5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-11-26 17:06:21 +00:00

algunas recomendaciones de brakeman

This commit is contained in:
f 2020-08-05 12:29:11 -03:00
parent 96c2b8189a
commit b9215fee6d
5 changed files with 17 additions and 36 deletions

View file

@ -1,5 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
require 'filemagic'
# Define un campo de archivo # Define un campo de archivo
class MetadataFile < MetadataTemplate class MetadataFile < MetadataTemplate
# Una ruta vacía a la imagen con una descripción vacía # Una ruta vacía a la imagen con una descripción vacía
@ -68,10 +70,22 @@ class MetadataFile < MetadataTemplate
private private
def filemagic
@filemagic ||= FileMagic.new(FileMagic::MAGIC_MIME)
end
def path def path
@path ||= Pathname.new value['path'] @path ||= Pathname.new value['path']
end end
def file
if value['path'].is_a? ActionDispatch::Http::UploadedFile
value['path'].tempfile.path
else
value['path']
end
end
def key_from_path def key_from_path
path.dirname.basename.to_s path.dirname.basename.to_s
end end
@ -84,10 +98,6 @@ class MetadataFile < MetadataTemplate
FileUtils.ln uploaded_path, destination_path FileUtils.ln uploaded_path, destination_path
end end
def extension
@extension ||= static_file.filename.to_s.split('.').last
end
# Obtener la ruta al archivo # Obtener la ruta al archivo
# https://stackoverflow.com/a/53908358 # https://stackoverflow.com/a/53908358
def uploaded_relative_path def uploaded_relative_path

View file

@ -11,16 +11,8 @@ class MetadataImage < MetadataFile
errors.empty? errors.empty?
end end
# Determina si es una imagen antes de subirla # Determina si es una imagen
def image? def image?
if value['path'].is_a? ActionDispatch::Http::UploadedFile FileMagic.new(FileMagic::MAGIC_MIME).file(file).starts_with? 'image/'
`file --mime-type "#{value['path'].tempfile.path}"`
.split(' ')
.last
.chomp
.starts_with? 'image/'
else
true
end
end end
end end

View file

@ -13,9 +13,6 @@ class Usuarie < ApplicationRecord
has_many :roles has_many :roles
has_many :sites, through: :roles has_many :sites, through: :roles
before_create :register_in_lounge!,
if: proc { Rails.env.production? }
def name def name
email.split('@', 2).first email.split('@', 2).first
end end
@ -40,15 +37,4 @@ class Usuarie < ApplicationRecord
increment_failed_attempts increment_failed_attempts
lock_access! if attempts_exceeded? && !access_locked? lock_access! if attempts_exceeded? && !access_locked?
end end
private
# XXX: Tenemos que hacer esto en línea porque necesitamos la
# contraseña y no la queremos dejar registrada por error en ningún
# lado
def register_in_lounge!
Thread.new do
open("https://chat.#{Site.domain}/#{ENV['LOUNGE']}/#{email}/#{password}")
end
end
end end

View file

@ -17,11 +17,8 @@
%tr %tr
%th.text-center{ colspan: 2 }= t('.front_matter') %th.text-center{ colspan: 2 }= t('.front_matter')
%tbody %tbody
-#
TODO: Cambiar por un método que nos deje interactuar
directamente con los metadatos
- @post.attributes.each do |attr| - @post.attributes.each do |attr|
- metadata = @post.send(attr) - metadata = @post[attr]
- next unless metadata.front_matter? - next unless metadata.front_matter?
= render("posts/attribute_ro/#{metadata.type}", = render("posts/attribute_ro/#{metadata.type}",

View file

@ -6,10 +6,6 @@ Rails.application.routes.draw do
root 'application#index' root 'application#index'
direct :mutual_aid do |channel|
"https://chat.#{Site.domain}/?channels=#{channel}"
end
get 'markdown', to: 'application#markdown' get 'markdown', to: 'application#markdown'
constraints subdomain: 'api' do constraints subdomain: 'api' do