kotovalexarian-likes-github
/
carrierwaveuploader--carrierwave
mirror of https://github.com/carrierwaveuploader/carrierwave.git
1
0
Fork 0
Code Releases Activity
carrierwaveuploader--carrie.../lib/carrierwave/sanitized_file.rb

273 lines
6.3 KiB
Ruby
Raw Blame History

# encoding: utf-8
require 'pathname'
module CarrierWave
##
# SanitizedFile is a base class which provides a common API around all
# the different quirky Ruby File libraries. It has support for Tempfile,
# File, StringIO, Merb-style upload Hashes, as well as paths given as
# Strings and Pathnames.
#
# It's probably needlessly comprehensive and complex. Help is appreciated.
#
class SanitizedFile
attr_accessor :file
def initialize(file)
self.file = file
end
##
# Returns the filename as is, without sanizting it.
#
# === Returns
#
# [String] the unsanitized filename
#
def original_filename
return @original_filename if @original_filename
if @file and @file.respond_to?(:original_filename)
@file.original_filename
elsif path
File.basename(path)
end
end
##
# Returns the filename, sanitized to strip out any evil characters.
#
# === Returns
#
# [String] the sanitized filename
#
def filename
sanitize(original_filename) if original_filename
end
alias_method :identifier, :filename
##
# Returns the part of the filename before the extension. So if a file is called 'test.jpeg'
# this would return 'test'
#
# === Returns
#
# [String] the first part of the filename
#
def basename
split_extension(filename)[0] if filename
end
##
# Returns the file extension
#
# === Returns
#
# [String] the extension
#
def extension
split_extension(filename)[1] if filename
end
##
# Returns the file's size.
#
# === Returns
#
# [Integer] the file's size in bytes.
#
def size
if is_path?
exists? ? File.size(path) : 0
elsif @file.respond_to?(:size)
@file.size
elsif path
exists? ? File.size(path) : 0
else
0
end
end
##
# Returns the full path to the file. If the file has no path, it will return nil.
#
# === Returns
#
# [String, nil] the path where the file is located.
#
def path
unless @file.blank?
if is_path?
File.expand_path(@file)
elsif @file.respond_to?(:path) and not @file.path.blank?
File.expand_path(@file.path)
end
end
end
##
# === Returns
#
# [Boolean] whether the file is supplied as a pathname or string.
#
def is_path?
!!((@file.is_a?(String) || @file.is_a?(Pathname)) && !@file.blank?)
end
##
# === Returns
#
# [Boolean] whether the file is valid and has a non-zero size
#
def empty?
@file.nil? || self.size.nil? || self.size.zero?
end
alias_method :blank?, :empty?
##
# === Returns
#
# [Boolean] Whether the file exists
#
def exists?
return File.exists?(self.path) if self.path
return false
end
##
# Returns the contents of the file.
#
# === Returns
#
# [String] contents of the file
#
def read
if is_path?
File.read(@file)
else
@file.rewind if @file.respond_to?(:rewind)
@file.read
end
end
##
# Moves the file to the given path
#
# === Parameters
#
# [new_path (String)] The path where the file should be moved.
# [permissions (Integer)] permissions to set on the file in its new location.
#
def move_to(new_path, permissions=nil)
return if self.empty?
new_path = File.expand_path(new_path)
mkdir!(new_path)
if exists?
FileUtils.mv(path, new_path) unless new_path == path
else
File.open(new_path, "wb") { |f| f.write(read) }
end
chmod!(new_path, permissions)
self.file = new_path
end
##
# Creates a copy of this file and moves it to the given path. Returns the copy.
#
# === Parameters
#
# [new_path (String)] The path where the file should be copied to.
# [permissions (Integer)] permissions to set on the copy
#
# === Returns
#
# @return [CarrierWave::SanitizedFile] the location where the file will be stored.
#
def copy_to(new_path, permissions=nil)
return if self.empty?
new_path = File.expand_path(new_path)
mkdir!(new_path)
if exists?
FileUtils.cp(path, new_path) unless new_path == path
else
File.open(new_path, "wb") { |f| f.write(read) }
end
chmod!(new_path, permissions)
self.class.new(new_path)
end
##
# Removes the file from the filesystem.
#
def delete
FileUtils.rm(self.path) if exists?
end
##
# Returns the content type of the file.
#
# === Returns
#
# [String] the content type of the file
#
def content_type
return @content_type if @content_type
@file.content_type.chomp if @file.respond_to?(:content_type) and @file.content_type
end
private
def file=(file)
if file.is_a?(Hash)
@file = file["tempfile"] || file[:tempfile]
@original_filename = file["filename"] || file[:filename]
@content_type = file["content_type"] || file[:content_type]
else
@file = file
@original_filename = nil
@content_type = nil
end
end
# create the directory if it doesn't exist
def mkdir!(path)
FileUtils.mkdir_p(File.dirname(path)) unless File.exists?(File.dirname(path))
end
def chmod!(path, permissions)
File.chmod(permissions, path) if permissions
end
# Sanitize the filename, to prevent hacking
def sanitize(name)
name = name.gsub("\\", "/") # work-around for IE
name = File.basename(name)
name = name.gsub(/[^a-zA-Z0-9\.\-\+_]/,"_")
name = "_#{name}" if name =~ /\A\.+\z/
name = "unnamed" if name.size == 0
return name.downcase
end
def split_extension(fn)
# regular expressions to try for identifying extensions
ext_regexps = [
/\A(.+)\.([^\.]{1,3}\.[^\.]{1,4})\z/, # matches "something.tar.gz"
/\A(.+)\.([^\.]+)\z/ # matches "something.jpg"
]
ext_regexps.each do |regexp|
if fn =~ regexp
return $1, $2
end
end
return fn, "" # In case we weren't able to split the extension
end
end # SanitizedFile
end # CarrierWave
View Git Blame Copy Permalink