module Refile::BackendMacros

Macros which make it easier to write secure backends.

@api private

Public Instance Methods

decode_id(id) click to toggle source
# File lib/refile/backend_macros.rb, line 41
def decode_id(id)
  id.to_s
end
valid_id?(id) click to toggle source
# File lib/refile/backend_macros.rb, line 37
def valid_id?(id)
  id =~ /\A[a-z0-9]+\z/i
end
verify_id(method) click to toggle source
Calls superclass method
# File lib/refile/backend_macros.rb, line 6
def verify_id(method)
  mod = Module.new do
    define_method(method) do |id|
      id = self.class.decode_id(id)
      if self.class.valid_id?(id)
        super(id)
      else
        raise Refile::InvalidID
      end
    end
  end
  prepend mod
end
verify_uploadable(method) click to toggle source
Calls superclass method
# File lib/refile/backend_macros.rb, line 20
def verify_uploadable(method)
  mod = Module.new do
    define_method(method) do |uploadable|
      [:size, :read, :eof?, :rewind, :close].each do |m|
        unless uploadable.respond_to?(m)
          raise Refile::InvalidFile, "does not respond to `#{m}`."
        end
      end
      if max_size and uploadable.size > max_size
        raise Refile::InvalidMaxSize, "#{uploadable.inspect} is too large"
      end
      super(uploadable)
    end
  end
  prepend mod
end