Trying to pass the current request down to the service so that it can
create full urls instead of paths makes the API messy so use a model
based on ActiveSupport::CurrentAttributes to provide the current host
to services that need it (primarily the disk service).
Since ActiveStorage::Blob::Representable unifies the idea of previews and
variants under one roof as representation, we may as well have the
controllers follow suit.
Thus ActiveStorage::RepresenationsController enters the fray. I've copied
the old tests for both previews and variants and unified those as well.
Disable CSRF protection for ActiveStorage::DiskController#update. The local disk service is intended to imitate a third-party service like S3 or GCS, so we don't care where direct uploads originate: they’re authorized by signed tokens.
Closes#30290.
[Shinichi Maeshima & George Claghorn]