vigilion-rails 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 01e901bc9f20315c84b9cbbb0b6c71ed82fc4ab8
+  data.tar.gz: b5c38585a91c7da6c76de2456c4654f3023b900c
+SHA512:
+  metadata.gz: 388400a8bc15441dfc68415f24dafb069c9e736514f5b5e4e9ba4d1a21abece700e66aeaf527185fa3cfff98de7e411252550f9f699a3fe11f84a4cf8039c3d4
+  data.tar.gz: 310542b30ee4d339a470e0c9fec30dbbc28b793d1bda9ac3d89c30449114d33c10f41c309631fcde9fe48a4895aa824271259e8ff59ef549cf8f9fbf5c19d6a8

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2015 Bit Zesty Ltd
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,33 @@
+begin
+  require "bundler/setup"
+rescue LoadError
+  puts "You must `gem install bundler` and `bundle install` to run rake tasks"
+end
+
+require "rdoc/task"
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = "rdoc"
+  rdoc.title    = "VigilionRails"
+  rdoc.options << "--line-numbers"
+  rdoc.rdoc_files.include("README.rdoc")
+  rdoc.rdoc_files.include("lib/**/*.rb")
+end
+
+APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+Bundler::GemHelper.install_tasks
+
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "lib"
+  t.libs << "test"
+  t.pattern = "test/**/*_test.rb"
+  t.verbose = false
+end
+
+task default: :test

data/app/controllers/vigilion/vigilion_controller.rb

@@ -0,0 +1,21 @@
+class Vigilion::VigilionController < ActionController::Base
+  skip_before_filter :verify_authenticity_token
+  before_action :verify_api_auth
+
+  def callback
+    identity = JSON.parse(params[:key])
+    model = identity["model"].constantize.find(identity["id"])
+    on_scan = "on_scan_#{identity["column"]}"
+    if model.present? && model.respond_to?(on_scan)
+      model.send(on_scan, params)
+    end
+    head :ok
+  end
+
+private
+  def verify_api_auth
+    unless Vigilion::HTTP.digest(request.raw_post) == request.headers["X-Request-Signature"]
+      render json: { message: "unauthorized" }, status: 401
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,3 @@
+Rails.application.routes.draw do
+  post "/vigilion/callback", to: "vigilion/vigilion#callback"
+end

data/lib/generators/vigilion/install_generator.rb

@@ -0,0 +1,22 @@
+class Vigilion::InstallGenerator < Rails::Generators::Base
+  def create_initializer_file
+    create_file "config/initializers/vigilion.rb", <<INITIALIZER
+Vigilion.configure do |config|
+  config.access_key_id = ENV["VIGILION_ACCESS_KEY_ID"]
+  config.secret_access_key = ENV["VIGILION_SECRET_ACCESS_KEY"]
+
+  # Integration strategy (default is :url)
+  # config.integration = :local
+
+  # By default vigilion will be bypassed in development and test environments.
+  # Disable vigilion scanning entirely even in production environments:
+  # config.loopback = true
+  # Enable vigilion scanning even in development and test environments:
+  # (Note that the callback URL probably won't be reached)
+  # config.loopback = false
+  # Specify different loopback_response (default is 'clean')
+  # config.loopback_response = 'infected'
+end
+INITIALIZER
+  end
+end

data/lib/generators/vigilion/scan/USAGE

@@ -0,0 +1,7 @@
+Description:
+    Generates a migration to prepare the database schema to support virus scanning for a particular model.
+
+Example:
+    rails generate scan Model attachment
+
+    This will create a migration which adds a `attachment_scan_results' column to `models' table.

data/lib/generators/vigilion/scan/scan_generator.rb

@@ -0,0 +1,20 @@
+require 'rails/generators'
+require 'rails/generators/migration'
+
+class Vigilion::ScanGenerator < Rails::Generators::Base
+  include Rails::Generators::Migration
+  source_root File.expand_path('../templates', __FILE__)
+  argument :model_name, :type => :string
+  argument :attribute_name, :type => :string
+
+  def self.next_migration_number(path)
+    Time.now.utc.strftime("%Y%m%d%H%M%S")
+  end
+
+  def create_model_file
+    @table_name = model_name.tableize
+    @column_name = "#{attribute_name}_scan_results"
+    @migration_name = "vigilion_scan_#{@table_name}_#{attribute_name}"
+    migration_template "add_scan_results_columns.rb.erb", "db/migrate/#{@migration_name}.rb"
+  end
+end

data/lib/generators/vigilion/scan/templates/add_scan_results_columns.rb.erb

@@ -0,0 +1,5 @@
+class <%= @migration_name.classify %> < ActiveRecord::Migration
+  def change
+    add_column :<%= @table_name %>, :<%= @column_name %>, :string
+  end
+end

data/lib/tasks/vigilion.rake

@@ -0,0 +1,12 @@
+namespace :vigilion do
+  desc "Ensure vigilion credentials are valid and can connect to the server"
+  task test: :environment do
+    project = Vigilion::HTTP.new.validate
+
+    puts "Credentials OK!"
+    puts "  Project: #{project['name']}"
+    puts "  Callback: #{project['callback_url']}"
+
+  end
+
+end

data/lib/vigilion-rails.rb

@@ -0,0 +1,55 @@
+require "vigilion-rails/engine"
+require "vigilion-rails/integrations/url_integration"
+require "vigilion-rails/integrations/local_integration"
+require "vigilion-rails/configuration"
+
+module VigilionRails
+
+  module ActiveRecord
+    def scan_file column, options={}
+      default = { scan_column: "#{column}_scan_results", integration: Vigilion::Configuration.integration }
+      options = default.merge(options)
+      integration_class = "VigilionRails::#{options[:integration].to_s.camelize}Integration"
+      class_eval <<-RUBY, __FILE__, __LINE__+1
+
+        def scan_#{column}!
+          key = { model: self.class.name, column: '#{column}', id: id }.to_json
+
+          if Vigilion::Configuration.loopback
+            logger.info 'vigilion scan request was simulated'
+
+            self.class.find(id).on_scan_#{column} status: Vigilion::Configuration.loopback_response
+          else
+            #{integration_class}.new.scan key, self, :#{column}
+          end
+          @#{column}_old_url = #{column}.url
+          return true
+        end
+
+        # Vigilion service callback
+        def on_scan_#{column} params
+          update_attribute('#{options[:scan_column]}', params[:status])
+        end
+
+        after_initialize :remember_#{column}_url
+        after_save :check_scan_#{column}
+
+        def remember_#{column}_url
+          @#{column}_old_url = #{column}.try(:url) unless new_record?
+        end
+
+        def check_scan_#{column}
+          if @#{column}_old_url != #{column}.url
+            scan_#{column}!
+          end
+        end
+
+        def clean?
+          #{options[:scan_column]} == "clean"
+        end
+      RUBY
+    end
+  end
+end
+
+ActiveRecord::Base.extend VigilionRails::ActiveRecord

data/lib/vigilion-rails/configuration.rb

@@ -0,0 +1,13 @@
+module VigilionRails
+  class Configuration < Rails::Railtie
+    initializer "configuration.configure_default_values" do
+      # Sets default configuration.
+      # Please see https://github.com/vigilion/vigilion-ruby/blob/master/lib/vigilion/configuration.rb
+      Vigilion.configure do |config|
+        config.integration = :url
+        config.loopback = Rails.env.development? || Rails.env.test?
+        config.loopback_response = 'clean'
+      end
+    end
+  end
+end

data/lib/vigilion-rails/engine.rb

@@ -0,0 +1,10 @@
+module VigilionRails
+  class Engine < ::Rails::Engine
+    isolate_namespace VigilionRails
+
+    config.generators do |g|
+      g.test_framework :rspec
+      g.fixture_replacement :factory_girl, :dir => 'spec/factories'
+    end
+  end
+end

data/lib/vigilion-rails/integrations/local_integration.rb

@@ -0,0 +1,7 @@
+module VigilionRails
+  class LocalIntegration
+    def scan(key, model, column)
+      Vigilion.scan_path(key, model.send(column).path)
+    end
+  end
+end

data/lib/vigilion-rails/integrations/url_integration.rb

@@ -0,0 +1,7 @@
+module VigilionRails
+  class UrlIntegration
+    def scan(key, model, column)
+      Vigilion.scan_url(key, model.send(column).url)
+    end
+  end
+end

data/lib/vigilion-rails/version.rb

@@ -0,0 +1,3 @@
+module VigilionRails
+  VERSION = "1.0.0"
+end

data/spec/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/spec/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/spec/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/spec/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy/app/models/agnostic_document.rb

@@ -0,0 +1,7 @@
+class AgnosticDocument < ActiveRecord::Base
+  scan_file :attachment
+
+  def attachment
+    OpenStruct.new(url: attachment_url)
+  end
+end

data/spec/dummy/app/models/carrierwave_document.rb

@@ -0,0 +1,4 @@
+class CarrierwaveDocument < ActiveRecord::Base
+  mount_uploader :attachment, AttachmentUploader
+  scan_file :attachment, integration: :local
+end

data/spec/dummy/app/models/dragonfly_document.rb

@@ -0,0 +1,4 @@
+class DragonflyDocument < ActiveRecord::Base
+  dragonfly_accessor :attachment
+  scan_file :attachment
+end

data/spec/dummy/app/models/paperclip_document.rb

@@ -0,0 +1,4 @@
+class PaperclipDocument < ActiveRecord::Base
+  has_attached_file :attachment, :styles => { :medium => "300x300>", :thumb => "100x100>" }, :default_url => "/images/:style/missing.png"
+  scan_file :attachment
+end

data/spec/dummy/app/uploaders/attachment_uploader.rb

@@ -0,0 +1,50 @@
+# encoding: utf-8
+
+class AttachmentUploader < CarrierWave::Uploader::Base
+
+  # Include RMagick or MiniMagick support:
+  # include CarrierWave::RMagick
+  # include CarrierWave::MiniMagick
+
+  # Choose what kind of storage to use for this uploader:
+  # storage :fog
+
+  # Override the directory where uploaded files will be stored.
+  # This is a sensible default for uploaders that are meant to be mounted:
+  def store_dir
+    "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
+  end
+
+  # Provide a default URL as a default if there hasn't been a file uploaded:
+  # def default_url
+  #   # For Rails 3.1+ asset pipeline compatibility:
+  #   # ActionController::Base.helpers.asset_path("fallback/" + [version_name, "default.png"].compact.join('_'))
+  #
+  #   "/images/fallback/" + [version_name, "default.png"].compact.join('_')
+  # end
+
+  # Process files as they are uploaded:
+  # process :scale => [200, 300]
+  #
+  # def scale(width, height)
+  #   # do something
+  # end
+
+  # Create different versions of your uploaded files:
+  # version :thumb do
+  #   process :resize_to_fit => [50, 50]
+  # end
+
+  # Add a white list of extensions which are allowed to be uploaded.
+  # For images you might use something like this:
+  # def extension_white_list
+  #   %w(jpg jpeg gif png)
+  # end
+
+  # Override the filename of the uploaded files:
+  # Avoid using model.id or version_name here, see uploader/store.rb for details.
+  # def filename
+  #   "something.jpg" if original_filename
+  # end
+
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
+  <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>