s3_cors_fileupload 0.1.1

data/lib/generators/s3_cors_fileupload/install/templates/s3_uploads_controller.rb

@@ -0,0 +1,90 @@
+require 'base64'
+require 'openssl'
+require 'digest/sha1'
+
+class S3UploadsController < ApplicationController
+
+  helper_method :s3_upload_policy_document, :s3_upload_signature
+
+  # GET /source_files
+  # GET /source_files.json
+  def index
+    @source_files = SourceFile.all
+
+    respond_to do |format|
+      format.html # index.html.erb
+      format.json { render json: @source_files.map{|sf| sf.to_jq_upload } }
+    end
+  end
+
+  # POST /source_files
+  # POST /source_files.json
+  def create
+    @source_file = SourceFile.new(params[:source_file])
+    respond_to do |format|
+      if @source_file.save
+        format.html {
+          render :json => @source_file.to_jq_upload,
+          :content_type => 'text/html',
+          :layout => false
+        }
+        format.json { render json: @source_file.to_jq_upload, status: :created }
+      else
+        format.html { render action: "new" }
+        format.json { render json: @source_file.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /source_files/1
+  # DELETE /source_files/1.json
+  def destroy
+    @source_file = SourceFile.find(params[:id])
+    @source_file.destroy
+
+    respond_to do |format|
+      format.html { redirect_to source_files_url }
+      format.json { head :no_content }
+      format.xml { head :no_content }
+    end
+  end
+
+  # used for s3_uploader
+  def generate_key
+    uid = SecureRandom.uuid.gsub(/-/,'')
+
+    render json: {
+      key: "uploads/#{uid}/#{params[:filename]}",
+      success_action_redirect: "/"
+    }
+  end
+
+  # ---- Helpers ----
+  # generate the policy document that amazon is expecting.
+  def s3_upload_policy_document
+    Base64.encode64(
+      {
+        expiration: 1.hour.from_now.utc.strftime('%Y-%m-%dT%H:%M:%S.000Z'),
+        conditions: [
+          { bucket: S3CorsFileupload::Config.bucket },
+          { acl: 'public-read' },
+          { success_action_status: '201' },
+          ["starts-with", "$key", ""],
+          ["starts-with", "$Content-Type", ""]
+        ]
+      }.to_json
+    ).gsub(/\n|\r/, '')
+  end
+
+  # sign our request by Base64 encoding the policy document.
+  def s3_upload_signature
+    Base64.encode64(
+      OpenSSL::HMAC.digest(
+        OpenSSL::Digest::Digest.new('sha1'),
+        S3CorsFileupload::Config.secret_access_key,
+        s3_upload_policy_document
+      )
+    ).gsub(/\n/, '')
+  end
+
+end

data/lib/generators/s3_cors_fileupload/install/templates/source_file.rb

@@ -0,0 +1,53 @@
+require 'aws/s3'
+
+class SourceFile < ActiveRecord::Base
+  attr_accessible :url, :bucket, :key
+
+  validates_presence_of :file_name, :file_content_type, :file_size, :key, :bucket
+
+  before_validation(:on => :create) do
+    self.file_name = key.split('/').last if key
+    # for some reason, the response from AWS seems to escape the slashes in the keys, this line will unescape the slash
+    self.url = url.gsub(/%2F/, '/') if url
+    self.file_size ||= s3_object.try(:size)
+    self.file_content_type ||= s3_object.try(:content_type)
+  end
+  # make all attributes readonly after creating the record (not sure we need this?)
+  after_create { readonly! }
+  # cleanup; destroy corresponding file on S3
+  after_destroy { s3_object.try(:delete) }
+
+  def to_jq_upload
+    { 
+      'id' => id,
+      'name' => file_name,
+      'size' => file_size,
+      'url' => url,
+      'image' => self.is_image?,
+      'delete_url' => Rails.application.routes.url_helpers.source_file_path(self)
+    }
+  end
+
+  def is_image?
+    !!file_content_type.try(:match, /image/)
+  end
+
+  #---- start S3 related methods -----
+  def s3_object
+    @s3_object ||= AWS::S3::S3Object.find(key, bucket) if self.class.open_aws && key
+  rescue
+    nil
+  end
+
+  def self.open_aws
+    unless AWS::S3::Base.connected?
+      AWS::S3::Base.establish_connection!(
+        :access_key_id     => S3CorsFileupload::Config.access_key_id,
+        :secret_access_key => S3CorsFileupload::Config.secret_access_key
+      )
+    end
+    return AWS::S3::Base.connected?
+  end
+  #---- end S3 related methods -----
+
+end

data/lib/generators/s3_cors_fileupload/install/templates/views/_template_download.html.erb

@@ -0,0 +1,29 @@
+<!-- The template to display files available for download -->
+<script id="template-download" type="text/x-tmpl">
+  {% for (var i=0, file; file=o.files[i]; i++) { %}
+    <tr class="template-download fade">
+      {% if (file.error) { %}
+        <td></td>
+        <td class="name"><span>{%=file.name%}</span></td>
+        <td class="size"><span>{%=o.formatFileSize(file.size)%}</span></td>
+        <td class="error" colspan="2"><span class="label label-important">Error</span> {%=file.error%}</td>
+        {% } else { %}
+        <td class="preview">{% if (file.thumbnail_url) { %}
+          <a href="{%=file.url%}" title="{%=file.name%}" rel="gallery" download="{%=file.name%}"><img src="{%=file.thumbnail_url%}"></a>
+          {% } %}</td>
+        <td class="name">
+          <a href="{%=file.url%}" title="{%=file.name%}" rel="{%=file.thumbnail_url&&'gallery'%}" download="{%=file.name%}">{%=file.name%}</a>
+        </td>
+        <td class="size"><span>{%=o.formatFileSize(file.size)%}</span></td>
+        <td colspan="2"></td>
+        {% } %}
+      <td class="delete">
+        <button class="btn btn-danger" data-type="{%=file.delete_type%}" data-url="{%=file.delete_url%}">
+          <i class="icon-trash icon-white"></i>
+          <span>Delete</span>
+        </button>
+        <input type="checkbox" name="delete" value="1">
+      </td>
+    </tr>
+    {% } %}
+</script>

data/lib/generators/s3_cors_fileupload/install/templates/views/_template_upload.html.erb

@@ -0,0 +1,31 @@
+<!-- The template to display files available for upload -->
+<script id="template-upload" type="text/x-tmpl">
+  {% for (var i=0, file; file=o.files[i]; i++) { %}
+  <tr class="template-upload fade">
+    <td class="preview"><span class="fade"></span></td>
+    <td class="name"><span>{%=file.name%}</span></td>
+    <td class="size"><span>{%=o.formatFileSize(file.size)%}</span></td>
+    {% if (file.error) { %}
+    <td class="error" colspan="2"><span class="label label-important">Error</span> {%=file.error%}</td>
+    {% } else if (o.files.valid && !i) { %}
+    <td>
+      <div class="progress progress-success progress-striped active"><div class="bar" style="width:0%;"></div></div>
+    </td>
+    <td class="start">{% if (!o.options.autoUpload) { %}
+      <button class="btn btn-primary">
+        <i class="icon-upload icon-white"></i>
+        <span>Start</span>
+      </button>
+      {% } %}</td>
+    {% } else { %}
+    <td colspan="2"></td>
+    {% } %}
+    <td class="cancel">{% if (!i) { %}
+      <button class="btn btn-warning">
+        <i class="icon-ban-circle icon-white"></i>
+        <span>Cancel</span>
+      </button>
+      {% } %}</td>
+  </tr>
+  {% } %}
+</script>

data/lib/generators/s3_cors_fileupload/install/templates/views/_template_uploaded.html.erb

@@ -0,0 +1,25 @@
+<!-- The template to display files that have been uploaded to S3 already -->
+<!-- This essentially is a stand-in for the template_download partial for the s3_cors_fileupload gem's purposes -->
+<script id="template-uploaded" type="text/x-tmpl">
+  <tr class="template-uploaded" id="source_file_{%=o.id%}">
+    <td class="preview">
+      {% if (o.image == true) { %}
+        <a href="{%=o.url%}" title="{%=o.name%}" rel="gallery" download="{%=o.name%}">
+          <image src="{%=o.url%}", style='width:80px; height:56px;'></image>
+        </a>
+      {% } %}
+    </td>
+    <td class="name">
+      <a href="{%=o.url%}" title="{%=o.name%}" rel="{%=o.thumbnail_url&&'gallery'%}" download="{%=o.name%}">{%=o.name%}</a>
+    </td>
+    <td class="size"><span>{%=formatFileSize(o.size)%}</span></td>
+    <td colspan="2"></td>
+    <td class="delete">
+      <button class="btn btn-danger" data-type="DELETE" data-url="{%=o.delete_url%}">
+        <i class="icon-trash icon-white"></i>
+        <span>Delete</span>
+      </button>
+      <input type="checkbox" name="delete" value="1">
+    </td>
+  </tr>
+</script>

data/lib/generators/s3_cors_fileupload/install/templates/views/index.html.erb

@@ -0,0 +1,43 @@
+<%= stylesheet_link_tag '//netdna.bootstrapcdn.com/twitter-bootstrap/2.1.1/css/bootstrap-combined.min.css' %>
+
+<div style="padding: 10px;">
+  <h2>Upload file</h2>
+  <%= s3_cors_fileupload_form :id => 'fileupload' %>
+
+  <div class="javascript-templates">
+    <%= render 'template_upload' %>
+    <%= render 'template_uploaded' %>
+    <%# render 'template_download' %>
+  </div>
+</div>
+
+<script>
+  //<![CDATA[
+    $(function () {
+      // Initialize the jQuery File Upload widget:
+      $('#fileupload').fileupload({
+        dataType: 'xml',
+        sequentialUploads: true,
+        downloadTemplateId: null,
+        downloadTemplate: null
+      });
+      
+      // Load existing files:
+      $.getJSON('/source_files', function (files) {
+        $.each(files, function(index, value) { 
+          $('#upload_files tbody').append(tmpl('template-uploaded', value));
+        });
+      });
+    });
+    
+    // used by the jQuery File Upload
+    var fileUploadErrors = {
+      maxFileSize: 'File is too big',
+      minFileSize: 'File is too small',
+      acceptFileTypes: 'Filetype not allowed',
+      maxNumberOfFiles: 'Max number of files exceeded',
+      uploadedBytes: 'Uploaded bytes exceed file size',
+      emptyResult: 'Empty file upload result'
+    };
+  //]]>
+</script>

data/lib/s3_cors_fileupload.rb

@@ -0,0 +1,2 @@
+require 's3_cors_fileupload/version'
+require 's3_cors_fileupload/rails'

data/lib/s3_cors_fileupload/rails.rb

@@ -0,0 +1,8 @@
+if defined?(::Rails)
+  require 's3_cors_fileupload/rails/config'
+  require 's3_cors_fileupload/rails/engine' if ::Rails.version >= '3.1'
+  require 's3_cors_fileupload/rails/policy_helper'
+  require 's3_cors_fileupload/rails/form_helper'
+
+  ActionView::Base.send(:include, S3CorsFileupload::FormHelper) if defined?(ActionView::Base)
+end

data/lib/s3_cors_fileupload/rails/config.rb

@@ -0,0 +1,27 @@
+module S3CorsFileupload
+  module Config
+    require 'yaml'
+
+    # this allows us to lazily instantiate the configuration by reading it in when it needs to be accessed
+    class << self
+      # if a method is called on the class, attempt to look it up in the config array
+      def method_missing(meth, *args, &block)
+        if args.empty? && block.nil?
+          config[meth.to_s]
+        else
+          super
+        end
+      end
+
+      private
+
+      def config
+        @config ||= YAML.load_file(File.join(::Rails.root, 'config', 'amazon_s3.yml'))[::Rails.env]
+      rescue
+        warn('WARNING: s3_cors_fileupload gem was unable to locate a configuration file in config/amazon_s3.yml and may not ' +
+             'be able to function properly.  Please run `rails generate s3_cors_upload:install` before proceeding.')
+        {}
+      end
+    end
+  end
+end

data/lib/s3_cors_fileupload/rails/engine.rb

@@ -0,0 +1,6 @@
+module S3CorsFileupload
+  module Rails
+    class Engine < ::Rails::Engine
+    end
+  end
+end

data/lib/s3_cors_fileupload/rails/form_helper.rb

@@ -0,0 +1,91 @@
+module S3CorsFileupload
+  module FormHelper
+    # Options:
+    # :access_key_id    The AWS Access Key ID of the owner of the bucket.
+    #                   Defaults to the `Config.access_key_id` (read from the yaml config file).
+    #
+    # :acl              One of S3's Canned Access Control Lists, must be one of:
+    #                   'private', 'public-read', 'public-read-write', 'authenticated-read'.
+    #                   Defaults to `'public-read'`.
+    #
+    # :max_file_size    The max file size (in bytes) that you wish to allow to be uploaded.
+    #                   Defaults to `Config.max_file_size` or, if no value is set on the yaml file `524288000` (500 MB)
+    #
+    # :bucket           The name of the bucket on S3 you wish for the files to be uploaded to.
+    #                   Defaults to `Config.bucket` (read from the yaml config file).
+    #
+    # Any other key creates standard HTML options for the form tag.
+    def s3_cors_fileupload_form(options = {}, &block)
+      policy_helper = PolicyHelper.new(options)
+      # initialize the hidden form fields
+      hidden_form_fields = {
+        :key => '',
+        'Content-Type' => '',
+        'AWSAccessKeyId' => options[:access_key_id] || Config.access_key_id,
+        :acl => policy_helper.options[:acl],
+        :policy => policy_helper.policy_document,
+        :signature => policy_helper.upload_signature,
+        :success_action_status => '201'
+      }
+      # assume that all of the non-documented keys are 
+      _html_options = options.reject { |key, val| [:access_key_id, :acl, :max_file_size, :bucket].include?(key) }
+      # return the form html
+      construct_form_html(hidden_form_fields, policy_helper.options[:bucket], _html_options,  &block)
+    end
+    
+    private
+    
+    def build_form_options(options = {})
+      { :id => 'fileupload' }.merge(options).merge(:multipart => true, :authenticity_token => false)
+    end
+    
+    # hidden fields argument should be a hash of key value pairs (values may be blank if desired)
+    def construct_form_html(hidden_fields, bucket, html_options = {}, &block)
+      # now build the html for the form
+      form_text = form_tag("https://#{bucket}.s3.amazonaws.com", build_form_options(html_options)) do
+        hidden_fields.map do |name, value|
+          hidden_field_tag(name, value)
+        end.join.html_safe + "
+        <!-- The fileupload-buttonbar contains buttons to add/delete files and start/cancel the upload -->  
+        <div class='row fileupload-buttonbar'>
+          <div class='span7'>
+            <button class='btn btn-success fileinput-button'>
+              <i class='icon-plus icon-white'></i>
+              <span>Add files...</span>
+              ".html_safe +
+              file_field_tag(:file, :multiple => true) + "
+            </button>
+            <button class='btn btn-primary start' type='submit'>
+              <i class='icon-upload icon-white'></i>
+              <span>Start upload</span>
+            </button>
+            <button class='btn btn-warning cancel' type='reset'>
+              <i class='icon-ban-circle icon-white'></i>
+              <span>Cancel upload</span>
+            </button>
+            <button class='btn btn-danger delete' type='button'>
+              <i class='icon-trash icon-white'></i>
+              <span>Delete</span>
+            </button>
+            <input class='toggle' type='checkbox'></input>
+          </div>
+          <div class='span5'>
+            <!-- The global progress bar -->
+            <div class='progress progress-success progress-striped active fade'>
+              <div class='bar' style='width: 0%'></div>
+            </div>
+          </div>
+        </div>
+        <!-- The loading indicator is shown during image processing -->
+        <div class='fileupload-loading'></div>
+        <br>
+        <!-- The table listing the files available for upload/download -->
+        <table class='table table-striped' id='upload_files'>
+          <tbody class='files' data-target='#modal-gallery' data-toggle='modal-gallery'></tbody>
+        </table>".html_safe
+      end
+      form_text += capture(&block) if block
+      form_text
+    end
+  end
+end

data/lib/s3_cors_fileupload/rails/policy_helper.rb

@@ -0,0 +1,48 @@
+require 'base64'
+require 'openssl'
+require 'digest/sha1'
+require 'json'
+
+module S3CorsFileupload
+  class PolicyHelper
+    attr_reader :options
+    
+    def initialize(_options = {})
+      # default max_file_size to 500 MB if nothing is received
+      @options = {
+        :acl => 'public-read',
+        :max_file_size => Config.max_file_size || 524288000,
+        :bucket => Config.bucket
+      }.merge(_options).merge(:secret_access_key => Config.secret_access_key)
+    end
+    
+    # generate the policy document that amazon is expecting.
+    def policy_document
+      Base64.encode64(
+        {
+          expiration: 1.hour.from_now.utc.strftime('%Y-%m-%dT%H:%M:%S.000Z'),
+          conditions: [
+            { bucket: options[:bucket] },
+            { acl: options[:acl] },
+            { success_action_status: '201' },
+            ["content-length-range", 0, options[:max_file_size]],
+            ["starts-with", "$utf8", ""],
+            ["starts-with", "$key", ""],
+            ["starts-with", "$Content-Type", ""]
+          ]
+        }.to_json
+      ).gsub(/\n|\r/, '')
+    end
+
+    # sign our request by Base64 encoding the policy document.
+    def upload_signature
+      Base64.encode64(
+        OpenSSL::HMAC.digest(
+          OpenSSL::Digest::Digest.new('sha1'),
+          options[:secret_access_key],
+          self.policy_document
+        )
+      ).gsub(/\n/, '')
+    end
+  end
+end