Class: UploadSecurity

Inherits:

Object

Object
UploadSecurity

Defined in:: lib/upload_security.rb

Overview

A note on determining whether an upload should be marked as secure:

Some of these flags checked (e.g. all of the for_X flags and the opts) are only set when _initially uploading_ via UploadCreator and are not present when an upload already exists, these will only be checked when the @creating option is present.

If the upload already exists the best way to figure out whether it should be secure alongside the site settings is the access_control_post_id, because the original post the upload is linked to has far more bearing on its security context post-upload. If the access_control_post_id does not exist then we just rely on the current secure? status, otherwise there would be a lot of additional complex queries and joins to perform.

These queries will be performed only if the @creating option is false. So if an upload is included in a post, and it’s an upload from a different source (e.g. a category logo, site setting upload) then we will determine secure state _based on the first place the upload was referenced_.

NOTE: When updating this to add more cases where uploads will be marked secure, consider uploads:secure_upload_analyse_and_update as well, which does not use this class directly but uses an SQL version of its rules for efficient updating of many uploads in bulk.

Constant Summary collapse

PUBLIC_TYPES =

%w[
  avatar
  custom_emoji
  profile_background
  card_background
  category_logo
  category_logo_dark
  category_background
  group_flair
  badge_image
]

PUBLIC_UPLOAD_REFERENCE_TYPES =

%w[
  Badge
  Category
  CustomEmoji
  Group
  SiteSetting
  ThemeField
  User
  UserAvatar
  UserProfile
]

@@custom_public_types =

[]

Class Method Summary collapse

.register_custom_public_type(type) ⇒ Object
.reset_custom_public_types ⇒ Object

used in tests.

Instance Method Summary collapse

#initialize(upload, opts = {}) ⇒ UploadSecurity constructor

A new instance of UploadSecurity.
#should_be_secure? ⇒ Boolean
#should_be_secure_with_reason ⇒ Object

Constructor Details

#initialize(upload, opts = {}) ⇒ `UploadSecurity`

Returns a new instance of UploadSecurity.

# File 'lib/upload_security.rb', line 63

def initialize(upload, opts = {})
  @upload = upload
  @opts = opts
  @upload_type = @opts[:type]
  @creating = @opts[:creating]
end

Class Method Details

.register_custom_public_type(type) ⇒ `Object`



54
55
56

# File 'lib/upload_security.rb', line 54

def self.register_custom_public_type(type)
  @@custom_public_types << type if !@@custom_public_types.include?(type)
end

.reset_custom_public_types ⇒ `Object`

used in tests



59
60
61

# File 'lib/upload_security.rb', line 59

def self.reset_custom_public_types
  @@custom_public_types = []
end

Instance Method Details

#should_be_secure? ⇒ `Boolean`

Returns:

(Boolean)



70
71
72

# File 'lib/upload_security.rb', line 70

def should_be_secure?
  should_be_secure_with_reason.first
end

#should_be_secure_with_reason ⇒ `Object`

# File 'lib/upload_security.rb', line 74

def should_be_secure_with_reason
  insecure_context_checks.each { |check, reason| return false, reason if perform_check(check) }
  secure_context_checks.each do |check, reason|
    return perform_check(check), reason if priority_check?(check)
    return true, reason if perform_check(check)
  end

  [false, "no checks satisfied"]
end