Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
31148cd6
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
31148cd6
编写于
6月 04, 2020
作者:
S
Santiago Bartesaghi
提交者:
George Claghorn
7月 04, 2020
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Use Active Record signed IDs in Active Storage
上级
fce2d6a7
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
25 addition
and
12 deletion
+25
-12
activestorage/app/controllers/concerns/active_storage/set_blob.rb
...orage/app/controllers/concerns/active_storage/set_blob.rb
+1
-1
activestorage/app/models/active_storage/blob.rb
activestorage/app/models/active_storage/blob.rb
+9
-4
activestorage/lib/active_storage/attached/changes/create_one.rb
...storage/lib/active_storage/attached/changes/create_one.rb
+1
-1
activestorage/test/controllers/direct_uploads_controller_test.rb
...torage/test/controllers/direct_uploads_controller_test.rb
+4
-4
activestorage/test/models/attached/one_test.rb
activestorage/test/models/attached/one_test.rb
+1
-1
activestorage/test/models/attachment_test.rb
activestorage/test/models/attachment_test.rb
+9
-1
未找到文件。
activestorage/app/controllers/concerns/active_storage/set_blob.rb
浏览文件 @
31148cd6
...
...
@@ -9,7 +9,7 @@ module ActiveStorage::SetBlob #:nodoc:
private
def
set_blob
@blob
=
ActiveStorage
::
Blob
.
find_signed
(
params
[
:signed_blob_id
]
||
params
[
:signed_id
])
@blob
=
ActiveStorage
::
Blob
.
find_signed
!
(
params
[
:signed_blob_id
]
||
params
[
:signed_id
])
rescue
ActiveSupport
::
MessageVerifier
::
InvalidSignature
head
:not_found
end
...
...
activestorage/app/models/active_storage/blob.rb
浏览文件 @
31148cd6
...
...
@@ -35,6 +35,7 @@ class ActiveStorage::Blob < ActiveRecord::Base
include
ActiveStorage
::
Blob
::
Representable
self
.
table_name
=
"active_storage_blobs"
self
.
signed_id_verifier
=
ActiveStorage
.
verifier
MINIMUM_TOKEN_LENGTH
=
28
...
...
@@ -72,8 +73,8 @@ class << self
# that was created ahead of the upload itself on form submission.
#
# The signed ID is also used to create stable URLs for the blob through the BlobsController.
def
find_signed
(
id
,
record:
nil
)
find
ActiveStorage
.
verifier
.
verify
(
id
,
purpose: :blob_id
)
def
find_signed
!
(
id
,
record:
nil
)
super
(
id
,
purpose: :blob_id
)
end
def
build_after_upload
(
io
:,
filename
:,
content_type:
nil
,
metadata:
nil
,
service_name:
nil
,
identify:
true
,
record:
nil
)
#:nodoc:
...
...
@@ -125,12 +126,16 @@ def create_before_direct_upload!(key: nil, filename:, byte_size:, checksum:, con
def
generate_unique_secure_token
(
length:
MINIMUM_TOKEN_LENGTH
)
SecureRandom
.
base36
(
length
)
end
# Customize signed ID purposes for backwards compatibility.
def
combine_signed_id_purposes
(
purpose
)
purpose
.
to_s
end
end
# Returns a signed ID for this blob that's suitable for reference on the client-side without fear of tampering.
# It uses the framework-wide verifier on <tt>ActiveStorage.verifier</tt>, but with a dedicated purpose.
def
signed_id
ActiveStorage
.
verifier
.
generate
(
id
,
purpose: :blob_id
)
super
(
purpose: :blob_id
)
end
# Returns the key pointing to the file on the service that's associated with this blob. The key is the
...
...
activestorage/lib/active_storage/attached/changes/create_one.rb
浏览文件 @
31148cd6
...
...
@@ -68,7 +68,7 @@ def find_or_build_blob
)
)
when
String
ActiveStorage
::
Blob
.
find_signed
(
attachable
,
record:
record
)
ActiveStorage
::
Blob
.
find_signed
!
(
attachable
,
record:
record
)
else
raise
ArgumentError
,
"Could not find or build blob: expected attachable, got
#{
attachable
.
inspect
}
"
end
...
...
activestorage/test/controllers/direct_uploads_controller_test.rb
浏览文件 @
31148cd6
...
...
@@ -21,7 +21,7 @@ class ActiveStorage::S3DirectUploadsControllerTest < ActionDispatch::Integration
filename:
"hello.txt"
,
byte_size:
6
,
checksum:
checksum
,
content_type:
"text/plain"
}
}
response
.
parsed_body
.
tap
do
|
details
|
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
(
details
[
"signed_id"
])
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
!
(
details
[
"signed_id"
])
assert_equal
"hello.txt"
,
details
[
"filename"
]
assert_equal
6
,
details
[
"byte_size"
]
assert_equal
checksum
,
details
[
"checksum"
]
...
...
@@ -56,7 +56,7 @@ class ActiveStorage::GCSDirectUploadsControllerTest < ActionDispatch::Integratio
filename:
"hello.txt"
,
byte_size:
6
,
checksum:
checksum
,
content_type:
"text/plain"
}
}
@response
.
parsed_body
.
tap
do
|
details
|
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
(
details
[
"signed_id"
])
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
!
(
details
[
"signed_id"
])
assert_equal
"hello.txt"
,
details
[
"filename"
]
assert_equal
6
,
details
[
"byte_size"
]
assert_equal
checksum
,
details
[
"checksum"
]
...
...
@@ -90,7 +90,7 @@ class ActiveStorage::AzureStorageDirectUploadsControllerTest < ActionDispatch::I
filename:
"hello.txt"
,
byte_size:
6
,
checksum:
checksum
,
content_type:
"text/plain"
}
}
@response
.
parsed_body
.
tap
do
|
details
|
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
(
details
[
"signed_id"
])
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
!
(
details
[
"signed_id"
])
assert_equal
"hello.txt"
,
details
[
"filename"
]
assert_equal
6
,
details
[
"byte_size"
]
assert_equal
checksum
,
details
[
"checksum"
]
...
...
@@ -112,7 +112,7 @@ class ActiveStorage::DiskDirectUploadsControllerTest < ActionDispatch::Integrati
filename:
"hello.txt"
,
byte_size:
6
,
checksum:
checksum
,
content_type:
"text/plain"
}
}
@response
.
parsed_body
.
tap
do
|
details
|
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
(
details
[
"signed_id"
])
assert_equal
ActiveStorage
::
Blob
.
find
(
details
[
"id"
]),
ActiveStorage
::
Blob
.
find_signed
!
(
details
[
"signed_id"
])
assert_equal
"hello.txt"
,
details
[
"filename"
]
assert_equal
6
,
details
[
"byte_size"
]
assert_equal
checksum
,
details
[
"checksum"
]
...
...
activestorage/test/models/attached/one_test.rb
浏览文件 @
31148cd6
...
...
@@ -32,7 +32,7 @@ class ActiveStorage::OneAttachedTest < ActiveSupport::TestCase
test
"attaching an existing blob from a signed ID passes record"
do
blob
=
create_blob
(
filename:
"funky.jpg"
)
arguments
=
[
blob
.
signed_id
,
record:
@user
]
assert_called_with
(
ActiveStorage
::
Blob
,
:find_signed
,
arguments
,
returns:
blob
)
do
assert_called_with
(
ActiveStorage
::
Blob
,
:find_signed
!
,
arguments
,
returns:
blob
)
do
@user
.
avatar
.
attach
blob
.
signed_id
end
end
...
...
activestorage/test/models/attachment_test.rb
浏览文件 @
31148cd6
...
...
@@ -55,6 +55,14 @@ class ActiveStorage::AttachmentTest < ActiveSupport::TestCase
@user
.
avatar
.
attach
(
blob
)
signed_id
=
@user
.
avatar
.
signed_id
assert_equal
blob
,
ActiveStorage
::
Blob
.
find_signed
(
signed_id
)
assert_equal
blob
,
ActiveStorage
::
Blob
.
find_signed!
(
signed_id
)
end
test
"signed blob ID backwards compatibility"
do
blob
=
create_blob
@user
.
avatar
.
attach
(
blob
)
signed_id_generated_old_way
=
ActiveStorage
.
verifier
.
generate
(
@user
.
avatar
.
id
,
purpose: :blob_id
)
assert_equal
blob
,
ActiveStorage
::
Blob
.
find_signed!
(
signed_id_generated_old_way
)
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录