lockbox 0.3.5 → 0.3.6

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 05cf227cc78a31ce5ad67f4352196ee720d31e0f614db26089d1c5b0a17ae823
4
- data.tar.gz: c47effd7829d2e7ffc7143d51fa6adb03ae6e11bd24f8b7048d39c2e559d5389
3
+ metadata.gz: 9d220724fb1331a7a9fdda8fdd073de62c19f601b2d15173a5fe22046e51071d
4
+ data.tar.gz: 9f144deb1211bd79d49f5eb2dccee29b25a2ea8869aadadad92ebda825012c00
5
5
  SHA512:
6
- metadata.gz: 79b18945ec5c492feedc8913669dde990b7849264b0ca3bc9e5a3be991656a59e5f953e414cf51108b747aa1d98687838715452824f0e38697cbe55fe0cae023
7
- data.tar.gz: a747b3d2ebe4dd12cfafd91fb4970bd020515a8585a05d0bdd222ddbe30e6f402e596b4188c1d945bfaf6d2cb21914fddfd1199030f9ca73c61a5a02acf24b0f
6
+ metadata.gz: 31492e71cafb170205944089f047269302249a5ba03f23533d302b45f45fc770ee221eb56af50f47c39ac44d980f8886ff0aa3cd50ed9dcc018638859ac06ace
7
+ data.tar.gz: 69faba8f29dca9c7b85c3e5d7905db625d96105b2ae74a61b0a3cd7094cbcea437caf909a731346ac53607f8624ec27b1b9d58bb44f80f294028c07ab813e938
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## 0.3.6 (2020-04-19)
2
+
3
+ - Fixed content type detection for Active Storage and CarrierWave
4
+ - Fixed decryption with Active Storage 6 and `attachment.open`
5
+
1
6
  ## 0.3.5 (2020-04-13)
2
7
 
3
8
  - Added `array` type
data/README.md CHANGED
@@ -780,6 +780,20 @@ end
780
780
 
781
781
  ## Upgrading
782
782
 
783
+ ### 0.3.6
784
+
785
+ 0.3.6 makes content type detection more reliable for Active Storage. You can check and update the content type of existing files with:
786
+
787
+ ```ruby
788
+ User.find_each do |user|
789
+ license = user.license
790
+ content_type = Marcel::MimeType.for(license.download, name: license.filename.to_s)
791
+ if content_type != license.content_type
792
+ license.update!(content_type: content_type)
793
+ end
794
+ end
795
+ ```
796
+
783
797
  ### 0.2.0
784
798
 
785
799
  0.2.0 brings a number of improvements. Here are a few to be aware of:
@@ -837,7 +851,7 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
837
851
  - Write, clarify, or fix documentation
838
852
  - Suggest or add new features
839
853
 
840
- To get started with development and testing:
854
+ To get started with development, [install Libsodium](https://github.com/crypto-rb/rbnacl/wiki/Installing-libsodium) and run:
841
855
 
842
856
  ```sh
843
857
  git clone https://github.com/ankane/lockbox.git
@@ -101,6 +101,26 @@ module Lockbox
101
101
  result
102
102
  end
103
103
 
104
+ if ActiveStorage::VERSION::MAJOR >= 6
105
+ def open(**options)
106
+ blob.open(**options) do |file|
107
+ options = Utils.encrypted_options(record, name)
108
+ if options
109
+ result = file.read
110
+ file.rewind
111
+ # truncate may not be available on all platforms
112
+ # according to the Ruby docs
113
+ # may need to create a new temp file instead
114
+ file.truncate(0)
115
+ file.write(Utils.build_box(record, options, record.class.table_name, name).decrypt(result))
116
+ file.rewind
117
+ end
118
+
119
+ yield file
120
+ end
121
+ end
122
+ end
123
+
104
124
  def mark_analyzed
105
125
  if Utils.encrypted_options(record, name)
106
126
  blob.update!(metadata: blob.metadata.merge(analyzed: true))
@@ -111,5 +131,17 @@ module Lockbox
111
131
  after_save :mark_analyzed
112
132
  end
113
133
  end
134
+
135
+ module Blob
136
+ private
137
+
138
+ def extract_content_type(io)
139
+ if io.is_a?(Lockbox::IO) && io.extracted_content_type
140
+ io.extracted_content_type
141
+ else
142
+ super
143
+ end
144
+ end
145
+ end
114
146
  end
115
147
  end
@@ -8,6 +8,7 @@ module Lockbox
8
8
  @file = CarrierWave::SanitizedFile.new(lockbox.encrypt_io(file))
9
9
  end
10
10
 
11
+ # TODO safe to memoize?
11
12
  def read
12
13
  r = super
13
14
  lockbox.decrypt(r) if r
@@ -17,6 +18,11 @@ module Lockbox
17
18
  read.bytesize
18
19
  end
19
20
 
21
+ # based on CarrierWave::SanitizedFile#mime_magic_content_type
22
+ def content_type
23
+ MimeMagic.by_magic(read).try(:type) || "invalid/invalid"
24
+ end
25
+
20
26
  def rotate_encryption!
21
27
  io = Lockbox::IO.new(read)
22
28
  io.original_filename = file.filename
data/lib/lockbox/io.rb CHANGED
@@ -1,5 +1,8 @@
1
1
  module Lockbox
2
2
  class IO < StringIO
3
3
  attr_accessor :original_filename, :content_type
4
+
5
+ # private: do not use
6
+ attr_accessor :extracted_content_type
4
7
  end
5
8
  end
@@ -16,6 +16,7 @@ module Lockbox
16
16
  app.config.to_prepare do
17
17
  if defined?(ActiveStorage)
18
18
  ActiveStorage::Attachment.include(Lockbox::ActiveStorageExtensions::Attachment)
19
+ ActiveStorage::Blob.prepend(Lockbox::ActiveStorageExtensions::Blob)
19
20
  end
20
21
  end
21
22
  end
data/lib/lockbox/utils.rb CHANGED
@@ -49,17 +49,20 @@ module Lockbox
49
49
  def self.encrypt_attachable(record, name, attachable)
50
50
  options = encrypted_options(record, name)
51
51
  box = build_box(record, options, record.class.table_name, name)
52
+ io = nil
52
53
 
53
54
  case attachable
54
55
  when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile
56
+ io = attachable
55
57
  attachable = {
56
- io: box.encrypt_io(attachable),
58
+ io: box.encrypt_io(io),
57
59
  filename: attachable.original_filename,
58
60
  content_type: attachable.content_type
59
61
  }
60
62
  when Hash
63
+ io = attachable[:io]
61
64
  attachable = {
62
- io: box.encrypt_io(attachable[:io]),
65
+ io: box.encrypt_io(io),
63
66
  filename: attachable[:filename],
64
67
  content_type: attachable[:content_type]
65
68
  }
@@ -67,6 +70,10 @@ module Lockbox
67
70
  raise NotImplementedError, "Not supported"
68
71
  end
69
72
 
73
+ # set content type based on unencrypted data
74
+ # keep synced with ActiveStorage::Blob#extract_content_type
75
+ attachable[:io].extracted_content_type = Marcel::MimeType.for(io, name: attachable[:filename].to_s, declared_type: attachable[:content_type])
76
+
70
77
  attachable
71
78
  end
72
79
  end
@@ -1,3 +1,3 @@
1
1
  module Lockbox
2
- VERSION = "0.3.5"
2
+ VERSION = "0.3.6"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockbox
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.5
4
+ version: 0.3.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-13 00:00:00.000000000 Z
11
+ date: 2020-04-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -42,16 +42,16 @@ dependencies:
42
42
  name: combustion
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ">="
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '0'
47
+ version: 1.1.2
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - ">="
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '0'
54
+ version: 1.1.2
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: rails
57
57
  requirement: !ruby/object:Gem::Requirement