secure_download 0.0.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +20 -0
  3. data/README.md +32 -0
  4. data/Rakefile +38 -0
  5. data/app/controllers/download_controller.rb +30 -0
  6. data/lib/secure_download.rb +21 -0
  7. data/lib/secure_download/carrierwave_extends.rb +34 -0
  8. data/lib/secure_download/routes.rb +8 -0
  9. data/lib/secure_download/version.rb +3 -0
  10. metadata +107 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 4c6a188788a46f008577bd2bb956b43fc766be04
4
+ data.tar.gz: ae20082e46986feb2783d9cac94b88bfd5dbb120
5
+ SHA512:
6
+ metadata.gz: c66e73029aea9f4118c4065c7081bff77f7a97fe2e4e9084bd1c2cb40cb73c86ec60188867c004a4348079b774502675d6f5546107a4d5040accca9cd50c82b8
7
+ data.tar.gz: 10004807afd39d38e0cbcf87416bcf8453b7d04fdd02ada4c5f8d106cc9c81c6b79f08f030505286e1813714a3633c9c07f0748aa4672293639c0da249a93ea9
data/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2013 Stackle
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
6
+ this software and associated documentation files (the "Software"), to deal in
7
+ the Software without restriction, including without limitation the rights to
8
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
9
+ the Software, and to permit persons to whom the Software is furnished to do so,
10
+ subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
17
+ FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
18
+ COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
19
+ IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,32 @@
1
+ secure_download
2
+ ===============
3
+
4
+ CarrierWave secure download url with CanCan for restrict permission
5
+
6
+ # Configuration
7
+ add following method to config/routes.rb
8
+
9
+ secure_download_map
10
+
11
+ default path is /secure_download but if you want to change path, use
12
+
13
+ secure_download_map :path => "your_path"
14
+
15
+ then change store_dir in your carrierwave uploader class to other path
16
+ outside of public dir
17
+
18
+ Next, if you mount uploader in User model with this line
19
+
20
+ mount_uploader :file, FileUploader
21
+
22
+ and you want any user to be able to download this file then,
23
+ add this rule to CanCan in ability.rb with format download_*.
24
+
25
+ can :download_file, User
26
+
27
+ Where `file` is mount name and User is a model that mount the `file`.
28
+ You can add more specific permission, see more at https://github.com/ryanb/cancan/wiki/Defining-Abilities
29
+
30
+ # Usage
31
+ Normally, you use `user.file.url`, when this gem was added, use `user.file.secure_url` instead.
32
+ If you don't want user to be forced to download, use `user.file.secure_url(true)`
data/Rakefile ADDED
@@ -0,0 +1,38 @@
1
+ #!/usr/bin/env rake
2
+ begin
3
+ require 'bundler/setup'
4
+ rescue LoadError
5
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
6
+ end
7
+ begin
8
+ require 'rdoc/task'
9
+ rescue LoadError
10
+ require 'rdoc/rdoc'
11
+ require 'rake/rdoctask'
12
+ RDoc::Task = Rake::RDocTask
13
+ end
14
+
15
+ RDoc::Task.new(:rdoc) do |rdoc|
16
+ rdoc.rdoc_dir = 'rdoc'
17
+ rdoc.title = 'SecureDownload'
18
+ rdoc.options << '--line-numbers'
19
+ rdoc.rdoc_files.include('README.rdoc')
20
+ rdoc.rdoc_files.include('lib/**/*.rb')
21
+ end
22
+
23
+
24
+
25
+
26
+ Bundler::GemHelper.install_tasks
27
+
28
+ require 'rake/testtask'
29
+
30
+ Rake::TestTask.new(:test) do |t|
31
+ t.libs << 'lib'
32
+ t.libs << 'test'
33
+ t.pattern = 'test/**/*_test.rb'
34
+ t.verbose = false
35
+ end
36
+
37
+
38
+ task :default => :test
data/app/controllers/download_controller.rb ADDED
@@ -0,0 +1,30 @@
1
+ class SecureDownload::DownloadController < ActionController::Base
2
+ def download
3
+ model = params[:model]
4
+ field = params[:field]
5
+ id = params[:id]
6
+
7
+ begin
8
+ cls = model.constantize
9
+ obj = cls.find(id.to_i)
10
+ upload_field = obj.send(field.to_sym) || not_found
11
+ rescue NameError, ActiveRecord::RecordNotFound, NoMethodError
12
+ not_found
13
+ end
14
+
15
+ do_ability = "download_#{field}".to_sym
16
+ disposition = params.include?(:view) ? 'inline': 'attachment'
17
+ return send_file(absolute_file_path(upload_field), x_sendfile: true, disposition: disposition) if can? do_ability, obj
18
+
19
+ not_found
20
+ end
21
+
22
+ private
23
+ def absolute_file_path(carrierwave_obj)
24
+ carrierwave_obj.current_path
25
+ end
26
+
27
+ def not_found
28
+ raise ActionController::RoutingError.new('Not Found')
29
+ end
30
+ end
data/lib/secure_download.rb ADDED
@@ -0,0 +1,21 @@
1
+ # require 'active_support/core_ext/object/blank'
2
+ # require 'active_support/core_ext/class/attribute'
3
+ # require 'active_support/concern'
4
+
5
+ module SecureDownload
6
+ end
7
+
8
+ if defined?(Rails)
9
+ module SecureDownload
10
+ class Railtie < Rails::Railtie
11
+ # initializer "secure_download.active_record" do
12
+ ActiveSupport.on_load :action_controller do
13
+ require 'secure_download/routes'
14
+ require_relative '../app/controllers/download_controller'
15
+ ActiveSupport.on_load :after_initialize do
16
+ require 'secure_download/carrierwave_extends'
17
+ end
18
+ end
19
+ end
20
+ end
21
+ end
data/lib/secure_download/carrierwave_extends.rb ADDED
@@ -0,0 +1,34 @@
1
+ require 'carrierwave/uploader'
2
+ require 'carrierwave/mount'
3
+
4
+ module CarrierWave
5
+ module Uploader
6
+ class Base
7
+ include ActionView::Helpers
8
+ include ActionDispatch::Routing
9
+ include Rails.application.routes.url_helpers
10
+ end
11
+ end
12
+
13
+ module Mount
14
+ class Mounter
15
+ alias_method :old_uploader, :uploader
16
+
17
+ def uploader
18
+ old_uploader
19
+ @uploader.instance_eval <<-RUBY, __FILE__, __LINE__+1
20
+ def secure_url(view=false)
21
+ hash = {:controller => 'secure_download/download',
22
+ :action => 'download',
23
+ :model => model.class.name,
24
+ :field => '#{column}',
25
+ :id => model.id }
26
+ hash[:view] = view if view
27
+ url_for hash
28
+ end
29
+ RUBY
30
+ return @uploader
31
+ end
32
+ end
33
+ end
34
+ end
data/lib/secure_download/routes.rb ADDED
@@ -0,0 +1,8 @@
1
+ module ActionDispatch::Routing
2
+ class Mapper
3
+ def secure_download_map(options={})
4
+ options = {:path => 'secure_download'}.merge(options)
5
+ get "#{options[:path]}/:model/:field/:id" => 'secure_download/download#download', :as => 'secure_download'
6
+ end
7
+ end
8
+ end
data/lib/secure_download/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module SecureDownload
2
+ VERSION = "0.0.8"
3
+ end
metadata ADDED
@@ -0,0 +1,107 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: secure_download
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.8
5
+ platform: ruby
6
+ authors:
7
+ - Tanapol Nearunchorn
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-04-06 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rails
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '3.2'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '3.2'
27
+ - !ruby/object:Gem::Dependency
28
+ name: cancan
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.6'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.6'
41
+ - !ruby/object:Gem::Dependency
42
+ name: carrierwave
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '0.9'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '0.9'
55
+ - !ruby/object:Gem::Dependency
56
+ name: activesupport
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '3.2'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '3.2'
69
+ description: Secure download for CarrierWave with CanCan
70
+ email: tanapo.sh@gmail.com
71
+ executables: []
72
+ extensions: []
73
+ extra_rdoc_files: []
74
+ files:
75
+ - LICENSE
76
+ - README.md
77
+ - Rakefile
78
+ - app/controllers/download_controller.rb
79
+ - lib/secure_download.rb
80
+ - lib/secure_download/carrierwave_extends.rb
81
+ - lib/secure_download/routes.rb
82
+ - lib/secure_download/version.rb
83
+ homepage: http://rubygems.org/gems/secure_download
84
+ licenses:
85
+ - MIT
86
+ metadata: {}
87
+ post_install_message:
88
+ rdoc_options: []
89
+ require_paths:
90
+ - lib
91
+ required_ruby_version: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - ">="
94
+ - !ruby/object:Gem::Version
95
+ version: '0'
96
+ required_rubygems_version: !ruby/object:Gem::Requirement
97
+ requirements:
98
+ - - ">="
99
+ - !ruby/object:Gem::Version
100
+ version: '0'
101
+ requirements: []
102
+ rubyforge_project:
103
+ rubygems_version: 2.2.2
104
+ signing_key:
105
+ specification_version: 4
106
+ summary: Secure download for CarrierWave with CanCan
107
+ test_files: []