Class: UploadValidator
- Inherits:
-
ActiveModel::Validator
- Object
- ActiveModel::Validator
- UploadValidator
- Defined in:
- lib/validators/upload_validator.rb
Instance Method Summary collapse
- #authorized_attachment_extension(upload, extension) ⇒ Object
- #authorized_image_extension(upload, extension) ⇒ Object
-
#changing_upload_security?(upload) ⇒ Boolean
this should only be run on existing records, and covers cases of upload.update_secure_status being run outside of the creation flow, where some cases e.g.
- #is_authorized?(upload, extension) ⇒ Boolean
- #maximum_attachment_file_size(upload) ⇒ Object
- #maximum_image_file_size(upload) ⇒ Object
- #validate(upload) ⇒ Object
Instance Method Details
#authorized_attachment_extension(upload, extension) ⇒ Object
64 65 66 |
# File 'lib/validators/upload_validator.rb', line 64 def (upload, extension) (upload, extension, (upload)) end |
#authorized_image_extension(upload, extension) ⇒ Object
56 57 58 |
# File 'lib/validators/upload_validator.rb', line 56 def (upload, extension) (upload, extension, (upload)) end |
#changing_upload_security?(upload) ⇒ Boolean
this should only be run on existing records, and covers cases of upload.update_secure_status being run outside of the creation flow, where some cases e.g. have exemptions on the extension enforcement
45 46 47 48 49 50 |
# File 'lib/validators/upload_validator.rb', line 45 def changing_upload_security?(upload) !upload.new_record? && upload.changed_attributes.keys.all? do |attribute| %w[secure security_last_changed_at security_last_changed_reason].include?(attribute) end end |
#is_authorized?(upload, extension) ⇒ Boolean
52 53 54 |
# File 'lib/validators/upload_validator.rb', line 52 def (upload, extension) (upload, extension, (upload)) end |
#maximum_attachment_file_size(upload) ⇒ Object
68 69 70 |
# File 'lib/validators/upload_validator.rb', line 68 def (upload) maximum_file_size(upload, "attachment") end |
#maximum_image_file_size(upload) ⇒ Object
60 61 62 |
# File 'lib/validators/upload_validator.rb', line 60 def maximum_image_file_size(upload) maximum_file_size(upload, "image") end |
#validate(upload) ⇒ Object
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
# File 'lib/validators/upload_validator.rb', line 6 def validate(upload) # staff can upload any file in PM if (upload. && SiteSetting.allow_staff_to_upload_any_file_in_pm) return true if upload.user&.staff? end # check the attachment blocklist if upload. && SiteSetting. return upload.original_filename =~ SiteSetting. end extension = File.extname(upload.original_filename)[1..-1] || "" if upload.for_site_setting && upload.user&.staff? && FileHelper.is_supported_image?(upload.original_filename) return true end if upload.for_gravatar && FileHelper.supported_gravatar_extensions.include?(extension) maximum_image_file_size(upload) return true end return true if changing_upload_security?(upload) if (upload, extension) if FileHelper.is_supported_image?(upload.original_filename) (upload, extension) maximum_image_file_size(upload) else (upload, extension) (upload) end end end |