paperclip 3.5.4 → 5.3.0

data/lib/paperclip/io_adapters/registry.rb

@@ -12,6 +12,10 @@ module Paperclip
       @registered_handlers << [block, handler_class]
     end
 
+    def unregister(handler_class)
+      @registered_handlers.reject! { |_, klass| klass == handler_class }
+    end
+
     def handler_for(target)
       @registered_handlers.each do |tester, handler|
         return handler if tester.call(target)
@@ -25,8 +29,8 @@ module Paperclip
       end
     end
 
-    def for(target)
-      handler_for(target).new(target)
+    def for(target, options = {})
+      handler_for(target).new(target, options)
     end
   end
 end

data/lib/paperclip/io_adapters/stringio_adapter.rb

@@ -1,9 +1,14 @@
 module Paperclip
   class StringioAdapter < AbstractAdapter
-    def initialize(target)
-      @target = target
+    def self.register
+      Paperclip.io_adapters.register self do |target|
+        StringIO === target
+      end
+    end
+
+    def initialize(target, options = {})
+      super
       cache_current_values
-      @tempfile = copy_to_tempfile
     end
 
     attr_writer :content_type
@@ -11,27 +16,21 @@ module Paperclip
     private
 
     def cache_current_values
-      @original_filename = @target.original_filename if @target.respond_to?(:original_filename)
-      @original_filename ||= "stringio.txt"
-      self.original_filename = @original_filename.strip
-
-      @content_type = @target.content_type if @target.respond_to?(:content_type)
-      @content_type ||= "text/plain"
-
+      self.original_filename = @target.original_filename if @target.respond_to?(:original_filename)
+      self.original_filename ||= "data"
+      @tempfile = copy_to_tempfile(@target)
+      @content_type = ContentTypeDetector.new(@tempfile.path).detect
       @size = @target.size
     end
 
-    def copy_to_tempfile
-      while data = @target.read(16*1024)
+    def copy_to_tempfile(source)
+      while data = source.read(16*1024)
         destination.write(data)
       end
       destination.rewind
       destination
     end
-
   end
 end
 
-Paperclip.io_adapters.register Paperclip::StringioAdapter do |target|
-  StringIO === target
-end
+Paperclip::StringioAdapter.register

data/lib/paperclip/io_adapters/uploaded_file_adapter.rb

@@ -1,7 +1,13 @@
 module Paperclip
   class UploadedFileAdapter < AbstractAdapter
-    def initialize(target)
-      @target = target
+    def self.register
+      Paperclip.io_adapters.register self do |target|
+        target.class.name.include?("UploadedFile")
+      end
+    end
+
+    def initialize(target, options = {})
+      super
       cache_current_values
 
       if @target.respond_to?(:tempfile)
@@ -24,7 +30,7 @@ module Paperclip
     end
 
     def content_type_detector
-      self.class.content_type_detector
+      self.class.content_type_detector || Paperclip::ContentTypeDetector
     end
 
     def determine_content_type
@@ -37,6 +43,4 @@ module Paperclip
   end
 end
 
-Paperclip.io_adapters.register Paperclip::UploadedFileAdapter do |target|
-  target.class.name.include?("UploadedFile")
-end
+Paperclip::UploadedFileAdapter.register

data/lib/paperclip/io_adapters/uri_adapter.rb

@@ -1,35 +1,61 @@
-require 'open-uri'
+require "open-uri"
 
 module Paperclip
   class UriAdapter < AbstractAdapter
-    def initialize(target)
-      @target = target
+    attr_writer :content_type
+
+    def self.register
+      Paperclip.io_adapters.register self do |target|
+        target.is_a?(URI)
+      end
+    end
+
+    def initialize(target, options = {})
+      super
       @content = download_content
       cache_current_values
       @tempfile = copy_to_tempfile(@content)
     end
 
-    attr_writer :content_type
-
     private
 
-    def download_content
-      open(@target)
+    def cache_current_values
+      self.content_type = content_type_from_content || "text/html"
+
+      self.original_filename = filename_from_content_disposition ||
+                               filename_from_path || default_filename
+      @size = @content.size
     end
 
-    def cache_current_values
-      @original_filename = @target.path.split("/").last
-      @original_filename ||= "index.html"
-      self.original_filename = @original_filename.strip
+    def content_type_from_content
+      if @content.respond_to?(:content_type)
+        @content.content_type
+      end
+    end
+
+    def filename_from_content_disposition
+      if @content.meta.key?("content-disposition")
+        matches = @content.meta["content-disposition"].match(/filename="([^"]*)"/)
+        matches[1] if matches
+      end
+    end
 
-      @content_type = @content.content_type if @content.respond_to?(:content_type)
-      @content_type ||= "text/html"
+    def filename_from_path
+      @target.path.split("/").last
+    end
 
-      @size = @content.size
+    def default_filename
+      "index.html"
+    end
+
+    def download_content
+      options = { read_timeout: Paperclip.options[:read_timeout] }.compact
+
+      open(@target, **options)
     end
 
     def copy_to_tempfile(src)
-      while data = src.read(16*1024)
+      while data = src.read(16 * 1024)
         destination.write(data)
       end
       src.close
@@ -38,7 +64,3 @@ module Paperclip
     end
   end
 end
-
-Paperclip.io_adapters.register Paperclip::UriAdapter do |target|
-  target.kind_of?(URI)
-end

data/lib/paperclip/locales/en.yml

@@ -2,6 +2,7 @@ en:
   errors:
     messages:
       in_between: "must be in between %{min} and %{max}"
+      spoofed_media_type: "has contents that are not what they are reported to be"
 
   number:
     human:

data/lib/paperclip/matchers/have_attached_file_matcher.rb

@@ -27,9 +27,10 @@ module Paperclip
           "Should have an attachment named #{@attachment_name}"
         end
 
-        def negative_failure_message
+        def failure_message_when_negated
           "Should not have an attachment named #{@attachment_name}"
         end
+        alias negative_failure_message failure_message_when_negated
 
         def description
           "have an attachment named #{@attachment_name}"

data/lib/paperclip/matchers/validate_attachment_content_type_matcher.rb

@@ -40,9 +40,9 @@ module Paperclip
 
         def failure_message
           "#{expected_attachment}\n".tap do |message|
-            message << accepted_types_and_failures
+            message << accepted_types_and_failures.to_s
             message << "\n\n" if @allowed_types.present? && @rejected_types.present?
-            message << rejected_types_and_failures
+            message << rejected_types_and_failures.to_s
           end
         end
 
@@ -55,7 +55,7 @@ module Paperclip
         def accepted_types_and_failures
           if @allowed_types.present?
             "Accept content types: #{@allowed_types.join(", ")}\n".tap do |message|
-              if @missing_allowed_types.any?
+              if @missing_allowed_types.present?
                 message << "  #{@missing_allowed_types.join(", ")} were rejected."
               else
                 message << "  All were accepted successfully."
@@ -66,7 +66,7 @@ module Paperclip
         def rejected_types_and_failures
           if @rejected_types.present?
             "Reject content types: #{@rejected_types.join(", ")}\n".tap do |message|
-              if @missing_rejected_types.any?
+              if @missing_rejected_types.present?
                 message << "  #{@missing_rejected_types.join(", ")} were accepted."
               else
                 message << "  All were rejected successfully."

data/lib/paperclip/matchers/validate_attachment_presence_matcher.rb

@@ -26,9 +26,10 @@ module Paperclip
           "Attachment #{@attachment_name} should be required"
         end
 
-        def negative_failure_message
+        def failure_message_when_negated
           "Attachment #{@attachment_name} should not be required"
         end
+        alias negative_failure_message failure_message_when_negated
 
         def description
           "require presence of attachment #{@attachment_name}"

data/lib/paperclip/matchers/validate_attachment_size_matcher.rb

@@ -45,9 +45,10 @@ module Paperclip
           "Attachment #{@attachment_name} must be between #{@low} and #{@high} bytes"
         end
 
-        def negative_failure_message
+        def failure_message_when_negated
           "Attachment #{@attachment_name} cannot be between #{@low} and #{@high} bytes"
         end
+        alias negative_failure_message failure_message_when_negated
 
         def description
           "validate the size of attachment #{@attachment_name}"

data/lib/paperclip/media_type_spoof_detector.rb

@@ -0,0 +1,90 @@
+module Paperclip
+  class MediaTypeSpoofDetector
+    def self.using(file, name, content_type)
+      new(file, name, content_type)
+    end
+
+    def initialize(file, name, content_type)
+      @file = file
+      @name = name
+      @content_type = content_type || ""
+    end
+
+    def spoofed?
+      if has_name? && has_extension? && media_type_mismatch? && mapping_override_mismatch?
+        Paperclip.log("Content Type Spoof: Filename #{File.basename(@name)} (#{supplied_content_type} from Headers, #{content_types_from_name.map(&:to_s)} from Extension), content type discovered from file command: #{calculated_content_type}. See documentation to allow this combination.")
+        true
+      else
+        false
+      end
+    end
+
+    private
+
+    def has_name?
+      @name.present?
+    end
+
+    def has_extension?
+      File.extname(@name).present?
+    end
+
+    def media_type_mismatch?
+      supplied_type_mismatch? || calculated_type_mismatch?
+    end
+
+    def supplied_type_mismatch?
+      supplied_media_type.present? && !media_types_from_name.include?(supplied_media_type)
+    end
+
+    def calculated_type_mismatch?
+      !media_types_from_name.include?(calculated_media_type)
+    end
+
+    def mapping_override_mismatch?
+      !Array(mapped_content_type).include?(calculated_content_type)
+    end
+
+
+    def supplied_content_type
+      @content_type
+    end
+
+    def supplied_media_type
+      @content_type.split("/").first
+    end
+
+    def content_types_from_name
+      @content_types_from_name ||= MIME::Types.type_for(@name)
+    end
+
+    def media_types_from_name
+      @media_types_from_name ||= content_types_from_name.collect(&:media_type)
+    end
+
+    def calculated_content_type
+      @calculated_content_type ||= type_from_file_command.chomp
+    end
+
+    def calculated_media_type
+      @calculated_media_type ||= calculated_content_type.split("/").first
+    end
+
+    def type_from_file_command
+      begin
+        Paperclip.run("file", "-b --mime :file", file: @file.path).
+          split(/[:;\s]+/).first
+      rescue Terrapin::CommandLineError
+        ""
+      end
+    end
+
+    def mapped_content_type
+      Paperclip.options[:content_type_mappings][filename_extension]
+    end
+
+    def filename_extension
+      File.extname(@name.to_s.downcase).sub(/^\./, '').to_sym
+    end
+  end
+end

data/lib/paperclip/processor.rb

@@ -7,13 +7,14 @@ module Paperclip
   # Processors are required to be defined inside the Paperclip module and
   # are also required to be a subclass of Paperclip::Processor. There is
   # only one method you *must* implement to properly be a subclass:
-  # #make, but #initialize may also be of use. Both methods accept 3
+  # #make, but #initialize may also be of use. #initialize accepts 3
   # arguments: the file that will be operated on (which is an instance of
   # File), a hash of options that were defined in has_attached_file's
-  # style hash, and the Paperclip::Attachment itself.
+  # style hash, and the Paperclip::Attachment itself. These are set as
+  # instance variables that can be used within `#make`.
   #
-  # All #make needs to return is an instance of File (Tempfile is
-  # acceptable) which contains the results of the processing.
+  # #make must return an instance of File (Tempfile is acceptable) which
+  # contains the results of the processing.
   #
   # See Paperclip.run for more information about using command-line
   # utilities from within Processors.
@@ -45,41 +46,4 @@ module Paperclip
       Paperclip.run('identify', arguments, local_options)
     end
   end
-
-  module ProcessorHelpers
-    def processor(name) #:nodoc:
-      @known_processors ||= {}
-      if @known_processors[name.to_s]
-        @known_processors[name.to_s]
-      else
-        name = name.to_s.camelize
-        load_processor(name) unless Paperclip.const_defined?(name)
-        processor = Paperclip.const_get(name)
-        @known_processors[name.to_s] = processor
-      end
-    end
-
-    def load_processor(name)
-      if defined?(Rails.root) && Rails.root
-        require File.expand_path(Rails.root.join("lib", "paperclip_processors", "#{name.underscore}.rb"))
-      end
-    end
-
-    def clear_processors!
-      @known_processors.try(:clear)
-    end
-
-    # You can add your own processor via the Paperclip configuration. Normally
-    # Paperclip will load all processors from the
-    # Rails.root/lib/paperclip_processors directory, but here you can add any
-    # existing class using this mechanism.
-    #
-    #   Paperclip.configure do |c|
-    #     c.register_processor :watermarker, WatermarkingProcessor.new
-    #   end
-    def register_processor(name, processor)
-      @known_processors ||= {}
-      @known_processors[name.to_s] = processor
-    end
-  end
 end

data/lib/paperclip/processor_helpers.rb

@@ -0,0 +1,50 @@
+module Paperclip
+  module ProcessorHelpers
+    class NoSuchProcessor < StandardError; end
+
+    def processor(name) #:nodoc:
+      @known_processors ||= {}
+      if @known_processors[name.to_s]
+        @known_processors[name.to_s]
+      else
+        name = name.to_s.camelize
+        load_processor(name) unless Paperclip.const_defined?(name)
+        processor = Paperclip.const_get(name)
+        @known_processors[name.to_s] = processor
+      end
+    end
+
+    def load_processor(name)
+      if defined?(Rails.root) && Rails.root
+        filename = "#{name.to_s.underscore}.rb"
+        directories = %w(lib/paperclip lib/paperclip_processors)
+
+        required = directories.map do |directory|
+          pathname = File.expand_path(Rails.root.join(directory, filename))
+          file_exists = File.exist?(pathname)
+          require pathname if file_exists
+          file_exists
+        end
+
+        raise LoadError, "Could not find the '#{name}' processor in any of these paths: #{directories.join(', ')}" unless required.any?
+      end
+    end
+
+    def clear_processors!
+      @known_processors.try(:clear)
+    end
+
+    # You can add your own processor via the Paperclip configuration. Normally
+    # Paperclip will load all processors from the
+    # Rails.root/lib/paperclip_processors directory, but here you can add any
+    # existing class using this mechanism.
+    #
+    #   Paperclip.configure do |c|
+    #     c.register_processor :watermarker, WatermarkingProcessor.new
+    #   end
+    def register_processor(name, processor)
+      @known_processors ||= {}
+      @known_processors[name.to_s] = processor
+    end
+  end
+end

data/lib/paperclip/rails_environment.rb

@@ -0,0 +1,25 @@
+module Paperclip
+  class RailsEnvironment
+    def self.get
+      new.get
+    end
+
+    def get
+      if rails_exists? && rails_environment_exists?
+        Rails.env
+      else
+        nil
+      end
+    end
+
+    private
+
+    def rails_exists?
+      Object.const_defined?(:Rails)
+    end
+
+    def rails_environment_exists?
+      Rails.respond_to?(:env)
+    end
+  end
+end

data/lib/paperclip/schema.rb

@@ -12,19 +12,19 @@ module Paperclip
       ActiveRecord::ConnectionAdapters::Table.send :include, TableDefinition
       ActiveRecord::ConnectionAdapters::TableDefinition.send :include, TableDefinition
       ActiveRecord::ConnectionAdapters::AbstractAdapter.send :include, Statements
-
-      if defined?(ActiveRecord::Migration::CommandRecorder) # Rails 3.1+
-        ActiveRecord::Migration::CommandRecorder.send :include, CommandRecorder
-      end
+      ActiveRecord::Migration::CommandRecorder.send :include, CommandRecorder
     end
 
     module Statements
       def add_attachment(table_name, *attachment_names)
         raise ArgumentError, "Please specify attachment name in your add_attachment call in your migration." if attachment_names.empty?
 
+        options = attachment_names.extract_options!
+
         attachment_names.each do |attachment_name|
           COLUMNS.each_pair do |column_name, column_type|
-            add_column(table_name, "#{attachment_name}_#{column_name}", column_type)
+            column_options = options.merge(options[column_name.to_sym] || {})
+            add_column(table_name, "#{attachment_name}_#{column_name}", column_type, column_options)
           end
         end
       end
@@ -33,7 +33,7 @@ module Paperclip
         raise ArgumentError, "Please specify attachment name in your remove_attachment call in your migration." if attachment_names.empty?
 
         attachment_names.each do |attachment_name|
-          COLUMNS.each_pair do |column_name, column_type|
+          COLUMNS.keys.each do |column_name|
             remove_column(table_name, "#{attachment_name}_#{column_name}")
           end
         end
@@ -47,9 +47,11 @@ module Paperclip
 
     module TableDefinition
       def attachment(*attachment_names)
+        options = attachment_names.extract_options!
         attachment_names.each do |attachment_name|
           COLUMNS.each_pair do |column_name, column_type|
-            column("#{attachment_name}_#{column_name}", column_type)
+            column_options = options.merge(options[column_name.to_sym] || {})
+            column("#{attachment_name}_#{column_name}", column_type, column_options)
           end
         end
       end

data/lib/paperclip/storage/filesystem.rb

@@ -37,7 +37,7 @@ module Paperclip
         @queued_for_write.each do |style_name, file|
           FileUtils.mkdir_p(File.dirname(path(style_name)))
           begin
-            FileUtils.mv(file.path, path(style_name))
+            move_file(file.path, path(style_name))
           rescue SystemCallError
             File.open(path(style_name), "wb") do |new_file|
               while chunk = file.read(16 * 1024)
@@ -46,7 +46,7 @@ module Paperclip
             end
           end
           unless @options[:override_file_permissions] == false
-            resolved_chmod = (@options[:override_file_permissions] &~ 0111) || (0666 &~ File.umask)
+            resolved_chmod = (@options[:override_file_permissions] & ~0111) || (0666 & ~File.umask)
             FileUtils.chmod( resolved_chmod, path(style_name) )
           end
           file.rewind
@@ -69,7 +69,7 @@ module Paperclip
             while(true)
               path = File.dirname(path)
               FileUtils.rmdir(path)
-              break if File.exists?(path) # Ruby 1.9.2 does not raise if the removal failed.
+              break if File.exist?(path) # Ruby 1.9.2 does not raise if the removal failed.
             end
           rescue Errno::EEXIST, Errno::ENOTEMPTY, Errno::ENOENT, Errno::EINVAL, Errno::ENOTDIR, Errno::EACCES
             # Stop trying to remove parent directories
@@ -84,6 +84,17 @@ module Paperclip
       def copy_to_local_file(style, local_dest_path)
         FileUtils.cp(path(style), local_dest_path)
       end
+
+      private
+
+      def move_file(src, dest)
+        # Support hardlinked files
+        if File.identical?(src, dest)
+          File.unlink(src)
+        else
+          FileUtils.mv(src, dest)
+        end
+      end
     end
 
   end