shrine 3.5.0 → 3.7.0

data/lib/shrine/plugins/backgrounding.rb

@@ -67,19 +67,19 @@ class Shrine
         end
 
         # Does a background promote if promote block was registered.
-        def promote_cached(**options)
+        def promote_cached(**)
           if promote? && promote_block
-            promote_background
+            promote_background(**)
           else
             super
           end
         end
 
         # Calls the registered promote block.
-        def promote_background(**options)
+        def promote_background(**)
           fail Error, "promote block is not registered" unless promote_block
 
-          background_block(promote_block, **options)
+          background_block(promote_block, **)
         end
 
         # Does a background destroy if destroy block was registered.
@@ -92,19 +92,19 @@ class Shrine
         end
 
         # Calls the registered destroy block.
-        def destroy_background(**options)
+        def destroy_background(**)
           fail Error, "destroy block is not registered" unless destroy_block
 
-          background_block(destroy_block, **options)
+          background_block(destroy_block, **)
         end
 
         private
 
-        def background_block(block, **options)
+        def background_block(block, **)
           if block.arity == 1
-            block.call(self, **options)
+            block.call(self, **)
           else
-            instance_exec(**options, &block)
+            instance_exec(**, &block)
           end
         end
       end

data/lib/shrine/plugins/column.rb

@@ -16,8 +16,8 @@ class Shrine
         # from a database record column.
         #
         #     Attacher.from_column('{"id":"...","storage":"...","metadata":{...}}')
-        def from_column(data, **options)
-          attacher = new(**options)
+        def from_column(data, **)
+          attacher = new(**)
           attacher.load_column(data)
           attacher
         end
@@ -28,8 +28,8 @@ class Shrine
         attr_reader :column_serializer
 
         # Allows overriding the default column serializer.
-        def initialize(column_serializer: shrine_class.opts[:column][:serializer], **options)
-          super(**options)
+        def initialize(column_serializer: shrine_class.opts[:column][:serializer], **)
+          super(**)
           @column_serializer = column_serializer
         end
 
@@ -75,6 +75,8 @@ class Shrine
         #     Attacher.deserialize_column(nil)
         #     #=> nil
         def deserialize_column(data)
+          return nil if data == ""
+
           if column_serializer && data && !data.is_a?(Hash)
             column_serializer.load(data)
           else

data/lib/shrine/plugins/default_url.rb

@@ -16,16 +16,16 @@ class Shrine
       end
 
       module AttacherMethods
-        def url(**options)
-          super || default_url(**options)
+        def url(**)
+          super || default_url(**)
         end
 
         private
 
-        def default_url(**options)
+        def default_url(**)
           return unless default_url_block
 
-          url = instance_exec(**options, &default_url_block)
+          url = instance_exec(**, &default_url_block)
 
           [*default_url_host, url].join
         end

data/lib/shrine/plugins/delete_raw.rb

@@ -15,8 +15,8 @@ class Shrine
         private
 
         # Deletes the file that was uploaded, unless it's an UploadedFile.
-        def _upload(io, delete: delete_raw?, **options)
-          super(io, delete: delete, **options)
+        def _upload(io, delete: delete_raw?, **)
+          super(io, delete:, **)
         end
 
         def delete_raw?

data/lib/shrine/plugins/derivation_endpoint.rb

@@ -48,7 +48,7 @@ class Shrine
         # It uses a trick where it removes the derivation path prefix from the
         # path info before calling the Rack app, which is what web framework
         # routers do before they're calling a mounted Rack app.
-        def derivation_response(env, **options)
+        def derivation_response(env, **)
           script_name = env["SCRIPT_NAME"]
           path_info   = env["PATH_INFO"]
 
@@ -61,7 +61,7 @@ class Shrine
             env["SCRIPT_NAME"] += match.to_s
             env["PATH_INFO"]    = match.post_match
 
-            derivation_endpoint(**options).call(env)
+            derivation_endpoint(**).call(env)
           ensure
             env["SCRIPT_NAME"] = script_name
             env["PATH_INFO"]   = path_info
@@ -87,15 +87,15 @@ class Shrine
         # Generates a URL to a derivation with the receiver as the source file.
         # Any arguments provided will be included in the URL and passed to the
         # derivation block. Accepts additional URL options.
-        def derivation_url(name, *args, **options)
-          derivation(name, *args).url(**options)
+        def derivation_url(name, *, **)
+          derivation(name, *).url(**)
         end
 
         # Calls the specified derivation with the receiver as the source file,
         # returning a Rack response triple. The derivation endpoint ultimately
         # calls this method.
-        def derivation_response(name, *args, env:, **options)
-          derivation(name, *args, **options).response(env)
+        def derivation_response(name, *, env:, **)
+          derivation(name, *, **).response(env)
         end
 
         # Returns a Shrine::Derivation object created from the provided
@@ -129,14 +129,14 @@ class Shrine
     end
 
     # Returns an URL to the derivation.
-    def url(**options)
+    def url(**)
       Derivation::Url.new(self).call(
         host:       option(:host),
         prefix:     option(:prefix),
         expires_in: option(:expires_in),
         version:    option(:version),
         metadata:   option(:metadata),
-        **options,
+        **,
       )
     end
 
@@ -158,8 +158,8 @@ class Shrine
 
     # Uploads the derivation result to a dedicated destination on the specified
     # Shrine storage.
-    def upload(file = nil, **options)
-      Derivation::Upload.new(self).call(file, **options)
+    def upload(file = nil, **)
+      Derivation::Upload.new(self).call(file, **)
     end
 
     # Returns a Shrine::UploadedFile object pointing to the uploaded derivative
@@ -184,7 +184,7 @@ class Shrine
     end
 
     def self.option(name, default: nil, result: nil)
-      options[name] = { default: default, result: result }
+      options[name] = { default:, result: }
     end
 
     option :cache_control,               default: -> { default_cache_control }
@@ -303,15 +303,15 @@ class Shrine
   class Derivation::Url < Derivation::Command
     delegate :name, :args, :source, :secret_key, :signer
 
-    def call(host: nil, prefix: nil, **options)
+    def call(host: nil, prefix: nil, metadata: [], **)
       base_url = [host, *prefix].join("/")
-      path = path_identifier(metadata: options.delete(:metadata))
+      path = path_identifier(metadata:)
 
       if signer
         url = [base_url, path].join("/")
-        signer.call(url, **options)
+        signer.call(url, **)
       else
-        signed_part = signed_url("#{path}?#{query(**options)}")
+        signed_part = signed_url("#{path}?#{query(**)}")
         [base_url, signed_part].join("/")
       end
     end
@@ -322,7 +322,7 @@ class Shrine
       [
         name,
         *args,
-        source.urlsafe_dump(metadata: metadata)
+        source.urlsafe_dump(metadata:)
       ].map{|component| Rack::Utils.escape_path(component.to_s)}.join('/')
     end
 
@@ -365,7 +365,9 @@ class Shrine
         handle_request(request)
       end
 
-      headers["Content-Length"] ||= body.map(&:bytesize).inject(0, :+).to_s
+      headers = Rack::Headers[headers] if Rack.release >= "3"
+      headers["Content-Length"] ||= body.respond_to?(:bytesize) ? body.bytesize.to_s :
+                                                                  body.map(&:bytesize).inject(0, :+).to_s
 
       [status, headers, body]
     end
@@ -481,19 +483,18 @@ class Shrine
     # `Content-Type` and `Content-Disposition` response headers from derivation
     # options and file extension of the derivation result.
     def file_response(file, env)
-      response = rack_file_response(file.path, env)
-
-      status = response[0]
+      status, headers, body = rack_file_response(file.path, env)
 
+      headers = Rack::Headers[headers] if Rack.release >= "3"
       headers = {
-        "Content-Type"        => type || response[1]["Content-Type"],
-        "Content-Length"      => response[1]["Content-Length"],
+        "Content-Type"        => type || headers["Content-Type"],
+        "Content-Length"      => headers["Content-Length"],
         "Content-Disposition" => content_disposition(file),
-        "Content-Range"       => response[1]["Content-Range"],
+        "Content-Range"       => headers["Content-Range"],
         "Accept-Ranges"       => "bytes",
       }.compact
 
-      body = Rack::BodyProxy.new(response[2]) { File.delete(file.path) }
+      body = Rack::BodyProxy.new(body) { File.delete(file.path) }
 
       file.close
 
@@ -514,8 +515,10 @@ class Shrine
 
       if upload_redirect
         redirect_url = uploaded_file.url(**upload_redirect_url_options)
+        headers = { "Location" => redirect_url }
+        headers = Rack::Headers[headers] if Rack.release >= "3"
 
-        [302, { "Location" => redirect_url }, []]
+        [302, headers, []]
       else
         if derivative && File.exist?(derivative.path)
           file_response(derivative, env)
@@ -555,7 +558,7 @@ class Shrine
       filename  = self.filename
       filename += File.extname(file.path) if File.extname(filename).empty?
 
-      ContentDisposition.format(disposition: disposition, filename: filename)
+      ContentDisposition.format(disposition:, filename:)
     end
   end
 
@@ -594,9 +597,9 @@ class Shrine
     end
 
     # Calls the derivation block.
-    def derive(*args)
+    def derive(*)
       instrument_derivation do
-        derivation.instance_exec(*args, &derivation_block)
+        derivation.instance_exec(*, &derivation_block)
       end
     end
 
@@ -604,7 +607,7 @@ class Shrine
     def instrument_derivation(&block)
       return yield unless shrine_class.respond_to?(:instrument)
 
-      shrine_class.instrument(:derivation, { derivation: derivation }, &block)
+      shrine_class.instrument(:derivation, { derivation: }, &block)
     end
 
     # Massages the derivation result, ensuring it's opened in binary mode,
@@ -643,22 +646,22 @@ class Shrine
     # Uploads the derivation result to the dedicated location on the storage.
     # If a file object is given, uploads that to the storage, otherwise calls
     # the derivation block and uploads the result.
-    def call(derivative = nil, **options)
+    def call(derivative = nil, **)
       if derivative
-        upload(derivative, **options)
+        upload(derivative, **)
       else
-        upload(derivation.generate, delete: true, **options)
+        upload(derivation.generate, delete: true, **)
       end
     end
 
     private
 
-    def upload(io, **options)
+    def upload(io, **)
       shrine_class.upload io, upload_storage,
         location:       upload_location,
         upload_options: upload_options,
         action:         :derivation,
-        **options
+        **
     end
   end
 

data/lib/shrine/plugins/derivatives.rb

@@ -459,9 +459,13 @@ class Shrine
         #     attacher.derivatives #=> { thumb: #<Shrine::UploadedFile> }
         #     attacher.change(file)
         #     attacher.derivatives #=> {}
+        #
+        #     # With keep_derivatives: true
+        #     attacher.change(file)
+        #     attacher.derivatives #=> { thumb: #<Shrine::UploadedFile> }
         def change(*)
           result = super
-          set_derivatives({})
+          set_derivatives({}) unless shrine_class.derivatives_options[:keep_derivatives]
           result
         end
 

data/lib/shrine/plugins/download_endpoint.rb

@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+require 'openssl'
+require 'base64'
+
 class Shrine
   module Plugins
     # Documentation can be found on https://shrinerb.com/docs/plugins/download_endpoint
@@ -16,11 +19,11 @@ class Shrine
 
       module ClassMethods
         # Returns the Rack application that retrieves requested files.
-        def download_endpoint(**options)
+        def download_endpoint(**)
           Shrine::DownloadEndpoint.new(
             shrine_class: self,
             **opts[:download_endpoint],
-            **options,
+            **,
           )
         end
 
@@ -30,7 +33,7 @@ class Shrine
         # It uses a trick where it removes the download path prefix from the
         # path info before calling the Rack app, which is what web framework
         # routers do before they're calling a mounted Rack app.
-        def download_response(env, **options)
+        def download_response(env, **)
           script_name = env["SCRIPT_NAME"]
           path_info   = env["PATH_INFO"]
 
@@ -43,7 +46,7 @@ class Shrine
             env["SCRIPT_NAME"] += match.to_s
             env["PATH_INFO"]    = match.post_match
 
-            download_endpoint(**options).call(env)
+            download_endpoint(**).call(env)
           ensure
             env["SCRIPT_NAME"] = script_name
             env["PATH_INFO"]   = path_info
@@ -53,8 +56,8 @@ class Shrine
 
       module FileMethods
         # Returns file URL on the download endpoint.
-        def download_url(**options)
-          FileUrl.new(self).call(**options)
+        def download_url(**)
+          FileUrl.new(self).call(**)
         end
       end
 
@@ -65,14 +68,36 @@ class Shrine
           @file = file
         end
 
-        def call(host: self.host)
-          [host, *prefix, path].join("/")
+        def call(host: self.host, expires_in: nil)
+          path = file.urlsafe_dump(metadata: %w[filename size mime_type])
+
+          query = signature_as_query(path: path, expires_in: expires_in)
+
+          path = [host, *prefix, path].join("/")
+          path += "?#{query}" if query
+          path
         end
 
         protected
 
-        def path
-          file.urlsafe_dump(metadata: %w[filename size mime_type])
+        def signature_as_query(path:, expires_in:)
+          expires_in = default_expires_in if expires_in.nil?
+          raise(Error, "secret_key is required for expiring URLs") if !secret_key && expires_in
+          raise(Error, "expires_in is required for expiring URLs") if secret_key && !expires_in
+
+          return nil unless expires_in
+
+          expires_at = (Time.now + expires_in).to_i
+          signature = OpenSSL::HMAC.digest(
+            OpenSSL::Digest::SHA256.new,
+            secret_key,
+            "#{path}--#{expires_at}"
+          )
+
+          Rack::Utils.build_query(
+            signature: Base64.urlsafe_encode64(signature),
+            expires_at: expires_at
+          )
         end
 
         def host
@@ -83,6 +108,14 @@ class Shrine
           options[:prefix]
         end
 
+        def default_expires_in
+          options[:expires_in]
+        end
+
+        def secret_key
+          options[:secret_key]
+        end
+
         def options
           file.shrine_class.opts[:download_endpoint]
         end
@@ -113,7 +146,9 @@ class Shrine
         handle_request(request)
       end
 
-      headers["Content-Length"] ||= body.map(&:bytesize).inject(0, :+).to_s
+      headers = Rack::Headers[headers] if Rack.release >= "3"
+      headers["Content-Length"] ||= body.respond_to?(:bytesize) ? body.bytesize.to_s :
+                                                                  body.map(&:bytesize).inject(0, :+).to_s
 
       [status, headers, body]
     end
@@ -127,6 +162,9 @@ class Shrine
 
     def handle_request(request)
       _, serialized, * = request.path_info.split("/")
+      signature, expires_at = request.params.values_at("signature", "expires_at")
+
+      check_signature!(serialized, signature, expires_at) if @secret_key
 
       uploaded_file = get_uploaded_file(serialized)
 
@@ -187,6 +225,22 @@ class Shrine
       bad_request!("Invalid serialized file")
     end
 
+    def check_signature!(serialized, signature, expires_at)
+      if expires_at && expires_at.to_i < Time.now.to_i
+        error!(400, "URL has expired")
+      end
+
+      calculated_signature = OpenSSL::HMAC.digest(
+        OpenSSL::Digest::SHA256.new,
+        @secret_key,
+        "#{serialized}--#{expires_at}"
+      )
+
+      if !Rack::Utils.secure_compare(signature, Base64.urlsafe_encode64(calculated_signature))
+        error!(403, "Signature does not match")
+      end
+    end
+
     def not_found!
       error!(404, "File Not Found")
     end

data/lib/shrine/plugins/entity.rb

@@ -10,7 +10,7 @@ class Shrine
 
       module AttachmentMethods
         # Defines instance methods on initialization.
-        def initialize(name, **options)
+        def initialize(name, **)
           super
 
           define_entity_methods(name)
@@ -59,16 +59,16 @@ class Shrine
 
         # Returns the class attacher instance with loaded entity. It's not
         # memoized because the entity object could be frozen.
-        def attacher(record, **options)
-          attacher = class_attacher(**options)
+        def attacher(record, **)
+          attacher = class_attacher(**)
           attacher.load_entity(record, @name)
           attacher
         end
 
         # Creates an instance of the corresponding attacher class with set
         # name.
-        def class_attacher(**options)
-          attacher = shrine_class::Attacher.new(**@options, **options)
+        def class_attacher(**)
+          attacher = shrine_class::Attacher.new(**@options, **)
           attacher.instance_variable_set(:@name, @name)
           attacher
         end
@@ -81,8 +81,8 @@ class Shrine
         #
         #     attacher = Attacher.from_entity(photo, :image)
         #     attacher.file #=> #<Shrine::UploadedFile>
-        def from_entity(record, name, **options)
-          attacher = new(**options)
+        def from_entity(record, name, **)
+          attacher = new(**)
           attacher.load_entity(record, name)
           attacher
         end

data/lib/shrine/plugins/infer_extension.rb

@@ -46,7 +46,7 @@ class Shrine
         def instrument_extension(mime_type, &block)
           return yield unless respond_to?(:instrument)
 
-          instrument(:extension, mime_type: mime_type, &block)
+          instrument(:extension, mime_type:, &block)
         end
       end
 

data/lib/shrine/plugins/instrumentation.rb

@@ -169,14 +169,14 @@ class Shrine
           end
         end
 
-        def library_send(method_name, *args, &block)
+        def library_send(method_name, ...)
           case notifications.to_s
           when /Dry::Monitor::Notifications/
-            send(:"dry_monitor_#{method_name}", *args, &block)
+            send(:"dry_monitor_#{method_name}", ...)
           when /ActiveSupport::Notifications/
-            send(:"active_support_#{method_name}", *args, &block)
+            send(:"active_support_#{method_name}", ...)
           else
-            notifications.send(method_name, *args, &block)
+            notifications.send(method_name, ...)
           end
         end
       end
@@ -224,14 +224,14 @@ class Shrine
           event.duration.to_i
         end
 
-        def library_send(method_name, *args, &block)
+        def library_send(method_name, ...)
           case event.class.name
           when "ActiveSupport::Notifications::Event"
-            send(:"active_support_#{method_name}", *args, &block)
+            send(:"active_support_#{method_name}", ...)
           when "Dry::Events::Event"
-            send(:"dry_events_#{method_name}", *args, &block)
+            send(:"dry_events_#{method_name}", ...)
           else
-            event.send(method_name, *args, &block)
+            event.send(method_name, ...)
           end
         end
       end

data/lib/shrine/plugins/mirroring.rb

@@ -51,9 +51,9 @@ class Shrine
 
       module InstanceMethods
         # Mirrors upload to other mirror storages.
-        def upload(io, mirror: true, **options)
-          file = super(io, **options)
-          file.trigger_mirror_upload(**options) if mirror
+        def upload(io, mirror: true, **)
+          file = super(io, **)
+          file.trigger_mirror_upload(**) if mirror
           file
         end
       end
@@ -61,31 +61,31 @@ class Shrine
       module FileMethods
         # Mirrors upload if mirrors are defined. Calls mirror block if
         # registered, otherwise mirrors synchronously.
-        def trigger_mirror_upload(**options)
+        def trigger_mirror_upload(**)
           return unless shrine_class.mirrors[storage_key] && shrine_class.mirror_upload?
 
           if shrine_class.mirror_upload_block
-            mirror_upload_background(**options)
+            mirror_upload_background(**)
           else
-            mirror_upload(**options)
+            mirror_upload(**)
           end
         end
 
         # Calls mirror upload block.
-        def mirror_upload_background(**options)
+        def mirror_upload_background(**)
           fail Error, "mirror upload block is not registered" unless shrine_class.mirror_upload_block
 
-          shrine_class.mirror_upload_block.call(self, **options)
+          shrine_class.mirror_upload_block.call(self, **)
         end
 
         # Uploads the file to each mirror storage.
-        def mirror_upload(**options)
+        def mirror_upload(**)
           previously_opened = opened?
 
           each_mirror do |mirror|
             rewind if opened?
 
-            shrine_class.upload(self, mirror, **options, location: id, close: false, action: :mirror)
+            shrine_class.upload(self, mirror, **, location: id, close: false, action: :mirror)
           end
         ensure
           if opened? && !previously_opened

data/lib/shrine/plugins/model.rb

@@ -18,8 +18,8 @@ class Shrine
         #
         #     Shrine::Attachment(:image)               # model (default)
         #     Shrine::Attachment(:image, model: false) # entity
-        def initialize(name, model: true, **options)
-          super(name, **options)
+        def initialize(name, model: true, **)
+          super(name, **)
           @model = model
         end
 
@@ -82,16 +82,16 @@ class Shrine
         #
         #     attacher = Attacher.from_model(photo, :image)
         #     attacher.file #=> #<Shrine::UploadedFile>
-        def from_model(record, name, **options)
-          attacher = new(**options)
+        def from_model(record, name, **)
+          attacher = new(**)
           attacher.load_model(record, name)
           attacher
         end
       end
 
       module AttacherMethods
-        def initialize(model_cache: shrine_class.opts[:model][:cache], **options)
-          super(**options)
+        def initialize(model_cache: shrine_class.opts[:model][:cache], **)
+          super(**)
           @model_cache = model_cache
           @model       = nil
         end
@@ -111,11 +111,11 @@ class Shrine
         end
 
         # Called by the attachment attribute setter on the model.
-        def model_assign(value, **options)
+        def model_assign(value, **)
           if model_cache?
-            assign(value, **options)
+            assign(value, **)
           else
-            attach(value, **options)
+            attach(value, **)
           end
         end