s3_relay 0.0.2

data/app/helpers/s3_relay/uploads_helper.rb

@@ -0,0 +1,23 @@
+module S3Relay
+  module UploadsHelper
+
+    def s3_relay_field(parent, association, opts={})
+      file_field     = file_field_tag(:file, opts.merge(class: "s3r-field"))
+      progress_table = content_tag(:table, "", class: "s3r-upload-list")
+      content        = [file_field, progress_table].join
+      parent_type    = parent.class.to_s.underscore.downcase
+
+      content_tag(:div, raw(content),
+        {
+          class: "s3r-container",
+          data:  {
+            parent_type: parent_type,
+            parent_id:   parent.id.to_s,
+            association: association.to_s
+          }
+        }
+      )
+    end
+
+  end
+end

data/app/models/s3_relay/upload.rb

@@ -0,0 +1,46 @@
+module S3Relay
+  class Upload < ActiveRecord::Base
+
+    belongs_to :parent, polymorphic: true
+
+    validates :uuid,         presence: true, uniqueness: true
+    validates :upload_type,  presence: true
+    validates :filename,     presence: true
+    validates :content_type, presence: true
+    validates :pending_at,   presence: true
+
+    after_initialize :finalize
+
+    def self.pending
+      where(state: "pending")
+    end
+
+    def self.imported
+      where(state: "imported")
+    end
+
+    def pending?
+      state == "pending"
+    end
+
+    def imported?
+      state == "imported"
+    end
+
+    def mark_imported!
+      update_attributes(state: "imported", imported_at: Time.now)
+    end
+
+    def private_url
+      S3Relay::PrivateUrl.new(uuid, filename).generate
+    end
+
+    private
+
+    def finalize
+      self.state      ||= "pending"
+      self.pending_at ||= Time.now
+    end
+
+  end
+end

data/config/routes.rb

@@ -0,0 +1,5 @@
+S3Relay::Engine.routes.draw do
+
+  resources :uploads, only: [:new, :create]
+
+end

data/db/migrate/20141009000804_create_s3_relay_uploads.rb

@@ -0,0 +1,19 @@
+class CreateS3RelayUploads < ActiveRecord::Migration
+  def change
+    create_table :s3_relay_uploads do |t|
+      t.binary :uuid, length: 16
+      t.integer :user_id
+      t.string :parent_type
+      t.integer :parent_id
+      t.string :upload_type
+      t.text :filename
+      t.string :content_type
+      t.string :state
+      t.column :data, :json, default: "{}"
+      t.datetime :pending_at
+      t.datetime :imported_at
+
+      t.timestamps
+    end
+  end
+end

data/lib/s3_relay.rb

@@ -0,0 +1,4 @@
+require "s3_relay/engine"
+
+module S3Relay
+end

data/lib/s3_relay/base.rb

@@ -0,0 +1,35 @@
+module S3Relay
+  class Base
+
+    private
+
+    def access_key_id
+      ENV["S3_RELAY_ACCESS_KEY_ID"]
+    end
+
+    def secret_access_key
+      ENV["S3_RELAY_SECRET_ACCESS_KEY"]
+    end
+
+    def region
+      ENV["S3_RELAY_REGION"]
+    end
+
+    def bucket
+      ENV["S3_RELAY_BUCKET"]
+    end
+
+    def acl
+      ENV["S3_RELAY_ACL"]
+    end
+
+    def endpoint
+      "https://#{bucket}.s3-#{region}.amazonaws.com"
+    end
+
+    def digest
+      OpenSSL::Digest.new("sha1")
+    end
+
+  end
+end

data/lib/s3_relay/engine.rb

@@ -0,0 +1,18 @@
+module S3Relay
+  class Engine < ::Rails::Engine
+    isolate_namespace S3Relay
+
+    initializer "s3_relay.action_controller" do |app|
+      ActiveSupport.on_load :action_controller do
+        helper S3Relay::UploadsHelper
+      end
+    end
+  end
+end
+
+require "s3_relay/base"
+require "s3_relay/model"
+require "s3_relay/private_url"
+require "s3_relay/upload_presigner"
+
+ActiveRecord::Base.extend S3Relay::Model

data/lib/s3_relay/model.rb

@@ -0,0 +1,54 @@
+module S3Relay
+  module Model
+
+    def s3_relay(attribute, has_many=false)
+      upload_type = attribute.to_s.classify
+
+      if has_many
+        has_many attribute, as: :parent, class_name: "S3Relay::Upload"
+
+        define_method attribute do
+          S3Relay::Upload
+            .where(
+              parent_type: self.class.to_s,
+              parent_id:   self.id,
+              upload_type: upload_type
+            )
+        end
+
+        virtual_attribute = "new_#{attribute}_uuids"
+      else
+        has_one attribute, as: :parent, class_name: "S3Relay::Upload"
+
+        define_method attribute do
+          S3Relay::Upload
+            .where(
+              parent_type: self.class.to_s,
+              parent_id:   self.id,
+              upload_type: upload_type
+            )
+            .order("pending_at DESC").last
+        end
+
+        virtual_attribute = "new_#{attribute}_uuid"
+      end
+
+      attr_accessor virtual_attribute
+
+      association_method = "associate_#{attribute}"
+
+      after_save association_method
+
+      define_method association_method do
+        new_uuids = send(virtual_attribute)
+        return if new_uuids.blank?
+
+        S3Relay::Upload.where(uuid: new_uuids, upload_type: upload_type)
+          .update_all(parent_type: self.class.to_s, parent_id: self.id)
+      end
+
+    end
+
+  end
+
+end

data/lib/s3_relay/private_url.rb

@@ -0,0 +1,33 @@
+module S3Relay
+  class PrivateUrl < S3Relay::Base
+
+    attr_reader :expires, :path
+
+    def initialize(uuid, file, options={})
+      filename = URI.encode(file).gsub("+", "%2B")
+      @path    = [uuid, filename].join("/")
+      @expires = (options[:expires] || 10.minutes.from_now).to_i
+    end
+
+    def generate
+      "#{endpoint}/#{path}?#{params}"
+    end
+
+    private
+
+    def params
+      [
+        "AWSAccessKeyId=#{access_key_id}",
+        "Expires=#{expires}",
+        "Signature=#{signature}"
+      ].join("&")
+    end
+
+    def signature
+      string = "GET\n\n\n#{expires}\n/#{bucket}/#{path}"
+      hmac   = OpenSSL::HMAC.digest(digest, secret_access_key, string)
+      CGI.escape(Base64.encode64(hmac).strip)
+    end
+
+  end
+end

data/lib/s3_relay/s3_relay.rb

@@ -0,0 +1,4 @@
+require "s3_relay/engine"
+
+module S3Relay
+end

data/lib/s3_relay/upload_presigner.rb

@@ -0,0 +1,60 @@
+module S3Relay
+  class UploadPresigner < S3Relay::Base
+
+    attr_reader :expires, :uuid
+
+    def initialize(options={})
+      @expires = (options[:expires] || 1.minute.from_now).utc.xmlschema
+      @uuid    = SecureRandom.uuid
+    end
+
+    def form_data
+      fields.keys.inject({}) { |h,k| h[k.downcase.underscore] = fields[k]; h }
+        .merge(
+          "endpoint"  => endpoint,
+          "policy"    => encoded_policy,
+          "signature" => signature,
+          "uuid"      => uuid
+        )
+    end
+
+    private
+
+    def fields
+      {
+        "AWSAccessKeyID"               => access_key_id,
+        "x-amz-server-side-encryption" => "AES256",
+        "key"                          => "#{uuid}/${filename}",
+        "success_action_status"        => "201",
+        "acl"                          => acl
+      }
+    end
+
+    def hmac
+      lambda { |data| OpenSSL::HMAC.digest(digest, secret_access_key, data) }
+    end
+
+    def policy_document
+      {
+        "expiration" => expires,
+        "conditions" => [
+          { "bucket" => bucket },
+          { "acl" => acl },
+          { "x-amz-server-side-encryption" => "AES256" },
+          { "success_action_status" => "201" },
+          ["starts-with", "$content-type", ""],
+          ["starts-with", "$key", "#{uuid}/"]
+        ]
+      }
+    end
+
+    def encoded_policy
+      Base64.strict_encode64(policy_document.to_json)
+    end
+
+    def signature
+      Base64.strict_encode64(hmac[encoded_policy])
+    end
+
+  end
+end

data/lib/s3_relay/version.rb

@@ -0,0 +1,3 @@
+module S3Relay
+  VERSION = "0.0.2"
+end

data/test/controllers/s3_relay/uploads_controller_test.rb

@@ -0,0 +1,138 @@
+require "test_helper"
+
+module S3Relay
+  describe UploadsController do
+    before do
+      S3Relay::Base.any_instance.stubs(:access_key_id)
+        .returns("access-key-id")
+      S3Relay::Base.any_instance.stubs(:secret_access_key)
+        .returns("secret-access-key")
+      S3Relay::Base.any_instance.stubs(:region)
+        .returns("region")
+      S3Relay::Base.any_instance.stubs(:bucket)
+        .returns("bucket")
+      S3Relay::Base.any_instance.stubs(:acl)
+        .returns("acl")
+    end
+
+    describe "GET new" do
+      it do
+        uuid = "123-456-789"
+        time = Time.parse("2014-12-01 12:00am")
+        S3Relay::UploadPresigner.any_instance.stubs(:uuid).returns(uuid)
+        S3Relay::UploadPresigner.any_instance.stubs(:expires).returns(time)
+
+        get :new
+        assert_response 200
+
+        data = JSON.parse(response.body)
+
+        data["awsaccesskeyid"].must_equal "access-key-id"
+        data["x_amz_server_side_encryption"].must_equal "AES256"
+        data["key"].must_equal "#{uuid}/${filename}"
+        data["success_action_status"].must_equal "201"
+        data["acl"].must_equal "acl"
+        data["endpoint"].must_equal "https://bucket.s3-region.amazonaws.com"
+        data["policy"].length.must_equal 324  # TODO: Improve this
+        data["signature"].length.must_equal 28  # TODO: Improve this
+        data["uuid"].must_equal uuid
+      end
+    end
+
+    describe "POST create" do
+
+      describe "success" do
+        it do
+          assert_difference "S3Relay::Upload.count", 1 do
+            post :create,
+              association:  "photo_uploads",
+              uuid:         SecureRandom.uuid,
+              filename:     "cat.png",
+              content_type: "image/png"
+          end
+
+          assert_response 201
+        end
+
+        describe "with parent attributes" do
+          describe "matching an object" do
+            before { @product = FactoryGirl.create(:product) }
+
+            it do
+              assert_difference "@product.photo_uploads.count", 1 do
+                post :create,
+                  association:  "photo_uploads",
+                  uuid:         SecureRandom.uuid,
+                  filename:     "cat.png",
+                  content_type: "image/png",
+                  parent_type:  @product.class.to_s,
+                  parent_id:    @product.id.to_s
+              end
+
+              assert_response 201
+            end
+          end
+
+          describe "not matching an object" do
+            it do
+              assert_difference "S3Relay::Upload.count" do
+                post :create,
+                  association:  "photo_uploads",
+                  uuid:         SecureRandom.uuid,
+                  filename:     "cat.png",
+                  content_type: "image/png",
+                  parent_type:  "Product",
+                  parent_id:    "10000000"
+              end
+
+              assert_response 201
+
+              assigns[:upload].parent_type.must_equal nil
+              assigns[:upload].parent_id.must_equal nil
+            end
+          end
+
+          describe "with a current_user" do
+            before do
+              @user = OpenStruct.new(id: 123)
+              @controller.stubs(:current_user).returns(@user)
+            end
+
+            it "associates the upload with the user" do
+              assert_difference "S3Relay::Upload.count", 1 do
+                post :create,
+                  association:  "photo_uploads",
+                  uuid:         SecureRandom.uuid,
+                  filename:     "cat.png",
+                  content_type: "image/png"
+              end
+
+              assert_response 201
+
+              assigns[:upload].user_id.must_equal @user.id
+            end
+          end
+
+        end
+      end
+
+      describe "error" do
+        it do
+          assert_no_difference "S3Relay::Upload.count" do
+            post :create,
+              uuid:         SecureRandom.uuid,
+              filename:     "cat.png",
+              content_type: "image/png"
+          end
+
+          assert_response 422
+
+          JSON.parse(response.body)["errors"]["upload_type"]
+            .must_include "can't be blank"
+        end
+      end
+
+    end
+
+  end
+end