Commit 5deaa22c authored by Sruthi Chandran's avatar Sruthi Chandran

Imported Upstream version 0.11.2

parent eadbb34f
before_install:
- gem install bundler
cache: bundler
notifications:
email: false
rvm:
- 1.9.3
- 2.0.0
- 2.1.1
- ruby-head
- 2.0
- 2.1
gemfile:
- Gemfile
- gemfiles/rails-3-2-stable.gemfile
- gemfiles/rails-4-0-stable.gemfile
- gemfiles/rails-4-1-stable.gemfile
- gemfiles/rails-master.gemfile
matrix:
allow_failures:
- rvm: ruby-head
include:
- rvm: 1.8.7
gemfile: gemfiles/rails-3-2-stable.gemfile
- rvm: 1.9.2
gemfile: gemfiles/rails-3-2-stable.gemfile
- rvm: ree
gemfile: gemfiles/rails-3-2-stable.gemfile
before_script:
- "mysql -e 'create database carrierwave_test;'"
- psql -c 'create database carrierwave_test;' -U postgres
addons:
postgresql: "9.3"
# Carrierwave History/Changelog
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).
## [Unreleased]
### Added
### Changed
* `cache_id` is now less collision-prone thanks to a counter (@stillwaiting and @mtsmfm [#1866](https://github.com/carrierwaveuploader/carrierwave/pull/1866))
### Removed
### Fixed
* Fix require RMagick deprecation warning (@thomasfedb and @bensie [#1788](https://github.com/carrierwaveuploader/carrierwave/pull/1788))
Please check [0.10-stable] for previous changes.
[Unreleased]: https://github.com/carrierwaveuploader/carrierwave/compare/v0.10.0...0.11-stable
[0.10-stable]: https://github.com/carrierwaveuploader/carrierwave/blob/0.10-stable/History.txt
This diff is collapsed.
......@@ -161,6 +161,22 @@ class MyUploader < CarrierWave::Uploader::Base
end
```
### CVE-2016-3714 (ImageTragick)
This version of CarrierWave has the ability to mitigate CVE-2016-3714. However, you **MUST** set a `content_type_whitelist` in your uploaders for this protection to be effective, and you **MUST** either disable ImageMagick's default SVG delegate or use the RSVG delegate for SVG processing.
A valid whitelist that will restrict your uploader to images only, and mitigate the CVE is:
```ruby
class MyUploader < CarrierWave::Uploader::Base
def content_type_whitelist
[/image\//]
end
end
```
**WARNING**: A `content_type_whitelist` is the only form of whitelist or blacklist supported by CarrierWave that can effectively mitigate against CVE-2016-3714. Use of `extension_type_whitelist` will not inspect the file headers, and thus still leaves your application open to the vulnerability.
### Filenames and unicode chars
Another security issue you should care for is the file names (see
......
......@@ -28,13 +28,16 @@ Gem::Specification.new do |s|
s.add_dependency "activemodel", ">= 3.2.0"
s.add_dependency "json", ">= 1.7"
s.add_dependency "mime-types", ">= 1.16"
s.add_dependency "mimemagic", ">= 0.3.0"
s.add_development_dependency "mysql2"
s.add_development_dependency "pg"
s.add_development_dependency "rails", ">= 3.2.0"
s.add_development_dependency "cucumber", "~> 1.3.2"
s.add_development_dependency "rspec", "~> 2.13.0"
s.add_development_dependency "sham_rack"
s.add_development_dependency "fog", ">= 1.3.1"
s.add_development_dependency "fog", "~> 1.20.0"
s.add_development_dependency "unf"
s.add_development_dependency "net-ssh", "~> 2.9.0"
s.add_development_dependency "mini_magick", ">= 3.6.0"
s.add_development_dependency "rmagick"
s.add_development_dependency "nokogiri", "~> 1.5.10" # 1.6 requires ruby > 1.8.7
......
......@@ -23,6 +23,6 @@ Feature: uploader with file storage
Scenario: retrieving a file from cache
Given an uploader class that uses the 'file' storage
And an instance of that class
And the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Then the uploader should have 'public/uploads/tmp/1369894322-345-2255/bork.txt' as its current path
And the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
Then the uploader should have 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt' as its current path
......@@ -30,8 +30,8 @@ Feature: uploader with file storage
And the file at 'public/uploads/bork.txt' should be identical to the file at 'fixtures/bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/bork.txt'
And the file at 'public/uploads/bork.txt' should be identical to the file at 'fixtures/bork.txt'
......@@ -31,8 +31,8 @@ Feature: uploader with file storage and overriden filename
And the file at 'public/uploads/txt.krob' should be identical to the file at 'fixtures/bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/txt.krob'
And the file at 'public/uploads/txt.krob' should be identical to the file at 'fixtures/bork.txt'
......@@ -31,8 +31,8 @@ Feature: uploader with file storage and overridden store dir
And the file at 'public/monkey/llama/bork.txt' should be identical to the file at 'fixtures/bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/monkey/llama/bork.txt'
And the file at 'public/monkey/llama/bork.txt' should be identical to the file at 'fixtures/bork.txt'
......@@ -36,8 +36,8 @@ Feature: uploader with file storage and a processor that reverses the file
And the file at 'public/uploads/bork.txt' should be the reverse of the file at 'fixtures/bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/bork.txt'
And the file at 'public/uploads/bork.txt' should be identical to the file at 'fixtures/bork.txt'
......@@ -33,9 +33,9 @@ Feature: uploader with file storage and versions
And the uploader's version 'thumb' should have the url '/uploads/thumb_bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/thumb_bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/thumb_bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/bork.txt'
Then there should be a file at 'public/uploads/thumb_bork.txt'
......
......@@ -43,11 +43,11 @@ Feature: uploader with nested versions
And the uploader's nested version 'micro' nested in 'thumb' should have the url '/uploads/thumb_micro_bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/thumb_bork.txt'
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/thumb_mini_bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/thumb_micro_bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/thumb_bork.txt'
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/thumb_mini_bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/thumb_micro_bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/bork.txt'
Then there should be a file at 'public/uploads/thumb_bork.txt'
......
......@@ -34,9 +34,9 @@ Feature: uploader with file storage and overriden filename
And the uploader's version 'thumb' should have the url '/uploads/thumb_grark.png'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/thumb_bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/thumb_bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/grark.png'
Then there should be a file at 'public/uploads/thumb_grark.png'
......
......@@ -31,9 +31,9 @@ Feature: uploader with file storage and versions with overridden store dir
And the file at 'public/monkey/llama/thumb_bork.txt' should be identical to the file at 'fixtures/bork.txt'
Scenario: retrieving a file from cache then storing
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-2255/thumb_bork.txt'
When I retrieve the cache name '1369894322-345-2255/bork.txt' from the cache
Given the file 'fixtures/bork.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/bork.txt'
Given the file 'fixtures/monkey.txt' is cached file at 'public/uploads/tmp/1369894322-345-1234-2255/thumb_bork.txt'
When I retrieve the cache name '1369894322-345-1234-2255/bork.txt' from the cache
And I store the file
Then there should be a file at 'public/uploads/bork.txt'
Then there should be a file at 'public/monkey/llama/thumb_bork.txt'
......
......@@ -4,3 +4,12 @@ gem "rails", :git => "https://github.com/rails/rails.git", :branch => "3-2-stabl
gem "carrierwave", :path => "../"
gemspec :path => "../"
if RUBY_VERSION <= "1.9.2"
gem "pg", "< 0.18.0"
gem "i18n", "< 0.7"
gem "mime-types", "< 2.0"
gem "mini_magick", "< 4"
gem "fog", "1.3.1"
gem "rack-cache", "< 1.3"
end
......@@ -4,3 +4,12 @@ gem "rails", :github => "rails/rails", :branch => "4-0-stable"
gem "carrierwave", :path => "../"
gemspec :path => "../"
if RUBY_VERSION <= "1.9.2"
gem "pg", "< 0.18.0"
gem "i18n", "< 0.7"
gem "mime-types", "< 2.0"
gem "mini_magick", "< 4"
gem "fog", "1.3.1"
gem "sprockets", "< 3"
end
......@@ -4,3 +4,12 @@ gem "rails", :github => "rails/rails", :branch => "4-1-stable"
gem "carrierwave", :path => "../"
gemspec :path => "../"
if RUBY_VERSION <= "1.9.2"
gem "pg", "< 0.18.0"
gem "i18n", "< 0.7"
gem "mime-types", "< 2.0"
gem "mini_magick", "< 4"
gem "fog", "1.3.1"
gem "sprockets", "< 3"
end
......@@ -62,6 +62,8 @@ module CarrierWave
included do
begin
require "rmagick"
rescue LoadError
require "RMagick"
rescue LoadError => e
e.message << " (You may need to install the rmagick gem)"
......
......@@ -3,6 +3,7 @@
require 'pathname'
require 'active_support/core_ext/string/multibyte'
require 'mime/types'
require 'mimemagic'
module CarrierWave
......@@ -244,12 +245,10 @@ module CarrierWave
# [String] the content type of the file
#
def content_type
return @content_type if @content_type
if @file.respond_to?(:content_type) and @file.content_type
@content_type = @file.content_type.to_s.chomp
elsif path
@content_type = ::MIME::Types.type_for(path).first.to_s
end
@content_type ||=
existing_content_type ||
mime_magic_content_type ||
mime_types_content_type
end
##
......@@ -309,6 +308,22 @@ module CarrierWave
return name.mb_chars.to_s
end
def existing_content_type
if @file.respond_to?(:content_type) && @file.content_type
@file.content_type.to_s.chomp
end
end
def mime_magic_content_type
MimeMagic.by_magic(File.open(path)).try(:type) if path
rescue Errno::ENOENT
nil
end
def mime_types_content_type
::MIME::Types.type_for(path).first.to_s if path
end
def split_extension(filename)
# regular expressions to try for identifying extensions
extension_matchers = [
......
require "carrierwave/storage/abstract"
require "carrierwave/storage/file"
begin
require "fog"
rescue LoadError
%w(aws google openstack rackspace).each do |fog_dependency|
begin
require "fog/#{fog_dependency}"
rescue LoadError
end
end
require "carrierwave/storage/fog" if defined?(Fog)
# encoding: utf-8
require "fog"
module CarrierWave
module Storage
......
......@@ -11,6 +11,8 @@ require "carrierwave/uploader/download"
require "carrierwave/uploader/remove"
require "carrierwave/uploader/extension_whitelist"
require "carrierwave/uploader/extension_blacklist"
require "carrierwave/uploader/content_type_whitelist"
require "carrierwave/uploader/content_type_blacklist"
require "carrierwave/uploader/processing"
require "carrierwave/uploader/versions"
require "carrierwave/uploader/default_url"
......@@ -53,6 +55,8 @@ module CarrierWave
include CarrierWave::Uploader::Remove
include CarrierWave::Uploader::ExtensionWhitelist
include CarrierWave::Uploader::ExtensionBlacklist
include CarrierWave::Uploader::ContentTypeWhitelist
include CarrierWave::Uploader::ContentTypeBlacklist
include CarrierWave::Uploader::Processing
include CarrierWave::Uploader::Versions
include CarrierWave::Uploader::DefaultUrl
......
......@@ -8,15 +8,27 @@ module CarrierWave
end
end
class CacheCounter
@@counter = 0
def self.increment
@@counter += 1
end
end
##
# Generates a unique cache id for use in the caching system
#
# === Returns
#
# [String] a cache id in the format TIMEINT-PID-RND
# [String] a cache id in the format TIMEINT-PID-COUNTER-RND
#
def self.generate_cache_id
Time.now.utc.to_i.to_s + '-' + Process.pid.to_s + '-' + ("%04d" % rand(9999))
[Time.now.utc.to_i,
Process.pid,
'%04d' % (CarrierWave::CacheCounter.increment % 1000),
'%04d' % rand(9999)
].map(&:to_s).join('-')
end
module Uploader
......@@ -91,7 +103,7 @@ module CarrierWave
#
# === Returns
#
# [String] a cache name, in the format YYYYMMDD-HHMM-PID-RND/filename.txt
# [String] a cache name, in the format TIMEINT-PID-COUNTER-RND/filename.txt
#
def cache_name
File.join(cache_id, full_original_filename) if cache_id and original_filename
......@@ -165,7 +177,9 @@ module CarrierWave
alias_method :full_original_filename, :original_filename
def cache_id=(cache_id)
raise CarrierWave::InvalidParameter, "invalid cache id" unless cache_id =~ /\A[\d]+\-[\d]+\-[\d]{4}\z/
# Earlier version used 3 part cache_id. Thus we should allow for
# the cache_id to have both 3 part and 4 part formats.
raise CarrierWave::InvalidParameter, "invalid cache id" unless cache_id =~ /\A[\d]+\-[\d]+(\-[\d]{4})?\-[\d]{4}\z/
@cache_id = cache_id
end
......
module CarrierWave
module Uploader
module ContentTypeBlacklist
extend ActiveSupport::Concern
included do
before :cache, :check_content_type_blacklist!
end
##
# Override this method in your uploader to provide a blacklist of files content types
# which are not allowed to be uploaded.
# Not only strings but Regexp are allowed as well.
#
# === Returns
#
# [NilClass, String, Regexp, Array[String, Regexp]] a blacklist of content types which are not allowed to be uploaded
#
# === Examples
#
# def content_type_blacklist
# %w(text/json application/json)
# end
#
# Basically the same, but using a Regexp:
#
# def content_type_blacklist
# [/(text|application)\/json/]
# end
#
def content_type_blacklist; end
private
def check_content_type_blacklist!(new_file)
content_type = new_file.content_type
if content_type_blacklist && blacklisted_content_type?(content_type)
raise CarrierWave::IntegrityError, I18n.translate(:"errors.messages.content_type_blacklist_error", content_type: content_type)
end
end
def blacklisted_content_type?(content_type)
Array(content_type_blacklist).any? { |item| content_type =~ /#{item}/ }
end
end # ContentTypeBlacklist
end # Uploader
end # CarrierWave
module CarrierWave
module Uploader
module ContentTypeWhitelist
extend ActiveSupport::Concern
included do
before :cache, :check_content_type_whitelist!
end
##
# Override this method in your uploader to provide a whitelist of files content types
# which are allowed to be uploaded.
# Not only strings but Regexp are allowed as well.
#
# === Returns
#
# [NilClass, String, Regexp, Array[String, Regexp]] a whitelist of content types which are allowed to be uploaded
#
# === Examples
#
# def content_type_whitelist
# %w(text/json application/json)
# end
#
# Basically the same, but using a Regexp:
#
# def content_type_whitelist
# [/(text|application)\/json/]
# end
#
def content_type_whitelist; end
private
def check_content_type_whitelist!(new_file)
content_type = new_file.content_type
if content_type_whitelist && !whitelisted_content_type?(content_type)
raise CarrierWave::IntegrityError, I18n.translate(:"errors.messages.content_type_whitelist_error", content_type: content_type)
end
end
def whitelisted_content_type?(content_type)
Array(content_type_whitelist).any? { |item| content_type =~ /#{item}/ }
end
end # ContentTypeWhitelist
end # Uploader
end # CarrierWave
module CarrierWave
VERSION = "0.10.0"
VERSION = "0.11.2"
end
# encoding: utf-8
require 'spec_helper'
require 'rails'
require 'carrierwave/orm/activerecord'
module Rails; end unless defined?(Rails)
describe CarrierWave::Compatibility::Paperclip do
before do
......
......@@ -242,7 +242,7 @@ describe CarrierWave::Mount do
it "should be the cache name when a file has been cached" do
@instance.image = stub_file('test.jpg')
@instance.image_cache.should =~ %r(^[\d]+\-[\d]+\-[\d]{4}/test\.jpg$)
@instance.image_cache.should =~ %r(^[\d]+\-[\d]+\-[\d]{4}\-[\d]{4}/test\.jpg$)
end
end
......
......@@ -385,6 +385,14 @@ describe CarrierWave::ActiveRecord do
end
describe "#remote_image_url=" do
before do
sham_rack_app = ShamRack.at('www.example.com').stub
sham_rack_app.register_resource('/test.jpg', File.read(file_path('test.jpg')), 'image/jpg')
end
after do
ShamRack.unmount_all
end
# FIXME ideally image_changed? and remote_image_url_changed? would return true
it "should mark image as changed when setting remote_image_url" do
......
......@@ -197,6 +197,21 @@ describe CarrierWave::SanitizedFile do
@sanitized_file = CarrierWave::SanitizedFile.new('llama.jpg')
@sanitized_file.content_type.should == 'image/jpeg'
end
it 'does not allow spoofing of the mime type' do
file = File.open(file_path('jpg.png'))
sanitized_file = CarrierWave::SanitizedFile.new(file)
lambda { sanitized_file.content_type }.should_not raise_error
sanitized_file.content_type.should == 'image/jpeg'
end
it 'does not raise an error if the path is not present' do
sanitized_file = CarrierWave::SanitizedFile.new(nil)
lambda { sanitized_file.content_type }.should_not raise_error
end
end
describe "#content_type=" do
......
......@@ -14,8 +14,6 @@ require 'sham_rack'
require 'mini_magick'
require 'generator_spec'
require 'mysql2'
require 'fog'
require 'storage/fog_helper'
......@@ -25,6 +23,8 @@ end
require 'fog_credentials' # after Fog.mock!
I18n.enforce_available_locales = false
CARRIERWAVE_DIRECTORY = "carrierwave#{Time.now.to_i}" unless defined?(CARRIERWAVE_DIRECTORY)
alias :running :lambda
......
require 'mysql2'
require 'active_record'
require 'pg'
require 'rails'
require 'carrierwave/orm/activerecord'
# Change this if MySQL is unavailable
# Change this if PG is unavailable
dbconfig = {
:adapter => 'mysql2',
:adapter => 'postgresql',
:database => 'carrierwave_test',
:username => 'root',
:encoding => 'utf8'
:encoding => 'utf8',
:username => 'postgres'
}
database = dbconfig.delete(:database)
ActiveRecord::Base.establish_connection(dbconfig)
begin
ActiveRecord::Base.connection.create_database database
rescue ActiveRecord::StatementInvalid => e # database already exists
end
ActiveRecord::Base.establish_connection(dbconfig.merge(:database => database))
ActiveRecord::Migration.verbose = false
......@@ -322,7 +322,7 @@ describe CarrierWave::Uploader do
describe '.generate_cache_id' do
it 'should generate dir name bsed on UTC time' do
Timecop.travel(Time.at(1369896000)) do
CarrierWave.generate_cache_id.should match(/\A1369896000-\d+-\d+\Z/)
CarrierWave.generate_cache_id.should match(/\A1369896000-\d+-\d+-\d+\Z/)
end
end
end
......
......@@ -8,16 +8,16 @@ describe CarrierWave::Uploader do
@uploader_class_1 = Class.new(CarrierWave::Uploader::Base)
# First Uploader only has default before-callback
@uploader_class_1._before_callbacks[:cache].should == [:check_whitelist!, :check_blacklist!]
@uploader_class_1._before_callbacks[:cache].should == [:check_whitelist!, :check_blacklist!, :check_content_type_whitelist!, :check_content_type_blacklist!]
@uploader_class_2 = Class.new(CarrierWave::Uploader::Base)
@uploader_class_2.before :cache, :before_cache_callback
# Second Uploader defined with another callback
@uploader_class_2._before_callbacks[:cache].should == [:check_whitelist!, :check_blacklist!, :before_cache_callback]
@uploader_class_2._before_callbacks[:cache].should == [:check_whitelist!, :check_blacklist!, :check_content_type_whitelist!, :check_content_type_blacklist!, :before_cache_callback]
# Make sure the first Uploader doesn't inherit the same callback
@uploader_class_1._before_callbacks[:cache].should == [:check_whitelist!, :check_blacklist!]
@uploader_class_1._before_callbacks[:cache].should == [:check_whitelist!, :check_blacklist!, :check_content_type_whitelist!, :check_content_type_blacklist!]
end
......
require 'spec_helper'
describe CarrierWave::Uploader do
let(:uploader_class) { Class.new(CarrierWave::Uploader::Base) }
let(:uploader) { uploader_class.new }
let(:landscape_file) { File.open(file_path('landscape.jpg')) }
let(:bork_file) { File.open(file_path('bork.txt')) }
let(:test_file) { File.open(file_path('test.jpeg')) }
after { FileUtils.rm_rf(public_path) }
describe '#cache!' do
before do
CarrierWave.stub(:generate_cache_id).and_return('1369894322-345-1234-2255')
end
context "when there is no blacklist" do
it "does not raise an integrity error" do
uploader.stub(:content_type_blacklist).and_return(nil)
lambda { uploader.cache!(landscape_file) }.should_not raise_error
end
end
context "when there is a blacklist" do
context "when the blacklist is an array of values" do
it "does not raise an integrity error when the file has not a blacklisted content type" do
uploader.stub(:content_type_blacklist).and_return(['image/gif'])
lambda { uploader.cache!(bork_file) }.should_not raise_error
end
it "raises an integrity error if the file has a blacklisted content type" do
uploader.stub(:content_type_blacklist).and_return(['image/jpeg'])
lambda { uploader.cache!(landscape_file) }.should raise_error(CarrierWave::IntegrityError)
end
it "accepts content types as regular expressions" do
uploader.stub(:content_type_blacklist).and_return([/image\//])
lambda { uploader.cache!(landscape_file) }.should raise_error(CarrierWave::IntegrityError)
end
end
end
end
end
require 'spec_helper'
describe CarrierWave::Uploader do
let(:uploader_class) { Class.new(CarrierWave::Uploader::Base) }
let(:uploader) { uploader_class.new }
let(:image_file) { File.open(file_path('landscape.jpg')) }
after { FileUtils.rm_rf(public_path) }
describe '#cache!' do
before do
CarrierWave.stub(:generate_cache_id).and_return('1369894322-345-1234-2255')
end
context "when there is no whitelist" do
it "does not raise an integrity error" do
uploader.stub(:content_type_whitelist).and_return(nil)
lambda { uploader.cache!(image_file) }.should_not raise_error
end