ratonvirus 0.1.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f4ccf906781401ec2e9126acf96165d278b0dce5ecf2b10cfa71373490433d98
-  data.tar.gz: dc56500ae5839a3987c47e96d05ceb9e4627c412edd953d0dbf1fc2c02069c52
+  metadata.gz: 7fa55b1025e3d8099f86b8b9e9157cbd4473980441aac2c7acc98b92cf2c3ff6
+  data.tar.gz: f219700545adb3593677af4fad1bb9d198892fc94bd128101a817169118254a0
 SHA512:
-  metadata.gz: 830a364f9355592158d7580c8755b576ea6a591951e48832ec6d83a308d5d5b0bdcaec3822d7dd47a5120eebc264c2037762202e0f53c42c3d10781d8c67f081
-  data.tar.gz: 68562672a90dafe0d4705378cc94549d2cf64858987a14901b73607da595b747e72f0d45c52a06f9b1595aba6ab3118998ee5e23901ff438f31bdf6aa399852f
+  metadata.gz: 5fcd623e174c648393cc5489c27ce685ee0da9282a7289122a537daacff67950323123e7698da610af6a77b19b63753accb41ca22d06098dc95f4f8d41a109f9
+  data.tar.gz: 85100d78a0e6a476cb4c4e3dde833381e7ac2219d4c9127cef4f07458b8ca56ba3a0977275f5d715f64cbab7989bbcb047c733dade35e6d6a95192b48005d0bd

data/CHANGELOG.md

@@ -1,11 +1,3 @@
-# v0.1.2
-
-Fixed:
-
-- Backport: Issue related with scanning files with CarrierWave storage engine using remote storage engines such as Fog.
-  Related to #9
-
-
 # v0.1.1
 
 Fixed:

data/README.md

@@ -3,7 +3,7 @@
 Rails antivirus made easy.
 Developed by [Mainio Tech](https://www.mainiotech.fi/).
 
-[![Build Status](https://travis-ci.com/mainio/ratonvirus.svg?branch=master)](https://travis-ci.com/mainio/ratonvirus)
+[![Build Status](https://travis-ci.org/mainio/ratonvirus.svg?branch=master)](https://travis-ci.org/mainio/ratonvirus)
 [![codecov](https://codecov.io/gh/mainio/ratonvirus/branch/master/graph/badge.svg)](https://codecov.io/gh/mainio/ratonvirus)
 
 Ratonvirus allows your Rails application to rat on the viruses that your users

data/lib/ratonvirus.rb

@@ -12,7 +12,6 @@ require_relative "ratonvirus/scanner/support/callbacks"
 require_relative "ratonvirus/scanner/base"
 require_relative "ratonvirus/scanner/eicar"
 require_relative "ratonvirus/scanner/addon/remove_infected"
-require_relative "ratonvirus/storage/support/io_handling"
 require_relative "ratonvirus/storage/base"
 require_relative "ratonvirus/storage/filepath"
 require_relative "ratonvirus/storage/active_storage"

data/lib/ratonvirus/storage/active_storage.rb

@@ -3,21 +3,9 @@
 module Ratonvirus
   module Storage
     class ActiveStorage < Base
-      def changed?(_record, _attribute)
-        # With Active Storage we assume the record is always changed because
-        # there is currently no way to know if the attribute has actually
-        # changed.
-        #
-        # Calling record.changed? will not also work because it is not marked
-        # as dirty in case the Active Storage attachment has changed.
-        #
-        # NOTE:
-        # This should be changed in the future as the `attachment_changes` was
-        # introduced to Rails by this commit:
-        # https://github.com/rails/rails/commit/e8682c5bf051517b0b265e446aa1a7eccfd47bf7
-        #
-        # However, it is still not available in Rails 5.2.x.
-        true
+      def changed?(record, attribute)
+        resource = record.public_send attribute
+        !resource.record.attachment_changes[resource.name].nil?
       end
 
       def accept?(resource)
@@ -25,65 +13,114 @@ module Ratonvirus
           resource.is_a?(::ActiveStorage::Attached::Many)
       end
 
-      def process(resource, &_block)
+      def process(resource, &block)
         return unless block_given?
         return if resource.nil?
-
         return unless resource.attached?
 
-        if resource.is_a?(::ActiveStorage::Attached::One)
-          yield processable(resource.attachment) if resource.attachment
-        elsif resource.is_a?(::ActiveStorage::Attached::Many)
-          resource.attachments.each do |attachment|
-            yield processable(attachment)
-          end
+        change = resource.record.attachment_changes[resource.name]
+
+        if change.is_a?(::ActiveStorage::Attached::Changes::CreateOne)
+          handle_create_one(change, &block)
+        elsif change.is_a?(::ActiveStorage::Attached::Changes::CreateMany)
+          handle_create_many(change, &block)
         end
       end
 
       def asset_path(asset, &block)
         return unless block_given?
-        return if asset.nil?
-        return unless asset.blob
+        return unless asset.is_a?(Array)
 
-        blob_path asset.blob, &block
+        ext = asset[0].filename.extension_with_delimiter
+        case asset[1]
+        when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile
+          # These files should be already locally stored but their permissions
+          # can prevent the virus scanner executable from accessing them.
+          # Therefore, a temporary file is created for them as well.
+          io_path(asset[1], ext, &block)
+        when Hash
+          io = asset[1].fetch(:io)
+          io_path(io, ext, &block) if io
+        when ::ActiveStorage::Blob
+          asset[1].open do |tempfile|
+            prepare_for_scanner tempfile.path
+            yield tempfile.path
+          end
+        end
       end
 
+      # This is actually only required for the dyncamic blob uploads but for
+      # consistency, it is handled for all the cases accordingly either by
+      # closing the tempfile of the upload which also removes the file when
+      # called with the bang method. For the IO references, the IO is closed
+      # which should trigger the file deletion by latest at the Rack or Ruby
+      # level during garbage collection. There is no guarantee that the file
+      # for which the IO was opened would be deleted beause the IO itself is
+      # not necessarily associated with an actual file.
       def asset_remove(asset)
-        asset.purge
+        return unless asset.is_a?(Array)
+
+        case asset[1]
+        when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile
+          # This removes the temp file from the system.
+          asset[1].tempfile.close!
+        when Hash
+          # No guarantee all references for the file are deleted.
+          io = asset[1].fetch(:io)
+          io.close
+        when ::ActiveStorage::Blob
+          # This deletes the dynamically uploaded blobs that might not be
+          # associated with any record at this point. This ensures the blobs are
+          # not left "hanging" in the storage system and the database in case
+          # automatic file deletion is applied.
+          asset[1].purge
+        end
       end
 
       private
 
-      # This creates a local copy of the blob for the scanning process. A
-      # local copy is needed for processing because the actual blob may be
-      # stored at a remote storage service (such as Amazon S3), meaning it
-      # cannot be otherwise processed locally.
-      #
-      # NOTE:
-      # Later implementations of Active Storage have the blob.open method that
-      # provides similar functionality. However, Rails 5.2.x still does not
-      # include this functionality, so we need to take care of it ourselves.
-      #
-      # This was introduced in the following commit:
-      # https://github.com/rails/rails/commit/ee21b7c2eb64def8f00887a9fafbd77b85f464f1
-      #
-      # SEE:
-      # https://edgeguides.rubyonrails.org/active_storage_overview.html#downloading-files
-      def blob_path(blob)
+      def handle_create_one(change, &block)
+        yield_processable_from(change, &block)
+      end
+
+      def handle_create_many(change, &block)
+        change.send(:subchanges).each do |subchange|
+          yield_processable_from(subchange, &block)
+        end
+      end
+
+      def yield_processable_from(change, &_block)
+        attachable = change.attachable
+        return unless attachable
+        return if attachable.is_a?(::ActiveStorage::Blob)
+
+        # If the attachable is a string, it is a reference to an already
+        # existing blob. This can happen e.g. when the file blob is uploaded
+        # dynamically before the form is submitted.
+        attachable = change.attachment.blob if attachable.is_a?(String)
+
+        yield processable([change.attachment, attachable])
+      end
+
+      # This creates a local copy of the io contents for the scanning process. A
+      # local copy is needed for processing because the io object may be a file
+      # stream in the memory which may not have a path associated with it on the
+      # filesystem.
+      def io_path(io, extension)
         tempfile = Tempfile.open(
-          ["Ratonvirus", blob.filename.extension_with_delimiter],
+          ["Ratonvirus", extension],
           tempdir
         )
+        # Important for the scanner to be able to access the file.
+        prepare_for_scanner tempfile.path
 
         begin
           tempfile.binmode
-          blob.download { |chunk| tempfile.write(chunk) }
+          IO.copy_stream(io, tempfile)
           tempfile.flush
           tempfile.rewind
 
           yield tempfile.path
-        rescue StandardError
-            return
         ensure
           tempfile.close!
         end
@@ -92,6 +129,11 @@ module Ratonvirus
       def tempdir
         Dir.tmpdir
       end
+
+      def prepare_for_scanner(filepath)
+        # Important for the scanner to be able to access the file.
+        File.chmod(0o644, filepath)
+      end
     end
   end
 end

data/lib/ratonvirus/storage/carrierwave.rb

@@ -3,8 +3,6 @@
 module Ratonvirus
   module Storage
     class Carrierwave < Base
-      include Ratonvirus::Storage::Support::IoHandling
-
       def changed?(record, attribute)
         record.public_send :"#{attribute}_changed?"
       end
@@ -17,22 +15,12 @@ module Ratonvirus
         end
       end
 
-      def asset_path(asset, &block)
+      def asset_path(asset)
         return unless block_given?
         return if asset.nil?
         return if asset.file.nil?
 
-        # If the file is a local SanitizedFile, it is faster to run the scan
-        # directly against that file instead of copying it to a tempfile first
-        # as below for external file storages.
-        return yield asset.file.path if asset.file.is_a?(::CarrierWave::SanitizedFile)
-
-        # The file could be externally stored, so we need to read it to memory
-        # in order to create a temporary file for the scanner to perform the
-        # scan on.
-        io = StringIO.new(asset.file.read)
-        ext = File.extname(asset.file.path)
-        io_path(io, ext, &block)
+        yield asset.file.path
       end
 
       def asset_remove(asset)

data/lib/ratonvirus/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Ratonvirus
-  VERSION = "0.1.2"
+  VERSION = "0.2.0"
 end

data/lib/tasks/ratonvirus.rake

@@ -3,19 +3,17 @@
 namespace :ratonvirus do
   desc "Tests if the antivirus scanner is available and properly configured"
   task test: :environment do
-    begin
-      if Ratonvirus.scanner.available?
-        puts "Ratonvirus correctly configured."
-      else
-        puts "Ratonvirus scanner is not available!"
-        puts ""
-        puts "Please refer to Ratonvirus documentation for proper configuration."
-      end
-    rescue StandardError
-      puts "Ratonvirus scanner is not configured."
+    if Ratonvirus.scanner.available?
+      puts "Ratonvirus correctly configured."
+    else
+      puts "Ratonvirus scanner is not available!"
       puts ""
       puts "Please refer to Ratonvirus documentation for proper configuration."
     end
+  rescue StandardError
+    puts "Ratonvirus scanner is not configured."
+    puts ""
+    puts "Please refer to Ratonvirus documentation for proper configuration."
   end
 
   desc "Scans the given file through the antivirus scanner"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ratonvirus
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Antti Hukkanen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-05 00:00:00.000000000 Z
+date: 2020-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -58,98 +58,98 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.16.0
+        version: 0.18.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.16.0
+        version: 0.18.0
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: activestorage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: carrierwave
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.64.0
+        version: 0.86.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.64.0
+        version: 0.86.0
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.32'
+        version: '1.40'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.32'
+        version: '1.40'
 description: Adds antivirus check capability for Rails applications.
 email:
 - antti.hukkanen@mainiotech.fi
@@ -177,7 +177,6 @@ files:
 - lib/ratonvirus/storage/carrierwave.rb
 - lib/ratonvirus/storage/filepath.rb
 - lib/ratonvirus/storage/multi.rb
-- lib/ratonvirus/storage/support/io_handling.rb
 - lib/ratonvirus/support/backend.rb
 - lib/ratonvirus/version.rb
 - lib/tasks/ratonvirus.rake

data/lib/ratonvirus/storage/support/io_handling.rb

@@ -1,46 +0,0 @@
-# frozen_string_literal: true
-
-require "tempfile"
-
-module Ratonvirus
-  module Storage
-    module Support
-      module IoHandling
-        private
-
-        # This creates a local copy of the io contents for the scanning process.
-        # A local copy is needed for processing because the io object may be a
-        # file stream in the memory which may not have a path associated with it
-        # on the filesystem.
-        def io_path(io, extension)
-          tempfile = Tempfile.open(
-            ["Ratonvirus", extension],
-            tempdir
-          )
-          # Important for the scanner to be able to access the file.
-          prepare_for_scanner tempfile.path
-
-          begin
-            tempfile.binmode
-            IO.copy_stream(io, tempfile)
-            tempfile.flush
-            tempfile.rewind
-
-            yield tempfile.path
-          ensure
-            tempfile.close!
-          end
-        end
-
-        def tempdir
-          Dir.tmpdir
-        end
-
-        def prepare_for_scanner(filepath)
-          # Important for the scanner to be able to access the file.
-          File.chmod(0o644, filepath)
-        end
-      end
-    end
-  end
-end