tus-server 0.2.0 → 0.9.0

data/lib/tus/input.rb

@@ -0,0 +1,31 @@
+module Tus
+  class Input
+    def initialize(input)
+      @input = input
+      @bytes_read = 0
+    end
+
+    def read(*args)
+      result = @input.read(*args)
+      @bytes_read += result.bytesize if result.is_a?(String)
+      result
+    end
+
+    def eof?
+      @bytes_read == size
+    end
+
+    def rewind
+      @input.rewind
+      @bytes_read = 0
+    end
+
+    def size
+      @input.size
+    end
+
+    def close
+      # Rack input shouldn't be closed, we just support the interface
+    end
+  end
+end

data/lib/tus/server.rb

@@ -2,10 +2,12 @@ require "roda"
 
 require "tus/storage/filesystem"
 require "tus/info"
-require "tus/expirator"
+require "tus/input"
 require "tus/checksum"
+require "tus/errors"
 
 require "securerandom"
+require "time"
 
 module Tus
   class Server < Roda
@@ -20,18 +22,18 @@ module Tus
     SUPPORTED_CHECKSUM_ALGORITHMS = %w[sha1 sha256 sha384 sha512 md5 crc32]
     RESUMABLE_CONTENT_TYPE = "application/offset+octet-stream"
 
-    opts[:max_size]            = 1024*1024*1024
-    opts[:expiration_time]     = 7*24*60*60
-    opts[:expiration_interval] = 60*60
+    opts[:max_size]        = 1024*1024*1024
+    opts[:expiration_time] = 7*24*60*60
+    opts[:disposition]     = "inline"
 
     plugin :all_verbs
     plugin :delete_empty_headers
     plugin :request_headers
     plugin :not_allowed
+    plugin :streaming
+    plugin :error_handler
 
     route do |r|
-      expire_files
-
       if request.headers["X-HTTP-Method-Override"]
         request.env["REQUEST_METHOD"] = request.headers["X-HTTP-Method-Override"]
       end
@@ -56,12 +58,12 @@ module Tus
         end
 
         r.post do
-          validate_upload_concat! if request.headers["Upload-Concat"]
           validate_upload_length! unless request.headers["Upload-Concat"].to_s.start_with?("final") || request.headers["Upload-Defer-Length"] == "1"
           validate_upload_metadata! if request.headers["Upload-Metadata"]
+          validate_upload_concat! if request.headers["Upload-Concat"]
 
-          uid = SecureRandom.hex
-          info = Info.new(
+          uid  = SecureRandom.hex
+          info = Tus::Info.new(
             "Upload-Length"       => request.headers["Upload-Length"],
             "Upload-Offset"       => "0",
             "Upload-Defer-Length" => request.headers["Upload-Defer-Length"],
@@ -70,23 +72,17 @@ module Tus
             "Upload-Expires"      => (Time.now + expiration_time).httpdate,
           )
 
-          storage.create_file(uid, info.to_h)
-
-          if info.final_upload?
-            length = info.partial_uploads.inject(0) do |length, partial_uid|
-              content = storage.read_file(partial_uid)
-              storage.patch_file(uid, content)
-              storage.delete_file(partial_uid)
-              length += content.length
-            end
-
+          if info.concatenation?
+            length = storage.concatenate(uid, info.partial_uploads, info.to_h)
             info["Upload-Length"] = length.to_s
             info["Upload-Offset"] = length.to_s
-
-            storage.update_info(uid, info.to_h)
+          else
+            storage.create_file(uid, info.to_h)
           end
 
-          response.headers.update(info.to_h)
+          storage.update_info(uid, info.to_h)
+
+          response.headers.update(info.headers)
 
           file_url = "#{request.url.chomp("/")}/#{uid}"
           created!(file_url)
@@ -105,84 +101,74 @@ module Tus
           no_content!
         end
 
-        r.delete do
-          storage.delete_file(uid)
-
-          no_content!
-        end
-
-        not_found! unless storage.file_exists?(uid)
-
-        r.get do
-          path = storage.download_file(uid)
-          info = Info.new(storage.read_info(uid))
-
-          server = Rack::File.new(File.dirname(path))
-
-          result = if ::Rack.release > "2"
-                     server.serving(request, path)
-                   else
-                     server = server.dup
-                     server.path = path
-                     server.serving(env)
-                   end
-
-          response.status = result[0]
-          response.headers.update(result[1])
-
-          metadata = info.metadata
-          response.headers["Content-Disposition"] = "attachment; filename=\"#{metadata["filename"]}\"" if metadata["filename"]
-          response.headers["Content-Type"] = metadata["content_type"] if metadata["content_type"]
-
-          request.halt response.finish_with_body(result[2])
-        end
+        info = Tus::Info.new(storage.read_info(uid))
 
         r.head do
-          info = storage.read_info(uid)
-
-          response.headers.update(info.to_h)
+          response.headers.update(info.headers)
           response.headers["Cache-Control"] = "no-store"
 
           no_content!
         end
 
         r.patch do
-          validate_content_type!
-
-          content = request.body.read
-          info = Info.new(storage.read_info(uid))
+          input = Tus::Input.new(request.body)
 
-          if info.defer_length?
+          if info.defer_length? && request.headers["Upload-Length"]
             validate_upload_length!
+
             info["Upload-Length"] = request.headers["Upload-Length"]
             info["Upload-Defer-Length"] = nil
           end
 
-          validate_upload_checksum!(content) if request.headers["Upload-Checksum"]
+          validate_content_type!
+          validate_content_length!(info.offset, info.length)
           validate_upload_offset!(info.offset)
-          validate_content_length!(content, info.remaining_length)
+          validate_upload_checksum!(input) if request.headers["Upload-Checksum"]
 
-          storage.patch_file(uid, content)
+          storage.patch_file(uid, input, info.to_h)
 
-          info["Upload-Offset"] = (info.offset + content.length).to_s
+          info["Upload-Offset"] = (info.offset + input.size).to_s
           info["Upload-Expires"] = (Time.now + expiration_time).httpdate
 
           storage.update_info(uid, info.to_h)
-          response.headers.update(info.to_h)
+          response.headers.update(info.headers)
+
+          no_content!
+        end
+
+        r.get do
+          validate_upload_finished!(info.length, info.offset)
+          range = handle_range_request!(info.length)
+
+          response.headers["Content-Length"] = (range.end - range.begin + 1).to_s
+
+          metadata = info.metadata
+          response.headers["Content-Disposition"] = opts[:disposition]
+          response.headers["Content-Disposition"] << "; filename=\"#{metadata["filename"]}\"" if metadata["filename"]
+          response.headers["Content-Type"] = metadata["content_type"] if metadata["content_type"]
+
+          response = storage.get_file(uid, info.to_h, range: range)
+
+          stream(callback: ->{response.close}) do |out|
+            response.each { |chunk| out << chunk }
+          end
+        end
+
+        r.delete do
+          storage.delete_file(uid, info.to_h)
 
           no_content!
         end
       end
     end
 
-    def expire_files
-      expirator = Expirator.new(storage, interval: expiration_interval)
-      expirator.expire_files!
+    error do |exception|
+      not_found! if exception.is_a?(Tus::NotFound)
+      raise
     end
 
     def validate_content_type!
-      content_type = request.headers["Content-Type"]
-      error!(415, "Invalid Content-Type header") if content_type != RESUMABLE_CONTENT_TYPE
+      error!(415, "Invalid Content-Type header") if request.content_type != RESUMABLE_CONTENT_TYPE
     end
 
     def validate_tus_resumable!
@@ -218,9 +204,17 @@ module Tus
       end
     end
 
-    def validate_content_length!(content, remaining_length)
-      error!(403, "Cannot modify completed upload") if remaining_length == 0
-      error!(413, "Size of this chunk surpasses Upload-Length") if content.length > remaining_length
+    def validate_content_length!(current_offset, length)
+      if length
+        error!(403, "Cannot modify completed upload") if current_offset == length
+        error!(413, "Size of this chunk surpasses Upload-Length") if Integer(request.content_length) + current_offset > length
+      else
+        error!(413, "Size of this chunk surpasses Tus-Max-Size") if Integer(request.content_length) + current_offset > max_size
+      end
+    end
+
+    def validate_upload_finished!(length, current_offset)
+      error!(403, "Cannot download unfinished upload") unless length && current_offset && length == current_offset
     end
 
     def validate_upload_metadata!
@@ -250,15 +244,40 @@ module Tus
       end
     end
 
-    def validate_upload_checksum!(content)
+    def validate_upload_checksum!(input)
       algorithm, checksum = request.headers["Upload-Checksum"].split(" ")
 
       error!(400, "Invalid Upload-Checksum header") if algorithm.nil? || checksum.nil?
       error!(400, "Invalid Upload-Checksum header") unless SUPPORTED_CHECKSUM_ALGORITHMS.include?(algorithm)
 
-      unless Checksum.new(algorithm).match?(checksum, content)
-        error!(460, "Checksum from Upload-Checksum header doesn't match generated")
+      generated_checksum = Tus::Checksum.generate(algorithm, input)
+      error!(460, "Checksum from Upload-Checksum header doesn't match generated") if generated_checksum != checksum
+    end
+
+    # "Range" header handling logic copied from Rack::File
+    def handle_range_request!(length)
+      if Rack.release >= "2.0"
+        ranges = Rack::Utils.get_byte_ranges(request.headers["Range"], length)
+      else
+        ranges = Rack::Utils.byte_ranges(request.env, length)
+      end
+
+      if ranges.nil? || ranges.length > 1
+        # No ranges, or multiple ranges (which we don't support):
+        response.status = 200
+        range = 0..length-1
+      elsif ranges.empty?
+        # Unsatisfiable. Return error, and file size:
+        response.headers["Content-Range"] = "bytes */#{length}"
+        error!(416, "Byte range unsatisfiable")
+      else
+        # Partial content:
+        range = ranges[0]
+        response.status = 206
+        response.headers["Content-Range"] = "bytes #{range.begin}-#{range.end}/#{length}"
       end
+
+      range
     end
 
     def handle_cors!

data/lib/tus/storage/filesystem.rb

@@ -1,5 +1,8 @@
+require "tus/errors"
+
 require "pathname"
 require "json"
+require "fileutils"
 
 module Tus
   module Storage
@@ -13,54 +16,90 @@ module Tus
       end
 
       def create_file(uid, info = {})
-        write(file_path(uid), "")
-        write(info_path(uid), info.to_json)
+        file_path(uid).open("wb") { |file| file.write("") }
       end
 
-      def file_exists?(uid)
-        file_path(uid).exist? && info_path(uid).exist?
-      end
+      def concatenate(uid, part_uids, info = {})
+        file_path(uid).open("wb") do |file|
+          begin
+            part_uids.each do |part_uid|
+              IO.copy_stream(file_path(part_uid), file)
+            end
+          rescue Errno::ENOENT
+            raise Tus::Error, "some parts for concatenation are missing"
+          end
+        end
 
-      def read_file(uid)
-        file_path(uid).binread
-      end
+        delete(part_uids)
 
-      def patch_file(uid, content)
-        write(file_path(uid), content, mode: "ab")
+        # server requires us to return the size of the concatenated file
+        file_path(uid).size
       end
 
-      def download_file(uid)
-        file_path(uid).to_s
-      end
+      def patch_file(uid, io, info = {})
+        raise Tus::NotFound if !file_path(uid).exist?
 
-      def delete_file(uid)
-        if file_exists?(uid)
-          file_path(uid).delete
-          info_path(uid).delete
-        end
+        file_path(uid).open("ab") { |file| IO.copy_stream(io, file) }
       end
 
       def read_info(uid)
-        data = info_path(uid).binread
+        raise Tus::NotFound if !file_path(uid).exist?
+
+        begin
+          data = info_path(uid).binread
+        rescue Errno::ENOENT
+          data = "{}"
+        end
+
         JSON.parse(data)
       end
 
       def update_info(uid, info)
-        write(info_path(uid), info.to_json)
+        info_path(uid).open("wb") { |file| file.write(info.to_json) }
+      end
+
+      def get_file(uid, info = {}, range: nil)
+        raise Tus::NotFound if !file_path(uid).exist?
+
+        file = file_path(uid).open("rb")
+        range ||= 0..file.size-1
+
+        chunks = Enumerator.new do |yielder|
+          file.seek(range.begin)
+          remaining_length = range.end - range.begin + 1
+          buffer = ""
+
+          while remaining_length > 0
+            chunk = file.read([16*1024, remaining_length].min, buffer)
+            break unless chunk
+            remaining_length -= chunk.length
+
+            yielder << chunk
+          end
+        end
+
+        Response.new(chunks: chunks, close: ->{file.close})
       end
 
-      def list_files
-        paths = Dir[directory.join("*.file")]
-        paths.map { |path| File.basename(path, ".file") }
+      def delete_file(uid, info = {})
+        delete([uid])
       end
 
-      private
+      def expire_files(expiration_date)
+        uids = []
 
-      def write(pathname, content, mode: "wb")
-        pathname.open(mode) do |file|
-          file.sync = true
-          file.write(content)
+        Pathname.glob(directory.join("*.file")).each do |pathname|
+          uids << pathname.basename(".*") if pathname.mtime <= expiration_date
         end
+
+        delete(uids)
+      end
+
+      private
+
+      def delete(uids)
+        paths = uids.flat_map { |uid| [file_path(uid), info_path(uid)] }
+        FileUtils.rm_f paths
       end
 
       def file_path(uid)
@@ -75,6 +114,21 @@ module Tus
         directory.mkpath
         directory.chmod(0755)
       end
+
+      class Response
+        def initialize(chunks:, close:)
+          @chunks = chunks
+          @close  = close
+        end
+
+        def each(&block)
+          @chunks.each(&block)
+        end
+
+        def close
+          @close.call
+        end
+      end
     end
   end
 end