mongoid_direct_s3_upload 0.1.0

data/app/controllers/s3_relay/uploads_controller.rb

@@ -0,0 +1,71 @@
+class S3Relay::UploadsController < ApplicationController
+
+  before_action :authenticate
+  skip_before_action :verify_authenticity_token
+
+  def new
+    render json: S3Relay::UploadPresigner.new.form_data
+  end
+
+  def create
+    @upload = S3Relay::Upload.new(upload_attrs)
+
+    if @upload.save
+      data = {
+        private_url: @upload.private_url,
+        parent_type: @upload.parent_type,
+        parent_id: @upload.parent_id,
+        user_id: user_attrs[:user_id]
+      }
+      render json: data, status: 201
+    else
+      render json: { errors: @upload.errors }, status: 422
+    end
+  end
+
+  protected
+
+  def authenticate
+    if respond_to?(:authenticate_for_s3_relay)
+      authenticate_for_s3_relay
+    end
+  end
+
+  def parent_attrs
+    type = params[:parent_type].try(:classify)
+    id   = params[:parent_id]
+
+    return {} unless type.present? && id.present? &&
+      parent = type.constantize.find(id)
+
+    begin
+      public_send(
+        "#{type.underscore.downcase}_#{params[:association]}_params",
+        parent
+      )
+    rescue NoMethodError
+      { parent: parent }
+    end
+  end
+
+  def upload_attrs
+    attrs = {
+      upload_type:  params[:association].try(:classify),
+      uuid:         params[:uuid],
+      filename:     params[:filename],
+      content_type: params[:content_type]
+    }
+
+    attrs.merge!(parent_attrs)
+    attrs.merge!(user_attrs)
+  end
+
+  def user_attrs
+    if respond_to?(:current_user) && (id = current_user&.id)
+      { user_id: id }
+    else
+      {}
+    end
+  end
+
+end

data/app/helpers/s3_relay/uploads_helper.rb

@@ -0,0 +1,24 @@
+module S3Relay
+  module UploadsHelper
+
+    def s3_relay_field(parent, association, opts={})
+      file_field     = file_field_tag(:file, opts.merge(class: "s3r-field"))
+      progress_table = content_tag(:table, "", class: "s3r-upload-list")
+      content        = [file_field, progress_table].join
+      parent_type    = parent.class.to_s.underscore.downcase
+
+      content_tag(:div, raw(content),
+        {
+          class: "s3r-container",
+          data:  {
+            parent_type: parent_type,
+            parent_id:   parent.id.to_s,
+            association: association.to_s,
+            disposition: opts.fetch(:disposition, "inline")
+          }
+        }
+      )
+    end
+
+  end
+end

data/app/models/s3_relay/upload.rb

@@ -0,0 +1,73 @@
+module S3Relay
+  class Upload
+
+    include Mongoid::Document
+
+    field :uuid
+    field :user_id, type: Integer
+    field :parent_type, type: String
+    field :parent_id, type: Integer
+    field :upload_type, type: String
+    field :filename, type: String
+    field :content_type, type: String
+    field :state, type: String
+    field :data, type: Hash, default: Hash.new
+    field :pending_at, type: DateTime
+    field :imported_at, type: DateTime
+
+    belongs_to :parent, polymorphic: true, optional: true
+
+    validates :uuid,         presence: true, uniqueness: true
+    validates :upload_type,  presence: true
+    validates :filename,     presence: true
+    validates :content_type, presence: true
+    validates :pending_at,   presence: true
+
+    after_initialize :finalize
+    after_create :notify_parent
+
+    def self.pending
+      where(state: "pending")
+    end
+
+    def self.imported
+      where(state: "imported")
+    end
+
+    def pending?
+      state == "pending"
+    end
+
+    def imported?
+      state == "imported"
+    end
+
+    def mark_imported!
+      update_attributes(state: "imported", imported_at: Time.now)
+    end
+
+    def notify_parent
+      return unless parent.present?
+
+      if parent.respond_to?(:import_upload)
+        parent.import_upload(id)
+      end
+    end
+
+    def public_url
+      S3Relay::PrivateUrl.new(uuid, filename).public_url
+    end
+
+    def private_url
+      S3Relay::PrivateUrl.new(uuid, filename).generate
+    end
+
+    private
+
+    def finalize
+      self.state      ||= "pending"
+      self.pending_at ||= Time.now
+    end
+
+  end
+end

data/config/routes.rb

@@ -0,0 +1,5 @@
+S3Relay::Engine.routes.draw do
+
+  resources :uploads, only: [:new, :create]
+
+end

data/lib/s3_relay.rb

@@ -0,0 +1,4 @@
+require "s3_relay/engine"
+
+module S3Relay
+end

data/lib/s3_relay/base.rb

@@ -0,0 +1,35 @@
+module S3Relay
+  class Base
+
+    private
+
+    def access_key_id
+      ENV["S3_RELAY_ACCESS_KEY_ID"]
+    end
+
+    def secret_access_key
+      ENV["S3_RELAY_SECRET_ACCESS_KEY"]
+    end
+
+    def region
+      ENV["S3_RELAY_REGION"]
+    end
+
+    def bucket
+      ENV["S3_RELAY_BUCKET"]
+    end
+
+    def acl
+      ENV["S3_RELAY_ACL"]
+    end
+
+    def endpoint
+      "https://#{bucket}.s3-#{region}.amazonaws.com"
+    end
+
+    def digest
+      OpenSSL::Digest.new("sha1")
+    end
+
+  end
+end

data/lib/s3_relay/engine.rb

@@ -0,0 +1,16 @@
+module S3Relay
+  class Engine < ::Rails::Engine
+    isolate_namespace S3Relay
+
+    initializer "s3_relay.action_controller" do |app|
+      ActiveSupport.on_load :action_controller do
+        helper S3Relay::UploadsHelper
+      end
+    end
+  end
+end
+
+require "s3_relay/base"
+require "s3_relay/model"
+require "s3_relay/private_url"
+require "s3_relay/upload_presigner"

data/lib/s3_relay/model.rb

@@ -0,0 +1,51 @@
+module S3Relay
+  module Model
+
+    def s3_relay(attribute, has_many=false)
+      upload_type = attribute.to_s.classify
+
+      if has_many
+        has_many attribute, as: :parent, class_name: "S3Relay::Upload"
+
+        define_method attribute do
+          S3Relay::Upload
+            .where(
+              parent_type: self.class.to_s,
+              parent_id:   self.id,
+              upload_type: upload_type
+            )
+        end
+      else
+        has_one attribute, as: :parent, class_name: "S3Relay::Upload"
+
+        define_method attribute do
+          S3Relay::Upload
+            .where(
+              parent_type: self.class.to_s,
+              parent_id:   self.id,
+              upload_type: upload_type
+            )
+            .order(:pending_at => 'desc').last
+        end
+      end
+
+      virtual_attribute = "new_#{attribute}_uuids"
+      attr_accessor virtual_attribute
+
+      association_method = "associate_#{attribute}"
+
+      after_save association_method.to_sym
+
+      define_method association_method do
+        new_uuids = send(virtual_attribute)
+        return if new_uuids.blank?
+
+        S3Relay::Upload.where(uuid: new_uuids, upload_type: upload_type)
+          .update_all(parent_type: self.class.to_s, parent_id: self.id)
+      end
+
+    end
+
+  end
+
+end

data/lib/s3_relay/private_url.rb

@@ -0,0 +1,37 @@
+module S3Relay
+  class PrivateUrl < S3Relay::Base
+
+    attr_reader :expires, :path
+
+    def initialize(uuid, file, options={})
+      filename = Addressable::URI.escape(file).gsub("+", "%2B")
+      @path    = [uuid, filename].join("/")
+      @expires = (options[:expires] || 10.minutes.from_now).to_i
+    end
+
+    def generate
+      "#{public_url}?#{params}"
+    end
+
+    def public_url
+      "#{endpoint}/#{path}"
+    end
+
+    private
+
+    def params
+      [
+        "AWSAccessKeyId=#{access_key_id}",
+        "Expires=#{expires}",
+        "Signature=#{signature}"
+      ].join("&")
+    end
+
+    def signature
+      string = "GET\n\n\n#{expires}\n/#{bucket}/#{path}"
+      hmac   = OpenSSL::HMAC.digest(digest, secret_access_key, string)
+      CGI.escape(Base64.encode64(hmac).strip)
+    end
+
+  end
+end

data/lib/s3_relay/s3_relay.rb

@@ -0,0 +1,4 @@
+require "s3_relay/engine"
+
+module S3Relay
+end

data/lib/s3_relay/upload_presigner.rb

@@ -0,0 +1,61 @@
+module S3Relay
+  class UploadPresigner < S3Relay::Base
+
+    attr_reader :expires, :uuid
+
+    def initialize(options={})
+      @expires = (options[:expires] || 1.minute.from_now).utc.xmlschema
+      @uuid    = SecureRandom.uuid
+    end
+
+    def form_data
+      fields.keys.inject({}) { |h,k| h[k.downcase.underscore] = fields[k]; h }
+        .merge(
+          "endpoint"  => endpoint,
+          "policy"    => encoded_policy,
+          "signature" => signature,
+          "uuid"      => uuid
+        )
+    end
+
+    private
+
+    def fields
+      {
+        "AWSAccessKeyID"               => access_key_id,
+        "x-amz-server-side-encryption" => "AES256",
+        "key"                          => "#{uuid}/${filename}",
+        "success_action_status"        => "201",
+        "acl"                          => acl
+      }
+    end
+
+    def hmac
+      lambda { |data| OpenSSL::HMAC.digest(digest, secret_access_key, data) }
+    end
+
+    def policy_document
+      {
+        "expiration" => expires,
+        "conditions" => [
+          { "bucket" => bucket },
+          { "acl" => acl },
+          { "x-amz-server-side-encryption" => "AES256" },
+          { "success_action_status" => "201" },
+          ["starts-with", "$content-type", ""],
+          ["starts-with", "$content-disposition", ""],
+          ["starts-with", "$key", "#{uuid}/"]
+        ]
+      }
+    end
+
+    def encoded_policy
+      Base64.strict_encode64(policy_document.to_json)
+    end
+
+    def signature
+      Base64.strict_encode64(hmac[encoded_policy])
+    end
+
+  end
+end

data/lib/s3_relay/version.rb

@@ -0,0 +1,3 @@
+module S3Relay
+  VERSION = "0.1.0"
+end

data/test/controllers/s3_relay/uploads_controller_test.rb

@@ -0,0 +1,144 @@
+require "test_helper"
+
+module S3Relay
+  describe UploadsController do
+    before do
+      S3Relay::Base.any_instance.stubs(:access_key_id)
+        .returns("access-key-id")
+      S3Relay::Base.any_instance.stubs(:secret_access_key)
+        .returns("secret-access-key")
+      S3Relay::Base.any_instance.stubs(:region)
+        .returns("region")
+      S3Relay::Base.any_instance.stubs(:bucket)
+        .returns("bucket")
+      S3Relay::Base.any_instance.stubs(:acl)
+        .returns("acl")
+    end
+
+    describe "GET new" do
+      it do
+        uuid = "123-456-789"
+        time = Time.parse("2014-12-01 12:00am")
+        S3Relay::UploadPresigner.any_instance.stubs(:uuid).returns(uuid)
+        S3Relay::UploadPresigner.any_instance.stubs(:expires).returns(time)
+
+        get new_s3_relay_upload_url
+        assert_response 200
+
+        data = JSON.parse(response.body)
+
+        data["awsaccesskeyid"].must_equal "access-key-id"
+        data["x_amz_server_side_encryption"].must_equal "AES256"
+        data["key"].must_equal "#{uuid}/${filename}"
+        data["success_action_status"].must_equal "201"
+        data["acl"].must_equal "acl"
+        data["endpoint"].must_equal "https://bucket.s3-region.amazonaws.com"
+        data["policy"].length.must_equal 380  # TODO: Improve this
+        data["signature"].length.must_equal 28  # TODO: Improve this
+        data["uuid"].must_equal uuid
+      end
+    end
+
+    describe "POST create" do
+
+      describe "success" do
+        it do
+          assert_difference "S3Relay::Upload.count", 1 do
+            post s3_relay_uploads_url, params: {
+              association:  "photo_uploads",
+              uuid:         SecureRandom.uuid,
+              filename:     "cat.png",
+              content_type: "image/png"
+            }
+          end
+
+          assert_response 201
+        end
+
+        describe "with parent attributes" do
+          describe "matching an object" do
+            before { @product = FactoryGirl.create(:product) }
+
+            it do
+              assert_difference "@product.photo_uploads.count", 1 do
+                post s3_relay_uploads_url, params: {
+                  association:  "photo_uploads",
+                  uuid:         SecureRandom.uuid,
+                  filename:     "cat.png",
+                  content_type: "image/png",
+                  parent_type:  @product.class.to_s,
+                  parent_id:    @product.id.to_s
+                }
+              end
+
+              assert_response 201
+            end
+          end
+
+          describe "not matching an object" do
+            it do
+              assert_difference "S3Relay::Upload.count" do
+                post s3_relay_uploads_url, params: {
+                  association:  "photo_uploads",
+                  uuid:         SecureRandom.uuid,
+                  filename:     "cat.png",
+                  content_type: "image/png",
+                  parent_type:  "Product",
+                  parent_id:    "10000000"
+                }
+              end
+
+              assert_response 201
+              body = JSON.parse(response.body)
+
+              assert body["parent_type"] == nil
+              assert body["parent_id"] == nil
+            end
+          end
+
+          describe "with a current_user" do
+            before do
+              @user = OpenStruct.new(id: 123)
+              UploadsController.any_instance.stubs(:current_user).returns(@user)
+            end
+
+            it "associates the upload with the user" do
+              assert_difference "S3Relay::Upload.count", 1 do
+                post s3_relay_uploads_url, params: {
+                  association:  "photo_uploads",
+                  uuid:         SecureRandom.uuid,
+                  filename:     "cat.png",
+                  content_type: "image/png"
+                }
+              end
+
+              assert_response 201
+              body = JSON.parse(response.body)
+              body["user_id"].must_equal @user.id
+            end
+          end
+
+        end
+      end
+
+      describe "error" do
+        it do
+          assert_no_difference "S3Relay::Upload.count" do
+            post s3_relay_uploads_url, params: {
+              uuid:         SecureRandom.uuid,
+              filename:     "cat.png",
+              content_type: "image/png"
+            }
+          end
+
+          assert_response 422
+
+          JSON.parse(response.body)["errors"]["upload_type"]
+            .must_include "can't be blank"
+        end
+      end
+
+    end
+
+  end
+end