-ci.org/github/samvera/hyrax).
|
261
|
+
* Refactor away [code smells](https://codeclimate.com/github/samvera/hyrax).
|
262
262
|
|
263
263
|
# Development
|
264
264
|
|
265
|
-
The [Sufia Development Guide](https://github.com/
|
265
|
+
The [Sufia Development Guide](https://github.com/samvera/sufia/wiki/Sufia-Development-Guide) is for people who want to modify Hyrax itself, not an application that uses Hyrax.
|
266
266
|
|
267
267
|
# Release process
|
268
268
|
|
269
|
-
See the [release management process](https://github.com/
|
269
|
+
See the [release management process](https://github.com/samvera/sufia/wiki/Release-management-process).
|
270
270
|
|
271
271
|
# Acknowledgments
|
272
272
|
|
273
|
-
This software has been developed by and is brought to you by the
|
274
|
-
[
|
273
|
+
This software has been developed by and is brought to you by the Samvera community. Learn more at the
|
274
|
+
[Samvera website](http://samvera.org/).
|
275
275
|
|
276
|
-
![
|
276
|
+
![Samvera Logo](https://wiki.duraspace.org/download/thumbnails/87459292/samvera-fall-font2-200w.png?version=1&modificationDate=1498550535816&api=v2)
|
@@ -19,6 +19,10 @@ module Hyrax
|
|
19
19
|
return true unless remote_files
|
20
20
|
remote_files.each do |file_info|
|
21
21
|
next if file_info.blank? || file_info[:url].blank?
|
22
|
+
unless validate_remote_url(file_info[:url])
|
23
|
+
Rails.logger.error "User #{user.user_key} attempted to ingest file from url #{file_info[:url]}, which doesn't pass validation"
|
24
|
+
return false
|
25
|
+
end
|
22
26
|
create_file_from_url(file_info[:url], file_info[:file_name])
|
23
27
|
end
|
24
28
|
true
|
@@ -45,5 +49,23 @@ module Hyrax
|
|
45
49
|
Hyrax::Operation.create!(user: user,
|
46
50
|
operation_type: "Attach Remote File")
|
47
51
|
end
|
52
|
+
|
53
|
+
def validate_remote_url(url)
|
54
|
+
uri = URI.parse(URI.encode(url))
|
55
|
+
if uri.scheme == 'file'
|
56
|
+
path = File.absolute_path(URI.decode(uri.path))
|
57
|
+
whitelisted_ingest_dirs.any? do |dir|
|
58
|
+
path.start_with?(dir) && path.length > dir.length
|
59
|
+
end
|
60
|
+
else
|
61
|
+
# TODO: It might be a good idea to validate other URLs as well.
|
62
|
+
# The server can probably access URLs the user can't.
|
63
|
+
true
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
def whitelisted_ingest_dirs
|
68
|
+
Hyrax.config.whitelisted_ingest_dirs
|
69
|
+
end
|
48
70
|
end
|
49
71
|
end
|
@@ -186,6 +186,22 @@ Hyrax.config do |config|
|
|
186
186
|
rescue Errno::ENOENT
|
187
187
|
config.browse_everything = nil
|
188
188
|
end
|
189
|
+
|
190
|
+
## Whitelist all directories which can be used to ingest from the local file
|
191
|
+
# system.
|
192
|
+
#
|
193
|
+
# Any file, and only those, that is anywhere under one of the specified
|
194
|
+
# directories can be used by CreateWithRemoteFilesActor to add local files
|
195
|
+
# to works. Files uploaded by the user are handled separately and the
|
196
|
+
# temporary directory for those need not be included here.
|
197
|
+
#
|
198
|
+
# Default value includes BrowseEverything.config['file_system'][:home] if it
|
199
|
+
# is set, otherwise default is an empty list. You should only need to change
|
200
|
+
# this if you have custom ingestions using CreateWithRemoteFilesActor to
|
201
|
+
# ingest files from the file system that are not part of the BrowseEverything
|
202
|
+
# mount point.
|
203
|
+
#
|
204
|
+
# config.whitelisted_ingest_dirs = []
|
189
205
|
end
|
190
206
|
|
191
207
|
Date::DATE_FORMATS[:standard] = "%m/%d/%Y"
|
data/lib/hyrax/configuration.rb
CHANGED
@@ -226,6 +226,18 @@ module Hyrax
|
|
226
226
|
end
|
227
227
|
# rubocop:enable Metrics/MethodLength
|
228
228
|
|
229
|
+
# @!attribute [w] whitelisted_ingest_dirs
|
230
|
+
# List of directories which can be used for local file system ingestion.
|
231
|
+
attr_writer :whitelisted_ingest_dirs
|
232
|
+
def whitelisted_ingest_dirs
|
233
|
+
@whitelisted_ingest_dirs ||= \
|
234
|
+
if defined? BrowseEverything
|
235
|
+
Array.wrap(BrowseEverything.config['file_system'].try(:[], :home)).compact
|
236
|
+
else
|
237
|
+
[]
|
238
|
+
end
|
239
|
+
end
|
240
|
+
|
229
241
|
callback.enable :after_create_concern, :after_create_fileset,
|
230
242
|
:after_update_content, :after_revert_content,
|
231
243
|
:after_update_metadata, :after_import_local_file_success,
|
data/lib/hyrax/version.rb
CHANGED
@@ -51,11 +51,27 @@ describe Hyrax::CreateWithRemoteFilesActor do
|
|
51
51
|
file_name: "here.txt" }]
|
52
52
|
end
|
53
53
|
|
54
|
+
before do
|
55
|
+
allow(Hyrax.config).to receive(:whitelisted_ingest_dirs).and_return(["/local/file/"])
|
56
|
+
end
|
57
|
+
|
54
58
|
it "attaches files" do
|
55
59
|
expect(IngestLocalFileJob).to receive(:perform_later).with(FileSet, "/local/file/here.txt", user)
|
56
60
|
expect(actor.create(attributes)).to be true
|
57
61
|
end
|
58
62
|
|
63
|
+
context "with files from non-whitelisted directories" do
|
64
|
+
let(:file) { "file:///local/otherdir/test.txt" }
|
65
|
+
|
66
|
+
# rubocop:disable RSpec/AnyInstance
|
67
|
+
it "doesn't attach files" do
|
68
|
+
expect_any_instance_of(described_class).to receive(:validate_remote_url).and_call_original
|
69
|
+
expect(IngestLocalFileJob).not_to receive(:perform_later)
|
70
|
+
expect(actor.create(attributes)).to be false
|
71
|
+
end
|
72
|
+
# rubocop:enable RSpec/AnyInstance
|
73
|
+
end
|
74
|
+
|
59
75
|
context "with spaces" do
|
60
76
|
let(:file) { "file:///local/file/ pigs .txt" }
|
61
77
|
it "attaches files" do
|
@@ -64,4 +80,26 @@ describe Hyrax::CreateWithRemoteFilesActor do
|
|
64
80
|
end
|
65
81
|
end
|
66
82
|
end
|
83
|
+
|
84
|
+
describe "#validate_remote_url" do
|
85
|
+
before do
|
86
|
+
allow(Hyrax.config).to receive(:whitelisted_ingest_dirs).and_return(['/test/', '/local/file/'])
|
87
|
+
end
|
88
|
+
|
89
|
+
it "accepts file: urls in whitelisted directories" do
|
90
|
+
expect(actor.actor.send(:validate_remote_url, "file:///local/file/test.txt")).to be true
|
91
|
+
expect(actor.actor.send(:validate_remote_url, "file:///local/file/subdirectory/test.txt")).to be true
|
92
|
+
expect(actor.actor.send(:validate_remote_url, "file:///test/test.txt")).to be true
|
93
|
+
end
|
94
|
+
|
95
|
+
it "rejects file: urls outside whitelisted directories" do
|
96
|
+
expect(actor.actor.send(:validate_remote_url, "file:///tmp/test.txt")).to be false
|
97
|
+
expect(actor.actor.send(:validate_remote_url, "file:///test/../tmp/test.txt")).to be false
|
98
|
+
expect(actor.actor.send(:validate_remote_url, "file:///test/")).to be false
|
99
|
+
end
|
100
|
+
|
101
|
+
it "accepts other types of urls" do
|
102
|
+
expect(actor.actor.send(:validate_remote_url, "https://example.com/test.txt")).to be true
|
103
|
+
end
|
104
|
+
end
|
67
105
|
end
|
@@ -21,8 +21,14 @@ describe ImportUrlJob do
|
|
21
21
|
allow(Hyrax::ImportUrlSuccessService).to receive(:new).and_return(success_service)
|
22
22
|
allow(Hyrax::Actors::FileSetActor).to receive(:new).with(file_set, user).and_return(actor)
|
23
23
|
|
24
|
+
response_headers = { 'Content-Type' => 'image/png', 'Content-Length' => File.size(File.expand_path(file_path, __FILE__)) }
|
25
|
+
|
26
|
+
stub_request(:head, "http://example.org#{file_hash}").to_return(
|
27
|
+
body: "", status: 200, headers: response_headers
|
28
|
+
)
|
29
|
+
|
24
30
|
stub_request(:get, "http://example.org#{file_hash}").to_return(
|
25
|
-
body: File.open(File.expand_path(file_path, __FILE__)).read, status: 200, headers:
|
31
|
+
body: File.open(File.expand_path(file_path, __FILE__)).read, status: 200, headers: response_headers
|
26
32
|
)
|
27
33
|
end
|
28
34
|
|
@@ -53,4 +53,6 @@ describe Hyrax::Configuration do
|
|
53
53
|
it { is_expected.to respond_to(:translate_uri_to_id) }
|
54
54
|
it { is_expected.to respond_to(:upload_path) }
|
55
55
|
it { is_expected.to respond_to(:work_requires_files?) }
|
56
|
+
it { is_expected.to respond_to(:whitelisted_ingest_dirs) }
|
57
|
+
it { is_expected.to respond_to(:whitelisted_ingest_dirs=) }
|
56
58
|
end
|
data/template.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hyrax
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Coyne
|
@@ -14,7 +14,7 @@ authors:
|
|
14
14
|
autorequire:
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
|
-
date: 2017-
|
17
|
+
date: 2017-10-10 00:00:00.000000000 Z
|
18
18
|
dependencies:
|
19
19
|
- !ruby/object:Gem::Dependency
|
20
20
|
name: hydra-head
|
@@ -2627,7 +2627,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2627
2627
|
version: '0'
|
2628
2628
|
requirements: []
|
2629
2629
|
rubyforge_project:
|
2630
|
-
rubygems_version: 2.6.
|
2630
|
+
rubygems_version: 2.6.11
|
2631
2631
|
signing_key:
|
2632
2632
|
specification_version: 4
|
2633
2633
|
summary: Hyrax is a front-end based on the robust Samvera framework, providing a user
|