ratonvirus 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b47a31e5d403f39f0b7496a292532b2dbaa5c38fe624368b09a2cb28c949623
-  data.tar.gz: 7a37d2f6d7b20e45c417b87ea22bbadbaf434714c1ce7082c1b4a4d87b646845
+  metadata.gz: 7fa55b1025e3d8099f86b8b9e9157cbd4473980441aac2c7acc98b92cf2c3ff6
+  data.tar.gz: f219700545adb3593677af4fad1bb9d198892fc94bd128101a817169118254a0
 SHA512:
-  metadata.gz: a52088960f46b6e4aad10616e9f2b65ad082490bd7158484178f88cc6aa68fa76397e471fa4e791e38cd51bcca799aabdbe868656c03226a9157bb2d82be4aaa
-  data.tar.gz: 62b103a30f7711cad63d9c9095eec42f98baf372b7fe2308ee03dc3ae063a74bf458afa8026e36ac10aa184df40302a9d721eafbbd93f6fc92efcc090efd9c4c
+  metadata.gz: 5fcd623e174c648393cc5489c27ce685ee0da9282a7289122a537daacff67950323123e7698da610af6a77b19b63753accb41ca22d06098dc95f4f8d41a109f9
+  data.tar.gz: 85100d78a0e6a476cb4c4e3dde833381e7ac2219d4c9127cef4f07458b8ca56ba3a0977275f5d715f64cbab7989bbcb047c733dade35e6d6a95192b48005d0bd

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+# v0.1.1
+
+Fixed:
+
+- Rescue file not found exception for blob.download [#2](https://github.com/mainio/ratonvirus/pull/2)
+
 # v0.1.0
 
 Initial public release.

data/lib/ratonvirus/storage/active_storage.rb

@@ -3,21 +3,9 @@
 module Ratonvirus
   module Storage
     class ActiveStorage < Base
-      def changed?(_record, _attribute)
-        # With Active Storage we assume the record is always changed because
-        # there is currently no way to know if the attribute has actually
-        # changed.
-        #
-        # Calling record.changed? will not also work because it is not marked
-        # as dirty in case the Active Storage attachment has changed.
-        #
-        # NOTE:
-        # This should be changed in the future as the `attachment_changes` was
-        # introduced to Rails by this commit:
-        # https://github.com/rails/rails/commit/e8682c5bf051517b0b265e446aa1a7eccfd47bf7
-        #
-        # However, it is still not available in Rails 5.2.x.
-        true
+      def changed?(record, attribute)
+        resource = record.public_send attribute
+        !resource.record.attachment_changes[resource.name].nil?
       end
 
       def accept?(resource)
@@ -25,65 +13,114 @@ module Ratonvirus
           resource.is_a?(::ActiveStorage::Attached::Many)
       end
 
-      def process(resource, &_block)
+      def process(resource, &block)
         return unless block_given?
         return if resource.nil?
-
         return unless resource.attached?
 
-        if resource.is_a?(::ActiveStorage::Attached::One)
-          yield processable(resource.attachment) if resource.attachment
-        elsif resource.is_a?(::ActiveStorage::Attached::Many)
-          resource.attachments.each do |attachment|
-            yield processable(attachment)
-          end
+        change = resource.record.attachment_changes[resource.name]
+
+        if change.is_a?(::ActiveStorage::Attached::Changes::CreateOne)
+          handle_create_one(change, &block)
+        elsif change.is_a?(::ActiveStorage::Attached::Changes::CreateMany)
+          handle_create_many(change, &block)
         end
       end
 
       def asset_path(asset, &block)
         return unless block_given?
-        return if asset.nil?
-        return unless asset.blob
+        return unless asset.is_a?(Array)
 
-        blob_path asset.blob, &block
+        ext = asset[0].filename.extension_with_delimiter
+        case asset[1]
+        when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile
+          # These files should be already locally stored but their permissions
+          # can prevent the virus scanner executable from accessing them.
+          # Therefore, a temporary file is created for them as well.
+          io_path(asset[1], ext, &block)
+        when Hash
+          io = asset[1].fetch(:io)
+          io_path(io, ext, &block) if io
+        when ::ActiveStorage::Blob
+          asset[1].open do |tempfile|
+            prepare_for_scanner tempfile.path
+            yield tempfile.path
+          end
+        end
       end
 
+      # This is actually only required for the dyncamic blob uploads but for
+      # consistency, it is handled for all the cases accordingly either by
+      # closing the tempfile of the upload which also removes the file when
+      # called with the bang method. For the IO references, the IO is closed
+      # which should trigger the file deletion by latest at the Rack or Ruby
+      # level during garbage collection. There is no guarantee that the file
+      # for which the IO was opened would be deleted beause the IO itself is
+      # not necessarily associated with an actual file.
       def asset_remove(asset)
-        asset.purge
+        return unless asset.is_a?(Array)
+
+        case asset[1]
+        when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile
+          # This removes the temp file from the system.
+          asset[1].tempfile.close!
+        when Hash
+          # No guarantee all references for the file are deleted.
+          io = asset[1].fetch(:io)
+          io.close
+        when ::ActiveStorage::Blob
+          # This deletes the dynamically uploaded blobs that might not be
+          # associated with any record at this point. This ensures the blobs are
+          # not left "hanging" in the storage system and the database in case
+          # automatic file deletion is applied.
+          asset[1].purge
+        end
       end
 
       private
 
-      # This creates a local copy of the blob for the scanning process. A
-      # local copy is needed for processing because the actual blob may be
-      # stored at a remote storage service (such as Amazon S3), meaning it
-      # cannot be otherwise processed locally.
-      #
-      # NOTE:
-      # Later implementations of Active Storage have the blob.open method that
-      # provides similar functionality. However, Rails 5.2.x still does not
-      # include this functionality, so we need to take care of it ourselves.
-      #
-      # This was introduced in the following commit:
-      # https://github.com/rails/rails/commit/ee21b7c2eb64def8f00887a9fafbd77b85f464f1
-      #
-      # SEE:
-      # https://edgeguides.rubyonrails.org/active_storage_overview.html#downloading-files
-      def blob_path(blob)
+      def handle_create_one(change, &block)
+        yield_processable_from(change, &block)
+      end
+
+      def handle_create_many(change, &block)
+        change.send(:subchanges).each do |subchange|
+          yield_processable_from(subchange, &block)
+        end
+      end
+
+      def yield_processable_from(change, &_block)
+        attachable = change.attachable
+        return unless attachable
+        return if attachable.is_a?(::ActiveStorage::Blob)
+
+        # If the attachable is a string, it is a reference to an already
+        # existing blob. This can happen e.g. when the file blob is uploaded
+        # dynamically before the form is submitted.
+        attachable = change.attachment.blob if attachable.is_a?(String)
+
+        yield processable([change.attachment, attachable])
+      end
+
+      # This creates a local copy of the io contents for the scanning process. A
+      # local copy is needed for processing because the io object may be a file
+      # stream in the memory which may not have a path associated with it on the
+      # filesystem.
+      def io_path(io, extension)
         tempfile = Tempfile.open(
-          ["Ratonvirus", blob.filename.extension_with_delimiter],
+          ["Ratonvirus", extension],
           tempdir
         )
+        # Important for the scanner to be able to access the file.
+        prepare_for_scanner tempfile.path
 
         begin
           tempfile.binmode
-          blob.download { |chunk| tempfile.write(chunk) }
+          IO.copy_stream(io, tempfile)
           tempfile.flush
           tempfile.rewind
 
           yield tempfile.path
-        rescue StandardError
-            return
         ensure
           tempfile.close!
         end
@@ -92,6 +129,11 @@ module Ratonvirus
       def tempdir
         Dir.tmpdir
       end
+
+      def prepare_for_scanner(filepath)
+        # Important for the scanner to be able to access the file.
+        File.chmod(0o644, filepath)
+      end
     end
   end
 end

data/lib/ratonvirus/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Ratonvirus
-  VERSION = "0.1.1"
+  VERSION = "0.2.0"
 end

data/lib/tasks/ratonvirus.rake

@@ -3,19 +3,17 @@
 namespace :ratonvirus do
   desc "Tests if the antivirus scanner is available and properly configured"
   task test: :environment do
-    begin
-      if Ratonvirus.scanner.available?
-        puts "Ratonvirus correctly configured."
-      else
-        puts "Ratonvirus scanner is not available!"
-        puts ""
-        puts "Please refer to Ratonvirus documentation for proper configuration."
-      end
-    rescue StandardError
-      puts "Ratonvirus scanner is not configured."
+    if Ratonvirus.scanner.available?
+      puts "Ratonvirus correctly configured."
+    else
+      puts "Ratonvirus scanner is not available!"
       puts ""
       puts "Please refer to Ratonvirus documentation for proper configuration."
     end
+  rescue StandardError
+    puts "Ratonvirus scanner is not configured."
+    puts ""
+    puts "Please refer to Ratonvirus documentation for proper configuration."
   end
 
   desc "Scans the given file through the antivirus scanner"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ratonvirus
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Antti Hukkanen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-27 00:00:00.000000000 Z
+date: 2020-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -58,98 +58,98 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.16.0
+        version: 0.18.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.16.0
+        version: 0.18.0
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: activestorage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: carrierwave
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.64.0
+        version: 0.86.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.64.0
+        version: 0.86.0
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.32'
+        version: '1.40'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.32'
+        version: '1.40'
 description: Adds antivirus check capability for Rails applications.
 email:
 - antti.hukkanen@mainiotech.fi