sufia 7.4.0 → 7.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -7
- data/app/actors/sufia/create_with_remote_files_actor.rb +22 -0
- data/lib/generators/sufia/templates/config/sufia.rb +16 -0
- data/lib/sufia/configuration.rb +11 -0
- data/lib/sufia/version.rb +1 -1
- data/spec/actors/sufia/create_with_remote_files_actor_spec.rb +38 -0
- data/spec/lib/sufia/configuration_spec.rb +1 -0
- data/template.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6c8f5591add2605e15e1672bc6667a31ddfe5b8f
|
4
|
+
data.tar.gz: 63262f7ca069a856cc3aff1f8b5572e067d2f45b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5bb4673648eca734f7a73ce87ad6bd5431020f7e941996cdfc1a8d753411fd8d46c39db23e65b39466f6b1a9738a0ef63aeb073cb555802ae2d596794da63195
|
7
|
+
data.tar.gz: e028b8e41dcedbd32274d2b3eb3f54f8c0bf3407a936da99ba4d429053624b79dc27506e629439cd4b00de0a11ff6660db2bc15e20f0a5baa4b6a0c09d3c3398
|
data/README.md
CHANGED
@@ -12,7 +12,7 @@ Docs: [![Documentation Status](https://inch-ci.org/github/samvera/sufia.svg?bran
|
|
12
12
|
[![Contribution Guidelines](http://img.shields.io/badge/CONTRIBUTING-Guidelines-blue.svg)](./.github/CONTRIBUTING.md)
|
13
13
|
[![Apache 2.0 License](http://img.shields.io/badge/APACHE2-license-blue.svg)](./LICENSE)
|
14
14
|
|
15
|
-
Jump in: [![Slack Status](http://slack.
|
15
|
+
Jump in: [![Slack Status](http://slack.samvera.org/badge.svg)](http://slack.samvera.org/)
|
16
16
|
[![Ready Tickets](https://badge.waffle.io/samvera/sufia.png?label=ready&title=Ready)](https://waffle.io/samvera/sufia)
|
17
17
|
|
18
18
|
# Table of Contents
|
@@ -41,7 +41,7 @@ Jump in: [![Slack Status](http://slack.projecthydra.org/badge.svg)](http://slack
|
|
41
41
|
|
42
42
|
# What is Sufia?
|
43
43
|
|
44
|
-
Sufia uses the full power of [
|
44
|
+
Sufia uses the full power of [Samvera](http://samvera.org/) and extends it to provide a user interface around common repository features and social features (see below). Sufia offers self-deposit and proxy deposit workflows, and mediated deposit workflows are being developed in a community sprint running from September-December 2016. Sufia delivers its rich and growing set of features via a modern, responsive user interface. It is implemented as a Rails engine, so it is meant to be added to existing Rails apps.
|
45
45
|
|
46
46
|
## Feature list
|
47
47
|
|
@@ -51,12 +51,12 @@ For non-technical documentation about Sufia, see its [documentation site](http:/
|
|
51
51
|
|
52
52
|
# Help
|
53
53
|
|
54
|
-
If you have questions or need help, please email [the
|
54
|
+
If you have questions or need help, please email [the Samvera community tech list](mailto:samvera-tech@googlegroups.com) or stop by the #dev channel in [the Samvera community Slack team](https://wiki.duraspace.org/pages/viewpage.action?pageId=43910187#Getintouch!-Slack).
|
55
55
|
|
56
56
|
# Getting started
|
57
57
|
|
58
58
|
This document contains instructions specific to setting up an app with __Sufia
|
59
|
-
v7.4.
|
59
|
+
v7.4.1__. If you are looking for instructions on installing a different
|
60
60
|
version, be sure to select the appropriate branch or tag from the drop-down
|
61
61
|
menu above.
|
62
62
|
|
@@ -211,9 +211,9 @@ See the [release management process](https://github.com/samvera/sufia/wiki/Relea
|
|
211
211
|
|
212
212
|
# Acknowledgments
|
213
213
|
|
214
|
-
This software has been developed by and is brought to you by the
|
215
|
-
[
|
214
|
+
This software has been developed by and is brought to you by the Samvera community. Learn more at the
|
215
|
+
[Samvera website](http://samvera.org/).
|
216
216
|
|
217
|
-
![
|
217
|
+
![Samvera Logo](http://sufia.io/assets/images/samvera_logo.png)
|
218
218
|
|
219
219
|
The Sufia logo uses the Hong Kong Hustle font, thanks to [Iconian's](http://www.iconian.com/) non-commercial use policy.
|
@@ -19,6 +19,10 @@ module Sufia
|
|
19
19
|
return true unless remote_files
|
20
20
|
remote_files.each do |file_info|
|
21
21
|
next if file_info.blank? || file_info[:url].blank?
|
22
|
+
unless validate_remote_url(file_info[:url])
|
23
|
+
Rails.logger.error "User #{user.user_key} attempted to ingest file from url #{file_info[:url]}, which doesn't pass validation"
|
24
|
+
return false
|
25
|
+
end
|
22
26
|
create_file_from_url(file_info[:url], file_info[:file_name])
|
23
27
|
end
|
24
28
|
true
|
@@ -44,5 +48,23 @@ module Sufia
|
|
44
48
|
CurationConcerns::Operation.create!(user: user,
|
45
49
|
operation_type: "Attach Remote File")
|
46
50
|
end
|
51
|
+
|
52
|
+
def validate_remote_url(url)
|
53
|
+
uri = URI.parse(URI.encode(url))
|
54
|
+
if uri.scheme == 'file'
|
55
|
+
path = File.absolute_path(URI.decode(uri.path))
|
56
|
+
whitelisted_ingest_dirs.any? do |dir|
|
57
|
+
path.start_with?(dir) && path.length > dir.length
|
58
|
+
end
|
59
|
+
else
|
60
|
+
# TODO: It might be a good idea to validate other URLs as well.
|
61
|
+
# The server can probably access URLs the user can't.
|
62
|
+
true
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
def whitelisted_ingest_dirs
|
67
|
+
Sufia.config.whitelisted_ingest_dirs
|
68
|
+
end
|
47
69
|
end
|
48
70
|
end
|
@@ -101,6 +101,22 @@ Sufia.config do |config|
|
|
101
101
|
# If you use a multi-server architecture, this MUST be a shared volume.
|
102
102
|
# config.derivatives_path = File.join(Rails.root, 'tmp', 'derivatives')
|
103
103
|
|
104
|
+
## Whitelist all directories which can be used to ingest from the local file
|
105
|
+
# system.
|
106
|
+
#
|
107
|
+
# Any file, and only those, that is anywhere under one of the specified
|
108
|
+
# directories can be used by CreateWithRemoteFilesActor to add local files
|
109
|
+
# to works. Files uploaded by the user are handled separately and the
|
110
|
+
# temporary directory for those need not be included here.
|
111
|
+
#
|
112
|
+
# Default value includes BrowseEverything.config['file_system'][:home] if it
|
113
|
+
# is set, otherwise default is an empty list. You should only need to change
|
114
|
+
# this if you have custom ingestions using CreateWithRemoteFilesActor to
|
115
|
+
# ingest files from the file system that are not part of the BrowseEverything
|
116
|
+
# mount point.
|
117
|
+
#
|
118
|
+
# config.whitelisted_ingest_dirs = []
|
119
|
+
|
104
120
|
# If browse-everything has been configured, load the configs. Otherwise, set to nil.
|
105
121
|
begin
|
106
122
|
if defined? BrowseEverything
|
data/lib/sufia/configuration.rb
CHANGED
@@ -155,5 +155,16 @@ module Sufia
|
|
155
155
|
def model_to_create
|
156
156
|
@model_to_create ||= ->(_attributes) { Sufia.primary_work_type.model_name.name }
|
157
157
|
end
|
158
|
+
|
159
|
+
attr_writer :whitelisted_ingest_dirs
|
160
|
+
# List of directories which can be used for local file system ingestion.
|
161
|
+
def whitelisted_ingest_dirs
|
162
|
+
@whitelisted_ingest_dirs ||= \
|
163
|
+
if defined? BrowseEverything
|
164
|
+
Array.wrap(BrowseEverything.config['file_system'].try(:[], :home)).compact
|
165
|
+
else
|
166
|
+
[]
|
167
|
+
end
|
168
|
+
end
|
158
169
|
end
|
159
170
|
end
|
data/lib/sufia/version.rb
CHANGED
@@ -51,11 +51,27 @@ describe Sufia::CreateWithRemoteFilesActor do
|
|
51
51
|
file_name: "here.txt" }]
|
52
52
|
end
|
53
53
|
|
54
|
+
before do
|
55
|
+
allow(Sufia.config).to receive(:whitelisted_ingest_dirs).and_return(["/local/file/"])
|
56
|
+
end
|
57
|
+
|
54
58
|
it "attaches files" do
|
55
59
|
expect(IngestLocalFileJob).to receive(:perform_later).with(FileSet, "/local/file/here.txt", user)
|
56
60
|
expect(actor.create(attributes)).to be true
|
57
61
|
end
|
58
62
|
|
63
|
+
context "with files from non-whitelisted directories" do
|
64
|
+
let(:file) { "file:///local/otherdir/test.txt" }
|
65
|
+
|
66
|
+
# rubocop:disable RSpec/AnyInstance
|
67
|
+
it "doesn't attach files" do
|
68
|
+
expect_any_instance_of(described_class).to receive(:validate_remote_url).and_call_original
|
69
|
+
expect(IngestLocalFileJob).not_to receive(:perform_later)
|
70
|
+
expect(actor.create(attributes)).to be false
|
71
|
+
end
|
72
|
+
# rubocop:enable RSpec/AnyInstance
|
73
|
+
end
|
74
|
+
|
59
75
|
context "with spaces" do
|
60
76
|
let(:file) { "file:///local/file/ pigs .txt" }
|
61
77
|
it "attaches files" do
|
@@ -64,4 +80,26 @@ describe Sufia::CreateWithRemoteFilesActor do
|
|
64
80
|
end
|
65
81
|
end
|
66
82
|
end
|
83
|
+
|
84
|
+
describe "#validate_remote_url" do
|
85
|
+
before do
|
86
|
+
allow(Sufia.config).to receive(:whitelisted_ingest_dirs).and_return(['/test/', '/local/file/'])
|
87
|
+
end
|
88
|
+
|
89
|
+
it "accepts file: urls in whitelisted directories" do
|
90
|
+
expect(actor.actor.send(:validate_remote_url, "file:///local/file/test.txt")).to be true
|
91
|
+
expect(actor.actor.send(:validate_remote_url, "file:///local/file/subdirectory/test.txt")).to be true
|
92
|
+
expect(actor.actor.send(:validate_remote_url, "file:///test/test.txt")).to be true
|
93
|
+
end
|
94
|
+
|
95
|
+
it "rejects file: urls outside whitelisted directories" do
|
96
|
+
expect(actor.actor.send(:validate_remote_url, "file:///tmp/test.txt")).to be false
|
97
|
+
expect(actor.actor.send(:validate_remote_url, "file:///test/../tmp/test.txt")).to be false
|
98
|
+
expect(actor.actor.send(:validate_remote_url, "file:///test/")).to be false
|
99
|
+
end
|
100
|
+
|
101
|
+
it "accepts other types of urls" do
|
102
|
+
expect(actor.actor.send(:validate_remote_url, "https://example.com/test.txt")).to be true
|
103
|
+
end
|
104
|
+
end
|
67
105
|
end
|
data/template.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sufia
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.4.
|
4
|
+
version: 7.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Coyne
|
@@ -12,7 +12,7 @@ authors:
|
|
12
12
|
autorequire:
|
13
13
|
bindir: bin
|
14
14
|
cert_chain: []
|
15
|
-
date: 2017-
|
15
|
+
date: 2017-10-10 00:00:00.000000000 Z
|
16
16
|
dependencies:
|
17
17
|
- !ruby/object:Gem::Dependency
|
18
18
|
name: hydra-works
|
@@ -1769,7 +1769,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
1769
1769
|
version: '0'
|
1770
1770
|
requirements: []
|
1771
1771
|
rubyforge_project:
|
1772
|
-
rubygems_version: 2.
|
1772
|
+
rubygems_version: 2.6.10
|
1773
1773
|
signing_key:
|
1774
1774
|
specification_version: 4
|
1775
1775
|
summary: Sufia was originally extracted from ScholarSphere developed by Penn State
|