lockbox 0.3.5 → 0.3.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +15 -1
- data/lib/lockbox/active_storage_extensions.rb +32 -0
- data/lib/lockbox/carrier_wave_extensions.rb +6 -0
- data/lib/lockbox/io.rb +3 -0
- data/lib/lockbox/railtie.rb +1 -0
- data/lib/lockbox/utils.rb +9 -2
- data/lib/lockbox/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9d220724fb1331a7a9fdda8fdd073de62c19f601b2d15173a5fe22046e51071d
|
|
4
|
+
data.tar.gz: 9f144deb1211bd79d49f5eb2dccee29b25a2ea8869aadadad92ebda825012c00
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 31492e71cafb170205944089f047269302249a5ba03f23533d302b45f45fc770ee221eb56af50f47c39ac44d980f8886ff0aa3cd50ed9dcc018638859ac06ace
|
|
7
|
+
data.tar.gz: 69faba8f29dca9c7b85c3e5d7905db625d96105b2ae74a61b0a3cd7094cbcea437caf909a731346ac53607f8624ec27b1b9d58bb44f80f294028c07ab813e938
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -780,6 +780,20 @@ end
|
|
|
780
780
|
|
|
781
781
|
## Upgrading
|
|
782
782
|
|
|
783
|
+
### 0.3.6
|
|
784
|
+
|
|
785
|
+
0.3.6 makes content type detection more reliable for Active Storage. You can check and update the content type of existing files with:
|
|
786
|
+
|
|
787
|
+
```ruby
|
|
788
|
+
User.find_each do |user|
|
|
789
|
+
license = user.license
|
|
790
|
+
content_type = Marcel::MimeType.for(license.download, name: license.filename.to_s)
|
|
791
|
+
if content_type != license.content_type
|
|
792
|
+
license.update!(content_type: content_type)
|
|
793
|
+
end
|
|
794
|
+
end
|
|
795
|
+
```
|
|
796
|
+
|
|
783
797
|
### 0.2.0
|
|
784
798
|
|
|
785
799
|
0.2.0 brings a number of improvements. Here are a few to be aware of:
|
|
@@ -837,7 +851,7 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
|
|
|
837
851
|
- Write, clarify, or fix documentation
|
|
838
852
|
- Suggest or add new features
|
|
839
853
|
|
|
840
|
-
To get started with development and
|
|
854
|
+
To get started with development, [install Libsodium](https://github.com/crypto-rb/rbnacl/wiki/Installing-libsodium) and run:
|
|
841
855
|
|
|
842
856
|
```sh
|
|
843
857
|
git clone https://github.com/ankane/lockbox.git
|
|
@@ -101,6 +101,26 @@ module Lockbox
|
|
|
101
101
|
result
|
|
102
102
|
end
|
|
103
103
|
|
|
104
|
+
if ActiveStorage::VERSION::MAJOR >= 6
|
|
105
|
+
def open(**options)
|
|
106
|
+
blob.open(**options) do |file|
|
|
107
|
+
options = Utils.encrypted_options(record, name)
|
|
108
|
+
if options
|
|
109
|
+
result = file.read
|
|
110
|
+
file.rewind
|
|
111
|
+
# truncate may not be available on all platforms
|
|
112
|
+
# according to the Ruby docs
|
|
113
|
+
# may need to create a new temp file instead
|
|
114
|
+
file.truncate(0)
|
|
115
|
+
file.write(Utils.build_box(record, options, record.class.table_name, name).decrypt(result))
|
|
116
|
+
file.rewind
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
yield file
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
|
|
104
124
|
def mark_analyzed
|
|
105
125
|
if Utils.encrypted_options(record, name)
|
|
106
126
|
blob.update!(metadata: blob.metadata.merge(analyzed: true))
|
|
@@ -111,5 +131,17 @@ module Lockbox
|
|
|
111
131
|
after_save :mark_analyzed
|
|
112
132
|
end
|
|
113
133
|
end
|
|
134
|
+
|
|
135
|
+
module Blob
|
|
136
|
+
private
|
|
137
|
+
|
|
138
|
+
def extract_content_type(io)
|
|
139
|
+
if io.is_a?(Lockbox::IO) && io.extracted_content_type
|
|
140
|
+
io.extracted_content_type
|
|
141
|
+
else
|
|
142
|
+
super
|
|
143
|
+
end
|
|
144
|
+
end
|
|
145
|
+
end
|
|
114
146
|
end
|
|
115
147
|
end
|
|
@@ -8,6 +8,7 @@ module Lockbox
|
|
|
8
8
|
@file = CarrierWave::SanitizedFile.new(lockbox.encrypt_io(file))
|
|
9
9
|
end
|
|
10
10
|
|
|
11
|
+
# TODO safe to memoize?
|
|
11
12
|
def read
|
|
12
13
|
r = super
|
|
13
14
|
lockbox.decrypt(r) if r
|
|
@@ -17,6 +18,11 @@ module Lockbox
|
|
|
17
18
|
read.bytesize
|
|
18
19
|
end
|
|
19
20
|
|
|
21
|
+
# based on CarrierWave::SanitizedFile#mime_magic_content_type
|
|
22
|
+
def content_type
|
|
23
|
+
MimeMagic.by_magic(read).try(:type) || "invalid/invalid"
|
|
24
|
+
end
|
|
25
|
+
|
|
20
26
|
def rotate_encryption!
|
|
21
27
|
io = Lockbox::IO.new(read)
|
|
22
28
|
io.original_filename = file.filename
|
data/lib/lockbox/io.rb
CHANGED
data/lib/lockbox/railtie.rb
CHANGED
data/lib/lockbox/utils.rb
CHANGED
|
@@ -49,17 +49,20 @@ module Lockbox
|
|
|
49
49
|
def self.encrypt_attachable(record, name, attachable)
|
|
50
50
|
options = encrypted_options(record, name)
|
|
51
51
|
box = build_box(record, options, record.class.table_name, name)
|
|
52
|
+
io = nil
|
|
52
53
|
|
|
53
54
|
case attachable
|
|
54
55
|
when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile
|
|
56
|
+
io = attachable
|
|
55
57
|
attachable = {
|
|
56
|
-
io: box.encrypt_io(
|
|
58
|
+
io: box.encrypt_io(io),
|
|
57
59
|
filename: attachable.original_filename,
|
|
58
60
|
content_type: attachable.content_type
|
|
59
61
|
}
|
|
60
62
|
when Hash
|
|
63
|
+
io = attachable[:io]
|
|
61
64
|
attachable = {
|
|
62
|
-
io: box.encrypt_io(
|
|
65
|
+
io: box.encrypt_io(io),
|
|
63
66
|
filename: attachable[:filename],
|
|
64
67
|
content_type: attachable[:content_type]
|
|
65
68
|
}
|
|
@@ -67,6 +70,10 @@ module Lockbox
|
|
|
67
70
|
raise NotImplementedError, "Not supported"
|
|
68
71
|
end
|
|
69
72
|
|
|
73
|
+
# set content type based on unencrypted data
|
|
74
|
+
# keep synced with ActiveStorage::Blob#extract_content_type
|
|
75
|
+
attachable[:io].extracted_content_type = Marcel::MimeType.for(io, name: attachable[:filename].to_s, declared_type: attachable[:content_type])
|
|
76
|
+
|
|
70
77
|
attachable
|
|
71
78
|
end
|
|
72
79
|
end
|
data/lib/lockbox/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lockbox
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-04-
|
|
11
|
+
date: 2020-04-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -42,16 +42,16 @@ dependencies:
|
|
|
42
42
|
name: combustion
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
|
-
- - "
|
|
45
|
+
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version:
|
|
47
|
+
version: 1.1.2
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
|
-
- - "
|
|
52
|
+
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version:
|
|
54
|
+
version: 1.1.2
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: rails
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|