paperclip 3.5.4 → 4.0.0

data/lib/paperclip/validators.rb

@@ -1,8 +1,11 @@
 require 'active_model'
 require 'active_support/concern'
 require 'paperclip/validators/attachment_content_type_validator'
+require 'paperclip/validators/attachment_file_name_validator'
 require 'paperclip/validators/attachment_presence_validator'
 require 'paperclip/validators/attachment_size_validator'
+require 'paperclip/validators/media_type_spoof_detection_validator'
+require 'paperclip/validators/attachment_file_type_ignorance_validator'
 
 module Paperclip
   module Validators
@@ -13,6 +16,8 @@ module Paperclip
       include HelperMethods
     end
 
+    ::Paperclip::REQUIRED_VALIDATORS = [AttachmentFileNameValidator, AttachmentContentTypeValidator, AttachmentFileTypeIgnoranceValidator]
+
     module ClassMethods
       # This method is a shortcut to validator classes that is in
       # "Attachment...Validator" format. It is almost the same thing as the
@@ -39,7 +44,7 @@ module Paperclip
               local_options = attributes + [validator_options]
               conditional_options = options.slice(:if, :unless)
               local_options.last.merge!(conditional_options)
-              send(:"validates_attachment_#{validator_kind}", *local_options)
+              send(Paperclip::Validators.const_get(constant.to_s).helper_method_name, *local_options)
             end
           end
         end

data/lib/paperclip/validators/attachment_content_type_validator.rb

@@ -6,6 +6,10 @@ module Paperclip
         super
       end
 
+      def self.helper_method_name
+        :validates_attachment_content_type
+      end
+
       def validate_each(record, attribute, value)
         base_attribute = attribute.to_sym
         attribute = "#{attribute}_content_type".to_sym

data/lib/paperclip/validators/attachment_file_name_validator.rb

@@ -0,0 +1,80 @@
+module Paperclip
+  module Validators
+    class AttachmentFileNameValidator < ActiveModel::EachValidator
+      def initialize(options)
+        options[:allow_nil] = true unless options.has_key?(:allow_nil)
+        super
+      end
+
+      def self.helper_method_name
+        :validates_attachment_file_name
+      end
+
+      def validate_each(record, attribute, value)
+        base_attribute = attribute.to_sym
+        attribute = "#{attribute}_file_name".to_sym
+        value = record.send :read_attribute_for_validation, attribute
+
+        return if (value.nil? && options[:allow_nil]) || (value.blank? && options[:allow_blank])
+
+        validate_whitelist(record, attribute, value)
+        validate_blacklist(record, attribute, value)
+
+        if record.errors.include? attribute
+          record.errors[attribute].each do |error|
+            record.errors.add base_attribute, error
+          end
+        end
+      end
+
+      def validate_whitelist(record, attribute, value)
+        if allowed.present? && allowed.none? { |type| type === value }
+          mark_invalid record, attribute, allowed
+        end
+      end
+
+      def validate_blacklist(record, attribute, value)
+        if forbidden.present? && forbidden.any? { |type| type === value }
+          mark_invalid record, attribute, forbidden
+        end
+      end
+
+      def mark_invalid(record, attribute, patterns)
+        record.errors.add attribute, :invalid, options.merge(:names => patterns.join(', '))
+      end
+
+      def allowed
+        [options[:matches]].flatten.compact
+      end
+
+      def forbidden
+        [options[:not]].flatten.compact
+      end
+
+      def check_validity!
+        unless options.has_key?(:matches) || options.has_key?(:not)
+          raise ArgumentError, "You must pass in either :matches or :not to the validator"
+        end
+      end
+    end
+
+    module HelperMethods
+      # Places ActiveModel validations on the name of the file
+      # assigned. The possible options are:
+      # * +matches+: Allowed filename patterns as Regexps. Can be a single one
+      #   or an array.
+      # * +not+: Forbidden file name patterns, specified the same was as +matches+.
+      # * +message+: The message to display when the uploaded file has an invalid
+      #   name.
+      # * +if+: A lambda or name of an instance method. Validation will only
+      #   be run is this lambda or method returns true.
+      # * +unless+: Same as +if+ but validates if lambda or method returns false.
+      def validates_attachment_file_name(*attr_names)
+        options = _merge_attributes(attr_names)
+        validates_with AttachmentFileNameValidator, options.dup
+        validate_before_processing AttachmentFileNameValidator, options.dup
+      end
+    end
+  end
+end
+

data/lib/paperclip/validators/attachment_file_type_ignorance_validator.rb

@@ -0,0 +1,29 @@
+require 'active_model/validations/presence'
+
+module Paperclip
+  module Validators
+    class AttachmentFileTypeIgnoranceValidator < ActiveModel::EachValidator
+      def validate_each(record, attribute, value)
+        # This doesn't do anything. It's just to mark that you don't care about
+        # the file_names or content_types of your incoming attachments.
+      end
+
+      def self.helper_method_name
+        :do_not_validate_attachment_file_type
+      end
+    end
+
+    module HelperMethods
+      # Places ActiveModel validations on the presence of a file.
+      # Options:
+      # * +if+: A lambda or name of an instance method. Validation will only
+      #   be run if this lambda or method returns true.
+      # * +unless+: Same as +if+ but validates if lambda or method returns false.
+      def do_not_validate_attachment_file_type(*attr_names)
+        options = _merge_attributes(attr_names)
+        validates_with AttachmentFileTypeIgnoranceValidator, options.dup
+      end
+    end
+  end
+end
+

data/lib/paperclip/validators/attachment_presence_validator.rb

@@ -8,6 +8,10 @@ module Paperclip
           record.errors.add(attribute, :blank, options)
         end
       end
+
+      def self.helper_method_name
+        :validates_attachment_presence
+      end
     end
 
     module HelperMethods

data/lib/paperclip/validators/attachment_size_validator.rb

@@ -10,6 +10,10 @@ module Paperclip
         super
       end
 
+      def self.helper_method_name
+        :validates_attachment_size
+      end
+
       def validate_each(record, attr_name, value)
         base_attr_name = attr_name
         attr_name = "#{attr_name}_file_size".to_sym

data/lib/paperclip/validators/media_type_spoof_detection_validator.rb

@@ -0,0 +1,27 @@
+require 'active_model/validations/presence'
+
+module Paperclip
+  module Validators
+    class MediaTypeSpoofDetectionValidator < ActiveModel::EachValidator
+      def validate_each(record, attribute, value)
+        adapter = Paperclip.io_adapters.for(value)
+        if Paperclip::MediaTypeSpoofDetector.using(adapter, value.original_filename).spoofed?
+          record.errors.add(attribute, :spoofed_media_type)
+        end
+      end
+    end
+
+    module HelperMethods
+      # Places ActiveModel validations on the presence of a file.
+      # Options:
+      # * +if+: A lambda or name of an instance method. Validation will only
+      #   be run if this lambda or method returns true.
+      # * +unless+: Same as +if+ but validates if lambda or method returns false.
+      def validates_media_type_spoof_detection(*attr_names)
+        options = _merge_attributes(attr_names)
+        validates_with MediaTypeSpoofDetectionValidator, options.dup
+        validate_before_processing MediaTypeSpoofDetectionValidator, options.dup
+      end
+    end
+  end
+end

data/lib/paperclip/version.rb

@@ -1,3 +1,3 @@
 module Paperclip
-  VERSION = "3.5.4" unless defined? Paperclip::VERSION
+  VERSION = "4.0.0" unless defined? Paperclip::VERSION
 end

data/test/attachment_definitions_test.rb

@@ -5,6 +5,7 @@ class AttachmentDefinitionsTest < Test::Unit::TestCase
     reset_class "Dummy"
     Dummy.has_attached_file :avatar, {:path => "abc"}
     Dummy.has_attached_file :other_attachment, {:url => "123"}
+    Dummy.do_not_validate_attachment_file_type :avatar
     expected = {:avatar => {:path => "abc"}, :other_attachment => {:url => "123"}}
 
     assert_equal expected, Dummy.attachment_definitions

data/test/attachment_test.rb

@@ -165,7 +165,7 @@ class AttachmentTest < Test::Unit::TestCase
                                            :default_style => 'default style',
                                            :url_generator => mock_url_generator_builder)
 
-    attachment_json = attachment.as_json
+    attachment.as_json
     assert mock_url_generator_builder.has_generated_url_with_style_name?('default style')
   end
 
@@ -346,11 +346,12 @@ class AttachmentTest < Test::Unit::TestCase
 
   context "An attachment with :hash interpolations" do
     setup do
-      @file = StringIO.new("...")
+      @file = StringIO.new("...\n")
     end
 
     should "raise if no secret is provided" do
-      @attachment = attachment :path => ":hash"
+      rebuild_model :path => ":hash"
+      @attachment = Dummy.new.avatar
       @attachment.assign @file
 
       assert_raise ArgumentError do
@@ -360,29 +361,23 @@ class AttachmentTest < Test::Unit::TestCase
 
     context "when secret is set" do
       setup do
-        @attachment = attachment :path => ":hash", :hash_secret => "w00t"
-        @attachment.stubs(:instance_read).with(:updated_at).returns(Time.at(1234567890))
-        @attachment.stubs(:instance_read).with(:file_name).returns("bla.txt")
-        @attachment.instance.id = 1234
+        rebuild_model :path => ":hash",
+          :hash_secret => "w00t",
+          :hash_data => ":class/:attachment/:style/:filename"
+        @attachment = Dummy.new.avatar
         @attachment.assign @file
       end
 
-      should "interpolate the hash data" do
-        @attachment.expects(:interpolate).with(@attachment.options[:hash_data],anything).returns("interpolated_stuff")
-        @attachment.hash_key
-      end
-
       should "result in the correct interpolation" do
-        assert_equal "fake_models/avatars/1234/original/1234567890", @attachment.send(:interpolate,@attachment.options[:hash_data])
+        assert_equal "dummies/avatars/original/data.txt",
+          @attachment.send(:interpolate, @attachment.options[:hash_data])
+        assert_equal "dummies/avatars/thumb/data.txt",
+          @attachment.send(:interpolate, @attachment.options[:hash_data], :thumb)
       end
 
       should "result in a correct hash" do
-        assert_equal "d22b617d1bf10016aa7d046d16427ae203f39fce", @attachment.path
-      end
-
-      should "generate a hash digest with the correct style" do
-        OpenSSL::HMAC.expects(:hexdigest).with(anything, anything, "fake_models/avatars/1234/medium/1234567890")
-        @attachment.path("medium")
+        assert_equal "e1079a5c34ddbd197ebd0280d07952d98a57fb30", @attachment.path
+        assert_equal "d740189bd3e49ef226fab84c8d45f7ae4126d043", @attachment.path(:thumb)
       end
     end
   end
@@ -406,15 +401,16 @@ class AttachmentTest < Test::Unit::TestCase
 
   context "An attachment with a default style and an extension interpolation" do
     setup do
-      @attachment = attachment :path => ":basename.:extension",
-                               :styles => { :default => ["100x100", :png] },
-                               :default_style => :default
-      @file = StringIO.new("...")
-      @file.stubs(:original_filename).returns("file.jpg")
+      rebuild_model :path => ":basename.:extension",
+        :styles => { :default => ["100x100", :jpg] },
+        :default_style => :default
+      @attachment = Dummy.new.avatar
+      @file = File.open(fixture_file("5k.png"))
+      @file.stubs(:original_filename).returns("file.png")
     end
     should "return the right extension for the path" do
       @attachment.assign(@file)
-      assert_equal "file.png", @attachment.path
+      assert_equal "file.jpg", @attachment.path
     end
   end
 
@@ -983,19 +979,16 @@ class AttachmentTest < Test::Unit::TestCase
         :path => ":rails_root/:attachment/:class/:style/:id/:basename.:extension"
       })
       FileUtils.rm_rf("tmp")
-      rebuild_model
+      rebuild_model :styles => { :large  => ["400x400", :jpg],
+                             :medium => ["100x100", :jpg],
+                             :small => ["32x32#", :jpg]},
+                    :default_style => :small
       @instance = Dummy.new
       @instance.stubs(:id).returns 123
-
       @file = File.new(fixture_file("uppercase.PNG"), 'rb')
 
-      styles = {:styles => { :large  => ["400x400", :jpg],
-                             :medium => ["100x100", :jpg],
-                             :small => ["32x32#", :jpg]},
-                :default_style => :small}
-      @attachment = Paperclip::Attachment.new(:avatar,
-                                              @instance,
-                                              styles)
+      @attachment = @instance.avatar
+
       now = Time.now
       Time.stubs(:now).returns(now)
       @attachment.assign(@file)
@@ -1027,7 +1020,8 @@ class AttachmentTest < Test::Unit::TestCase
       rebuild_model
       @instance = Dummy.new
       @instance.stubs(:id).returns 123
-      @attachment = Paperclip::Attachment.new(:avatar, @instance)
+      # @attachment = Paperclip::Attachment.new(:avatar, @instance)
+      @attachment = @instance.avatar
       @file = File.new(fixture_file("5k.png"), 'rb')
     end
 
@@ -1045,7 +1039,7 @@ class AttachmentTest < Test::Unit::TestCase
 
     should 'clear out the previous assignment when assigned nil' do
       @attachment.assign(@file)
-      original_file = @attachment.queued_for_write[:original]
+      @attachment.queued_for_write[:original]
       @attachment.assign(nil)
       assert_nil @attachment.queued_for_write[:original]
     end
@@ -1093,12 +1087,15 @@ class AttachmentTest < Test::Unit::TestCase
 
       context "when expecting three styles" do
         setup do
-          styles = {:styles => { :large  => ["400x400", :png],
-                                 :medium => ["100x100", :gif],
-                                 :small => ["32x32#", :jpg]}}
-          @attachment = Paperclip::Attachment.new(:avatar,
-                                                  @instance,
-                                                  styles)
+          rebuild_class :styles => {
+            :large  => ["400x400", :png],
+            :medium => ["100x100", :gif],
+            :small => ["32x32#", :jpg]
+          }
+          @instance = Dummy.new
+          @instance.stubs(:id).returns 123
+          @file = File.new(fixture_file("5k.png"), 'rb')
+          @attachment = @instance.avatar
         end
 
         context "and assigned a file" do
@@ -1129,7 +1126,7 @@ class AttachmentTest < Test::Unit::TestCase
                [:small, 32, 32, "JPEG"]].each do |style|
                 cmd = %Q[identify -format "%w %h %b %m" "#{@attachment.path(style.first)}"]
                 out = `#{cmd}`
-                width, height, size, format = out.split(" ")
+                width, height, _size, format = out.split(" ")
                 assert_equal style[1].to_s, width.to_s
                 assert_equal style[2].to_s, height.to_s
                 assert_equal style[3].to_s, format.to_s

data/test/content_type_detector_test.rb

@@ -18,16 +18,6 @@ class ContentTypeDetectorTest < Test::Unit::TestCase
     assert_equal "video/mp4", Paperclip::ContentTypeDetector.new(@filename).detect
   end
 
-  should 'find the first result that matches from the official types' do
-    @filename = "/path/to/something.bmp"
-    assert_equal "image/bmp", Paperclip::ContentTypeDetector.new(@filename).detect
-  end
-
-  should 'find the first unofficial result for this filename if no official ones exist' do
-    @filename = "/path/to/something.aiff"
-    assert_equal "audio/x-aiff", Paperclip::ContentTypeDetector.new(@filename).detect
-  end
-
   should 'find the right type in the list via the file command' do
     @filename = "#{Dir.tmpdir}/something.hahalolnotreal"
     File.open(@filename, "w+") do |file|

data/test/fixtures/empty.html

@@ -0,0 +1 @@
+<html></html>

data/test/has_attached_file_test.rb

@@ -119,7 +119,9 @@ class HasAttachedFileTest < Test::Unit::TestCase
            after_commit: nil,
            define_paperclip_callbacks: nil,
            extend: nil,
-           name: 'Billy')
+           name: 'Billy',
+           validates_media_type_spoof_detection: nil
+          )
     end
   end
 end

data/test/helper.rb

@@ -40,6 +40,7 @@ class Test::Unit::TestCase
       Rails.stubs(:root).returns(Pathname.new(ROOT).join('tmp'))
       Rails.stubs(:env).returns('test')
       Rails.stubs(:const_defined?).with(:Railtie).returns(false)
+      ActiveSupport::Deprecation.silenced = true
     end
   end
 
@@ -125,6 +126,7 @@ end
 def rebuild_class options = {}
   reset_class("Dummy").tap do |klass|
     klass.has_attached_file :avatar, options
+    klass.do_not_validate_attachment_file_type :avatar
     Paperclip.reset_duplicate_clash_check!
   end
 end
@@ -132,6 +134,7 @@ end
 def rebuild_meta_class_of obj, options = {}
   (class << obj; self; end).tap do |metaklass|
     metaklass.has_attached_file :avatar, options
+    metaklass.do_not_validate_attachment_file_type :avatar
     Paperclip.reset_duplicate_clash_check!
   end
 end
@@ -169,21 +172,21 @@ end
 
 def should_accept_dummy_class
   should "accept the class" do
-    assert_accepts @matcher, @dummy_class
+    assert_accepts @matcher, Dummy
   end
 
   should "accept an instance of that class" do
-    assert_accepts @matcher, @dummy_class.new
+    assert_accepts @matcher, Dummy.new
   end
 end
 
 def should_reject_dummy_class
   should "reject the class" do
-    assert_rejects @matcher, @dummy_class
+    assert_rejects @matcher, Dummy
   end
 
   should "reject an instance of that class" do
-    assert_rejects @matcher, @dummy_class.new
+    assert_rejects @matcher, Dummy.new
   end
 end
 
@@ -197,6 +200,10 @@ def with_exitstatus_returning(code)
   end
 end
 
+def stringy_file
+  StringIO.new('.\n')
+end
+
 def fixture_file(filename)
   File.join(File.dirname(__FILE__), 'fixtures', filename)
 end