leifcr-refile 0.6.3

data/lib/refile/app.rb

@@ -0,0 +1,186 @@
+require "json"
+require "sinatra/base"
+require "tempfile"
+
+module Refile
+  # A Rack application which can be mounted or run on its own.
+  #
+  # @example mounted in Rails
+  #   Rails.application.routes.draw do
+  #     mount Refile::App.new, at: "attachments", as: :refile_app
+  #   end
+  #
+  # @example as standalone app
+  #   require "refile"
+  #
+  #   run Refile::App.new
+  class App < Sinatra::Base
+    configure do
+      set :show_exceptions, false
+      set :raise_errors, false
+      set :sessions, false
+      set :logging, false
+      set :dump_errors, false
+      use CustomLogger, "Refile::App", proc { Refile.logger }
+    end
+
+    before do
+      if Refile.allow_origin
+        response["Access-Control-Allow-Origin"] = Refile.allow_origin
+        response["Access-Control-Allow-Headers"] = request.env["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"].to_s
+        response["Access-Control-Allow-Method"] = request.env["HTTP_ACCESS_CONTROL_REQUEST_METHOD"].to_s
+      end
+    end
+
+    # This will match all token authenticated requests
+    before "/:token/:backend/*" do
+      halt 403 unless verified?
+    end
+
+    get "/:token/:backend/:id/:filename" do
+      halt 404 unless download_allowed?
+      stream_file file
+    end
+
+    get "/:token/:backend/:processor/:id/:file_basename.:extension" do
+      halt 404 unless download_allowed?
+      stream_file processor.call(file, format: params[:extension])
+    end
+
+    get "/:token/:backend/:processor/:id/:filename" do
+      halt 404 unless download_allowed?
+      stream_file processor.call(file)
+    end
+
+    get "/:token/:backend/:processor/*/:id/:file_basename.:extension" do
+      halt 404 unless download_allowed?
+      stream_file processor.call(file, *params[:splat].first.split("/"), format: params[:extension])
+    end
+
+    get "/:token/:backend/:processor/*/:id/:filename" do
+      halt 404 unless download_allowed?
+      stream_file processor.call(file, *params[:splat].first.split("/"))
+    end
+
+    options "/:backend" do
+      ""
+    end
+
+    post "/:backend" do
+      halt 404 unless upload_allowed?
+      tempfile = request.params.fetch("file").fetch(:tempfile)
+      filename = request.params.fetch("file").fetch(:filename)
+      file = backend.upload(tempfile)
+      url = Refile.file_url(file, filename: filename)
+      content_type :json
+      { id: file.id, url: url }.to_json
+    end
+
+    get "/:backend/presign" do
+      halt 404 unless upload_allowed?
+      content_type :json
+      backend.presign.to_json
+    end
+
+    not_found do
+      content_type :text
+      "not found"
+    end
+
+    error 403 do
+      content_type :text
+      "forbidden"
+    end
+
+    error Refile::InvalidFile do
+      status 400
+      "Upload failure error"
+    end
+
+    error Refile::InvalidMaxSize do
+      status 413
+      "Upload failure error"
+    end
+
+    error do |error_thrown|
+      log_error("Error -> #{error_thrown}")
+      error_thrown.backtrace.each do |line|
+        log_error(line)
+      end
+      content_type :text
+      "error"
+    end
+
+  private
+
+    def download_allowed?
+      Refile.allow_downloads_from == :all or Refile.allow_downloads_from.include?(params[:backend])
+    end
+
+    def upload_allowed?
+      Refile.allow_uploads_to == :all or Refile.allow_uploads_to.include?(params[:backend])
+    end
+
+    def logger
+      Refile.logger
+    end
+
+    def stream_file(file)
+      expires Refile.content_max_age, :public
+
+      if file.respond_to?(:path)
+        path = file.path
+      else
+        path = Dir::Tmpname.create(params[:id]) {}
+        IO.copy_stream file, path
+      end
+
+      filename = Rack::Utils.unescape(request.path.split("/").last)
+      disposition = force_download?(params) ? "attachment" : "inline"
+
+      send_file path, filename: filename, disposition: disposition, type: ::File.extname(filename)
+    end
+
+    def backend
+      Refile.backends.fetch(params[:backend]) do |name|
+        log_error("Could not find backend: #{name}")
+        halt 404
+      end
+    end
+
+    def file
+      file = backend.get(params[:id])
+      unless file.exists?
+        log_error("Could not find attachment by id: #{params[:id]}")
+        halt 404
+      end
+      file.download
+    end
+
+    def processor
+      Refile.processors.fetch(params[:processor]) do |name|
+        log_error("Could not find processor: #{name}")
+        halt 404
+      end
+    end
+
+    def log_error(message)
+      logger.error "#{self.class.name}: #{message}"
+    end
+
+    def verified?
+      base_path = request.fullpath.gsub(::File.join(request.script_name, params[:token]), "")
+
+      Refile.valid_token?(base_path, params[:token]) && not_expired?(params)
+    end
+
+    def not_expired?(params)
+      params["expires_at"].nil? ||
+        (Time.at(params["expires_at"].to_i) > Time.now)
+    end
+
+    def force_download?(params)
+      !params["force_download"].nil?
+    end
+  end
+end

data/lib/refile/attacher.rb

@@ -0,0 +1,190 @@
+module Refile
+  # @api private
+  class Attacher
+    attr_reader :definition, :record, :errors
+    attr_accessor :remove
+
+    Presence = ->(val) { val if val != "" }
+
+    def initialize(definition, record)
+      @definition = definition
+      @record = record
+      @errors = []
+      @metadata = {}
+    end
+
+    def name
+      @definition.name
+    end
+
+    def cache
+      @definition.cache
+    end
+
+    def store
+      @definition.store
+    end
+
+    def id
+      Presence[read(:id, true)]
+    end
+
+    def size
+      Presence[@metadata[:size] || read(:size)]
+    end
+
+    def filename
+      Presence[@metadata[:filename] || read(:filename)]
+    end
+
+    def content_type
+      Presence[@metadata[:content_type] || read(:content_type)]
+    end
+
+    def cache_id
+      Presence[@metadata[:id]]
+    end
+
+    def basename
+      if filename and extension
+        ::File.basename(filename, "." << extension)
+      else
+        filename
+      end
+    end
+
+    def extension
+      if filename
+        Presence[::File.extname(filename).sub(/^\./, "")]
+      elsif content_type
+        type = MIME::Types[content_type][0]
+        type.extensions[0] if type
+      end
+    end
+
+    def get
+      if remove?
+        nil
+      elsif cache_id
+        cache.get(cache_id)
+      elsif id
+        store.get(id)
+      end
+    end
+
+    def set(value)
+      case value
+        when nil then self.remove = true
+        when String, Hash then retrieve!(value)
+        else cache!(value)
+      end
+    end
+
+    def retrieve!(value)
+      if value.is_a?(String)
+        @metadata = Refile.parse_json(value, symbolize_names: true) || {}
+      elsif value.is_a?(Hash)
+        @metadata = value
+      end
+      write_metadata if cache_id
+    end
+
+    def cache!(uploadable)
+      @metadata = {
+        size: uploadable.size,
+        content_type: Refile.extract_content_type(uploadable),
+        filename: Refile.extract_filename(uploadable)
+      }
+      if valid?
+        @metadata[:id] = cache.upload(uploadable).id
+        write_metadata
+      elsif @definition.raise_errors?
+        raise Refile::Invalid, @errors.join(", ")
+      end
+    end
+
+    def download(url)
+      unless url.to_s.empty?
+        response = RestClient::Request.new(method: :get, url: url, raw_response: true).execute
+        @metadata = {
+          size: response.file.size,
+          filename: URI.parse(url).path.split("/").last,
+          content_type: response.headers[:content_type]
+        }
+        if valid?
+          response.file.open if response.file.closed? # https://github.com/refile/refile/pull/210
+          @metadata[:id] = cache.upload(response.file).id
+          write_metadata
+        elsif @definition.raise_errors?
+          raise Refile::Invalid, @errors.join(", ")
+        end
+      end
+    rescue RestClient::Exception
+      @errors = [:download_failed]
+      raise if @definition.raise_errors?
+    end
+
+    def store!
+      if remove?
+        delete!
+        write(:id, nil, true)
+        remove_metadata
+      elsif cache_id
+        file = store.upload(get)
+        delete!
+        write(:id, file.id, true)
+        write_metadata
+      end
+      @metadata = {}
+    end
+
+    def delete!
+      cache.delete(cache_id) if cache_id
+      store.delete(id) if id
+      @metadata = {}
+    end
+
+    def remove?
+      remove and remove != "" and remove !~ /\A0|false$\z/
+    end
+
+    def present?
+      not @metadata.empty?
+    end
+
+    def data
+      @metadata if valid?
+    end
+
+    def valid?
+      @errors = @definition.validate(self)
+      @errors.empty?
+    end
+
+  private
+
+    def read(column, strict = false)
+      m = "#{name}_#{column}"
+      value ||= record.send(m) if strict or record.respond_to?(m)
+      value
+    end
+
+    def write(column, value, strict = false)
+      return if record.frozen?
+      m = "#{name}_#{column}="
+      record.send(m, value) if strict or record.respond_to?(m)
+    end
+
+    def write_metadata
+      write(:size, size)
+      write(:content_type, content_type)
+      write(:filename, filename)
+    end
+
+    def remove_metadata
+      write(:size, nil)
+      write(:content_type, nil)
+      write(:filename, nil)
+    end
+  end
+end

data/lib/refile/attachment.rb

@@ -0,0 +1,108 @@
+module Refile
+  module Attachment
+    # Macro which generates accessors for the given column which make it
+    # possible to upload and retrieve previously uploaded files through the
+    # generated accessors.
+    #
+    # The `raise_errors` option controls whether assigning an invalid file
+    # should immediately raise an error, or save the error and defer handling
+    # it until later.
+    #
+    # Given a record with an attachment named `image`, the following methods
+    # will be added:
+    #
+    # - `image`
+    # - `image=`
+    # - `remove_image`
+    # - `remove_image=`
+    # - `remote_image_url`
+    # - `remote_image_url=`
+    # - `image_url`
+    # - `image_presigned_url`
+    #
+    # @example
+    #   class User
+    #     extend Refile::Attachment
+    #
+    #     attachment :image
+    #     attr_accessor :image_id
+    #   end
+    #
+    # @param [String] name                              Name of the column which accessor are generated for
+    # @param [#to_s] cache                              Name of a backend in {Refile.backends} to use as transient cache
+    # @param [#to_s] store                              Name of a backend in {Refile.backends} to use as permanent store
+    # @param [true, false] raise_errors                 Whether to raise errors in case an invalid file is assigned
+    # @param [Symbol, nil] type                         The type of file that can be uploaded, see {Refile.types}
+    # @param [String, Array<String>, nil] extension     Limit the uploaded file to the given extension or list of extensions
+    # @param [String, Array<String>, nil] content_type  Limit the uploaded file to the given content type or list of content types
+    # @return [void]
+    def attachment(name, cache: :cache, store: :store, raise_errors: true, type: nil, extension: nil, content_type: nil)
+      definition = AttachmentDefinition.new(name,
+        cache: cache,
+        store: store,
+        raise_errors: raise_errors,
+        type: type,
+        extension: extension,
+        content_type: content_type
+      )
+
+      define_singleton_method :"#{name}_attachment_definition" do
+        definition
+      end
+
+      mod = Module.new do
+        attacher = :"#{name}_attacher"
+
+        define_method :"#{name}_attachment_definition" do
+          definition
+        end
+
+        define_method attacher do
+          ivar = :"@#{attacher}"
+          instance_variable_get(ivar) or instance_variable_set(ivar, Attacher.new(definition, self))
+        end
+
+        define_method "#{name}=" do |value|
+          send(attacher).set(value)
+        end
+
+        define_method name do
+          send(attacher).get
+        end
+
+        define_method "remove_#{name}=" do |remove|
+          send(attacher).remove = remove
+        end
+
+        define_method "remove_#{name}" do
+          send(attacher).remove
+        end
+
+        define_method "remote_#{name}_url=" do |url|
+          send(attacher).download(url)
+        end
+
+        define_method "remote_#{name}_url" do
+        end
+
+        define_method "#{name}_url" do |*args|
+          Refile.attachment_url(self, name, *args)
+        end
+
+        define_method "presigned_#{name}_url" do |expires_in = 900|
+          attachment = send(attacher)
+          attachment.store.object(attachment.id).presigned_url(:get, expires_in: expires_in) unless attachment.id.nil?
+        end
+
+        define_method "#{name}_data" do
+          send(attacher).data
+        end
+
+        define_singleton_method("to_s")    { "Refile::Attachment(#{name})" }
+        define_singleton_method("inspect") { "Refile::Attachment(#{name})" }
+      end
+
+      include mod
+    end
+  end
+end