metadata_presenter 3.3.3 → 3.3.4
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b1383e7705f46897aab384b9e5e5f8af3fa252a68292c71e7ab4fb9ba810f003
|
4
|
+
data.tar.gz: '08a34570f899f09c6e6390ab54730febc3c19215ce7ff685005ae6fa90028671'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6a9461584ecb5471ef3f4e2dab87f24f10f22b317b0fcdd1f0b4b0126d2b84062f68159df671df6a6a358f99977b3dfd6fa48e1c5b0082028ad5c7834eabfc51
|
7
|
+
data.tar.gz: fadb737aaf8eb0a899bb0936268b3bea4187f318160ac99f396b9ce2904ae6b7f127f11e3ca3ffc4af91666db7d914c259497a55d3a2dff3f6eee026cbdff2f9
|
@@ -44,11 +44,22 @@ module MetadataPresenter
|
|
44
44
|
|
45
45
|
return {} unless file_details
|
46
46
|
|
47
|
-
if file_details.is_a?(
|
48
|
-
file_details.
|
47
|
+
if file_details.is_a?(ActionController::Parameters)
|
48
|
+
unless file_details.permitted?
|
49
|
+
Rails.logger.warn("[PageAnswers#upload_answer] Permitting unfiltered params in component `#{component_id}`")
|
50
|
+
file_details.permit!
|
51
|
+
end
|
52
|
+
|
53
|
+
file_details.merge(
|
54
|
+
'original_filename' => sanitize_filename(file_details['original_filename'])
|
55
|
+
)
|
56
|
+
elsif file_details.is_a?(Hash)
|
57
|
+
file_details.merge(
|
58
|
+
'original_filename' => sanitize_filename(file_details['original_filename'])
|
59
|
+
)
|
49
60
|
else
|
50
61
|
{
|
51
|
-
'original_filename' =>
|
62
|
+
'original_filename' => sanitize_filename(file_details.original_filename),
|
52
63
|
'content_type' => file_details.content_type,
|
53
64
|
'tempfile' => file_details.tempfile.path.to_s
|
54
65
|
}
|
@@ -83,25 +94,27 @@ module MetadataPresenter
|
|
83
94
|
return if answers[component_id].blank?
|
84
95
|
|
85
96
|
if answers[component_id].is_a?(Array)
|
86
|
-
answers[component_id].each { |answer| answer['original_filename'] =
|
97
|
+
answers[component_id].each { |answer| answer['original_filename'] = sanitize_filename(answer['original_filename']) }
|
87
98
|
end
|
88
99
|
|
89
100
|
answers[component_id] = answers[component_id].reject { |a| a['original_filename'].blank? }
|
90
101
|
return answers
|
91
102
|
end
|
92
103
|
|
104
|
+
return answers if answers.incoming_answer.blank?
|
105
|
+
|
93
106
|
# uploading a new answer, this method will be called during multiple render operations
|
94
|
-
if answers.incoming_answer.
|
95
|
-
answers.incoming_answer[component_id].original_filename =
|
107
|
+
if answers.incoming_answer.is_a?(ActionController::Parameters)
|
108
|
+
answers.incoming_answer[component_id].original_filename = sanitize_filename(answers.incoming_answer[component_id].original_filename)
|
96
109
|
end
|
97
110
|
|
98
|
-
if answers.incoming_answer.
|
99
|
-
answers.incoming_answer['original_filename'] =
|
111
|
+
if answers.incoming_answer.is_a?(Hash)
|
112
|
+
answers.incoming_answer['original_filename'] = sanitize_filename(answers.incoming_answer['original_filename'])
|
100
113
|
end
|
101
114
|
|
102
|
-
if answers.incoming_answer
|
115
|
+
if answers.incoming_answer[component_id].is_a?(ActionDispatch::Http::UploadedFile)
|
103
116
|
answers.incoming_answer = {
|
104
|
-
'original_filename' =>
|
117
|
+
'original_filename' => sanitize_filename(answers.incoming_answer[component_id].original_filename),
|
105
118
|
'content_type' => answers.incoming_answer[component_id].content_type,
|
106
119
|
'tempfile' => answers.incoming_answer[component_id].tempfile.path.to_s,
|
107
120
|
'uuid' => SecureRandom.uuid
|
@@ -129,6 +142,10 @@ module MetadataPresenter
|
|
129
142
|
|
130
143
|
private
|
131
144
|
|
145
|
+
def sanitize_filename(answer)
|
146
|
+
sanitize(filename(update_filename(answer)))
|
147
|
+
end
|
148
|
+
|
132
149
|
def filename(path)
|
133
150
|
return sanitize(path) if path.nil?
|
134
151
|
|
@@ -120,7 +120,7 @@
|
|
120
120
|
},
|
121
121
|
"max_files": {
|
122
122
|
"title": "Maximum files",
|
123
|
-
"description": "The maximum number of
|
123
|
+
"description": "The maximum number of files a user can upload",
|
124
124
|
"type": "number",
|
125
125
|
"minimum": 0
|
126
126
|
},
|
@@ -464,9 +464,6 @@
|
|
464
464
|
},
|
465
465
|
"exclusive_minimum": {
|
466
466
|
"$ref": "#/definitions/exclusive_minimum"
|
467
|
-
},
|
468
|
-
"max_files": {
|
469
|
-
"$ref": "#/definitions/max_files"
|
470
467
|
}
|
471
468
|
}
|
472
469
|
},
|
@@ -486,9 +483,6 @@
|
|
486
483
|
},
|
487
484
|
"exclusive_minimum": {
|
488
485
|
"$ref": "#/definitions/errors_exclusive_minimum"
|
489
|
-
},
|
490
|
-
"max_files": {
|
491
|
-
"$ref": "#/definitions/max_files"
|
492
486
|
}
|
493
487
|
}
|
494
488
|
}
|
@@ -542,7 +536,7 @@
|
|
542
536
|
"errors": {
|
543
537
|
"properties": {
|
544
538
|
"max_files": {
|
545
|
-
"$ref": "#/definitions/
|
539
|
+
"$ref": "#/definitions/errors_max_files"
|
546
540
|
}
|
547
541
|
}
|
548
542
|
}
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metadata_presenter
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.3.
|
4
|
+
version: 3.3.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- MoJ Forms
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-11-
|
11
|
+
date: 2023-11-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: govuk_design_system_formbuilder
|
@@ -266,16 +266,16 @@ dependencies:
|
|
266
266
|
name: site_prism
|
267
267
|
requirement: !ruby/object:Gem::Requirement
|
268
268
|
requirements:
|
269
|
-
- -
|
269
|
+
- - "<"
|
270
270
|
- !ruby/object:Gem::Version
|
271
|
-
version: '
|
271
|
+
version: '5.0'
|
272
272
|
type: :development
|
273
273
|
prerelease: false
|
274
274
|
version_requirements: !ruby/object:Gem::Requirement
|
275
275
|
requirements:
|
276
|
-
- -
|
276
|
+
- - "<"
|
277
277
|
- !ruby/object:Gem::Version
|
278
|
-
version: '
|
278
|
+
version: '5.0'
|
279
279
|
- !ruby/object:Gem::Dependency
|
280
280
|
name: sqlite3
|
281
281
|
requirement: !ruby/object:Gem::Requirement
|