ratonvirus 0.1.0

data/lib/ratonvirus/storage/carrierwave.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Ratonvirus
+  module Storage
+    class Carrierwave < Base
+      def changed?(record, attribute)
+        record.public_send :"#{attribute}_changed?"
+      end
+
+      def accept?(resource)
+        if resource.is_a?(Array)
+          resource.all? { |subr| subr.is_a?(::CarrierWave::Uploader::Base) }
+        else
+          resource.is_a?(::CarrierWave::Uploader::Base)
+        end
+      end
+
+      def asset_path(asset)
+        return unless block_given?
+        return if asset.nil?
+        return if asset.file.nil?
+
+        yield asset.file.path
+      end
+
+      def asset_remove(asset)
+        path = asset.file.path
+        result = asset.remove!
+
+        # Remove the temp cache dir if it exists
+        dir = File.dirname(path)
+        FileUtils.remove_dir(dir) if File.directory?(dir)
+      end
+    end
+  end
+end

data/lib/ratonvirus/storage/filepath.rb

@@ -0,0 +1,46 @@
+module Ratonvirus
+  module Storage
+    class Filepath < Base
+      def changed?(record, attribute)
+        if record.respond_to? :"#{attribute}_changed?"
+          return record.public_send :"#{attribute}_changed?"
+        end
+
+        # Some backends do not implement the `attribute_changed?` methods for
+        # the file resources. In that case our best guess is to check whether
+        # the whole record has changed.
+        record.changed?
+      end
+
+      def accept?(resource)
+        if resource.is_a?(Array)
+          resource.all? { |r| r.is_a?(String) || r.is_a?(File) }
+        else
+          resource.is_a?(String) || resource.is_a?(File)
+        end
+      end
+
+      def asset_path(asset, &block)
+        return unless block_given?
+
+        return unless asset
+        return if asset.empty?
+
+        if asset.respond_to?(:path)
+          # A file asset that responds to path (e.g. default `File`
+          # object).
+          asset_path(asset.path, &block)
+
+          return
+        end
+
+        # Plain file path string provided as resource
+        yield asset
+      end
+
+      def asset_remove(asset)
+        FileUtils.remove_file(asset) if File.file?(asset)
+      end
+    end
+  end
+end

data/lib/ratonvirus/storage/multi.rb

@@ -0,0 +1,78 @@
+module Ratonvirus
+  module Storage
+    # Multi storage allows the developers to configure multiple storage backends
+    # for the application at the same time. For instance, in case the scanner is
+    # used for both: scanning the Active Storage resources as well as scanning
+    # file paths, they are handled with separate storages.
+    #
+    # To configure the Multi-storage with two backends, use the following:
+    # Ratonvirus.storage = :multi, {storages: [:filepath, :active_storage]}
+    class Multi < Base
+      # Setup the @storages array with the initialized storage instances.
+      def setup
+        @storages = []
+
+        if config[:storages].is_a?(Array)
+          config[:storages].each do |storage|
+            if storage.is_a?(Array)
+              type = storage[0]
+              storage_config = storage[1]
+            else
+              type = storage
+            end
+
+            cls = Ratonvirus.backend_class('Storage', type)
+            @storages << cls.new(storage_config || {})
+          end
+        end
+      end
+
+      # Processing of the resource is handled by the first storage in the list
+      # that returns `true` for `accept?(resource)`. Any consequent storages are
+      # skipped.
+      def process(resource, &block)
+        return unless block_given?
+
+        storage_for(resource) do |storage|
+          storage.process(resource, &block)
+        end
+      end
+
+      # Fetch the resource from the record using the attribute and check if any
+      # storages accept that resource. If an accepting storage is found, only
+      # check `changed?` against that storage. Otherwise, call the `changed?`
+      # method passing both given parameters for all storages in order and
+      # return in case one of them reports the resource to be changed.
+      def changed?(record, attribute)
+        resource = record.public_send(attribute)
+
+        storage_for(resource) do |storage|
+          return storage.changed?(record, attribute)
+        end
+
+        false
+      end
+
+      # Check if any of the storages accept the resource.
+      def accept?(resource)
+        storage_for(resource) do |storage|
+          return true
+        end
+
+        false
+      end
+
+      private
+        # Iterates through the @storages array and returns the first storage
+        # that accepts the resource.
+        def storage_for(resource)
+          @storages.each do |storage|
+            if storage.accept?(resource)
+              yield storage
+              return
+            end
+          end
+        end
+    end
+  end
+end

data/lib/ratonvirus/support/backend.rb

@@ -0,0 +1,181 @@
+module Ratonvirus
+  module Support
+    # The backend implementation allows us to set different backends on the main
+    # Ratonvirus configuration, e.g. scanner and storage backends. This makes
+    # the library agnostic of the actual implementation of these both and allows
+    # the developer to configure
+    #
+    # The solution is a bit hacky monkey patch type of solution as it adds code
+    # to the underlying implementation through class_eval. The reason for this
+    # is to define arbitrary getter, setter and destroye methods that are nicer
+    # to use for the user. Wrapping this functionality to its own module
+    # makes the resulting code less prone to errors as all of the backends are
+    # defined exactly the same way.
+    #
+    # Modifying this may be tough, so be sure to test properly in case you make
+    # any modifications.
+    module Backend
+      # First argument "backend_cls":
+      #   The subclass that refers to the backend's namespace, e.g.
+      #   `"Scanner"`.
+      #
+      # Second argument "backend_type":
+      #   The backend type in the given namespace, e.g. `:eicar`
+      #
+      # The returned result will be e.g.
+      #   Ratonvirus::Scanner::Eicar
+      #   Ratonvirus::Storage::ActiveStorage
+      def backend_class(backend_cls, backend_type)
+        return backend_type if backend_type.is_a?(Class)
+
+        subclass = ActiveSupport::Inflector.camelize(backend_type.to_s)
+        ActiveSupport::Inflector.constantize(
+          "#{self.name}::#{backend_cls}::#{subclass}"
+        )
+      end
+
+      private
+        # Defines the "backend" methods.
+        #
+        # For example, this:
+        #   define_backend :foo, 'Foo'
+        #
+        # Would define the following methods:
+        #   # Getter for foo
+        #   def self.foo
+        #     @foo ||= create_foo
+        #   end
+        #
+        #   # Setter for foo
+        #   def self.foo=(foo_type)
+        #     set_backend(
+        #       :foo,
+        #       'Foo',
+        #       foo_type
+        #     )
+        #   end
+        #
+        #   # Destroys the currently active foo.
+        #   # The foo is re-initialized when the getter is called.
+        #   def self.destroy_foo
+        #     @foo = nil
+        #   end
+        #
+        #   private
+        #     def self.create_foo
+        #       if @foo_defs.nil?
+        #         raise NotDefinedError.new("Foo not defined!")
+        #       end
+        #
+        #       @foo_defs[:klass].new(@foo_defs[:config])
+        #     end
+        #
+        # Usage (getter):
+        #   Ratonvirus.foo
+        #
+        # Usage (setter):
+        #   Ratonvirus.foo = :bar
+        #   Ratonvirus.foo = :bar, {option: 'value'}
+        #   Ratonvirus.foo = Ratonvirus::Foo::Bar.new
+        #   Ratonvirus.foo = Ratonvirus::Foo::Bar.new({option: 'value'})
+        #
+        # Usage (destroyer):
+        #   Ratonvirus.destroy_foo
+        #
+        def define_backend(backend_type, backend_subclass)
+          self.class_eval <<-CODE, __FILE__, __LINE__ + 1
+            # Getter for #{backend_type}
+            def self.#{backend_type}
+              @#{backend_type} ||= create_#{backend_type}
+            end
+
+            # Setter for #{backend_type}
+            def self.#{backend_type}=(#{backend_type}_value)
+              set_backend(
+                :#{backend_type},
+                "#{backend_subclass}",
+                #{backend_type}_value
+              )
+            end
+
+            # Destroys the currently active #{backend_type}.
+            # The #{backend_type} is re-initialized when the getter is called.
+            def self.destroy_#{backend_type}
+              @#{backend_type} = nil
+            end
+
+            # Creates a new backend instance
+            # private
+            def self.create_#{backend_type}
+              if @#{backend_type}_defs.nil?
+                raise NotDefinedError.new("#{backend_subclass} not defined!")
+              end
+
+              @#{backend_type}_defs[:klass].new(
+                @#{backend_type}_defs[:config]
+              )
+            end
+            private_class_method :create_#{backend_type}
+          CODE
+        end
+
+        # Sets the backend to local variables for the backend initialization.
+        # The goal of this method is to get the following configuration set to
+        # local `@x_defs` variable, where 'x' is the type of backend.
+        #
+        # For example, for a backend with type "scanner", this would be
+        # @scanner_defs.
+        #
+        # The first argument, "backend_type" is the type of backend we are
+        # configuring, e.g. `:scanner`.
+        #
+        # The second argument "backend_cls" is the backend subclass that is
+        # used in the module's namespace, e.g. "Scanner". This would refer to
+        # subclasses `Ratonvirus::Scanner::...`.
+        #
+        # The third argument "backend_value" is the actual value the user
+        # provided for the setter method, e.g. `:eicar` or
+        # `Ratonvirus::Scanner::Eicar.new`. The user may also provide a second
+        # argument to the setter method e.g. like
+        # `Ratonvirus.scanner = :eicar, {conf: 'option'}`, in which case these
+        # both arguments are provided in this argument as an array.
+        def set_backend(backend_type, backend_cls, backend_value)
+          base_class = backend_class(backend_cls, "Base")
+
+          if backend_value.is_a?(base_class)
+            # Set the instance
+            instance_variable_set(:"@#{backend_type}", backend_value)
+
+            # Store the class (type) and config for storing them below to local
+            # variable in case it needs to be re-initialized at some point.
+            subtype = backend_value.class
+            config = backend_value.config
+          else
+            if backend_value.is_a?(Array)
+              subtype = backend_value.shift
+              config = backend_value.shift || {}
+
+              unless subtype.is_a?(Symbol)
+                raise InvalidError.new(
+                  "Invalid #{backend_type} type: #{subtype}"
+                )
+              end
+            elsif backend_value.is_a?(Symbol)
+              subtype = backend_value
+              config = {}
+            else
+              raise InvalidError.new("Invalid #{backend_type} provided!")
+            end
+
+            # Destroy the current one
+            send(:"destroy_#{backend_type}")
+          end
+
+          instance_variable_set(:"@#{backend_type}_defs", {
+            klass: backend_class(backend_cls, subtype),
+            config: config,
+          })
+        end
+    end
+  end
+end

data/lib/ratonvirus/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Ratonvirus
+  VERSION = "0.1.0"
+end

data/lib/tasks/ratonvirus.rake

@@ -0,0 +1,40 @@
+namespace :ratonvirus do
+  desc "Tests if the antivirus scanner is available and properly configured"
+  task test: :environment do
+    begin
+      if Ratonvirus.scanner.available?
+        puts "Ratonvirus correctly configured."
+      else
+        puts "Ratonvirus scanner is not available!"
+        puts ""
+        puts "Please refer to Ratonvirus documentation for proper configuration."
+      end
+    rescue
+      puts "Ratonvirus scanner is not configured."
+      puts ""
+      puts "Please refer to Ratonvirus documentation for proper configuration."
+    end
+  end
+
+  desc "Scans the given file through the antivirus scanner"
+  task scan: :environment do |t, args|
+    if args.extras.length < 1
+      puts "No files given."
+      puts "Usage:"
+      puts "  #{t.name}[/path/to/first/file.pdf,/path/to/second/file.pdf]"
+      next
+    end
+
+    args.extras.each do |path|
+      if File.file?(path)
+        if Ratonvirus.scanner.virus?(path)
+          puts "Detected a virus at: #{path}"
+        else
+          puts "Clean file at: #{path}"
+        end
+      else
+        puts "File does not exist at: #{path}"
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,179 @@
+--- !ruby/object:Gem::Specification
+name: ratonvirus
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Antti Hukkanen
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-12-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.0
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: activestorage
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: carrierwave
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+description: Adds antivirus check capability for Rails applications.
+email:
+- antti.hukkanen@mainiotech.fi
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- LICENSE
+- README.md
+- app/validators/antivirus_validator.rb
+- config/locales/en.yml
+- config/locales/fi.yml
+- config/locales/sv.yml
+- lib/ratonvirus.rb
+- lib/ratonvirus/engine.rb
+- lib/ratonvirus/error.rb
+- lib/ratonvirus/processable.rb
+- lib/ratonvirus/scanner/addon/remove_infected.rb
+- lib/ratonvirus/scanner/base.rb
+- lib/ratonvirus/scanner/eicar.rb
+- lib/ratonvirus/scanner/support/callbacks.rb
+- lib/ratonvirus/storage/active_storage.rb
+- lib/ratonvirus/storage/base.rb
+- lib/ratonvirus/storage/carrierwave.rb
+- lib/ratonvirus/storage/filepath.rb
+- lib/ratonvirus/storage/multi.rb
+- lib/ratonvirus/support/backend.rb
+- lib/ratonvirus/version.rb
+- lib/tasks/ratonvirus.rake
+homepage: https://github.com/mainio/ratonvirus
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.7
+signing_key: 
+specification_version: 4
+summary: Provides antivirus checks for Rails.
+test_files: []