add security info to README

staturecrane · staturecrane · commit 39e6584f8bd3 · 2017-07-24T22:15:59.000-05:00
diff --git a/.travis.yml b/.travis.yml
@@ -1,6 +0,0 @@
-env:
-  - "RAILS_VERSION=5.1.0"
-  - "RAILS_VERSION=5.0.0"
-  - "RAILS_VERSION=4.2.0"
-  - "RAILS_VERSION=4.1.0"
-  - "RAILS_VERSION=4.0.0"
diff --git a/README.md b/README.md
@@ -45,6 +45,28 @@ config.filestack_rails.client_name = "custom_client_name"
 ```
 The client name defaults to "filestack_client" and is injected into your client-side Javascript. This is because v3 of the File Picker lives in the Javascript of your web application. For more information, please see our [File Picker documenation](https://www.filestack.com/docs/javascript-api/pick-v3). 
 
+### Security
+
+If your account has security enabled, then you must initialize the File Picker with a signature and policy. This is easily enabled through the configuration options by setting your application secret and security options:
+
+```ruby
+config.filestack_rails.app_secret = 'YOUR_APP_SECRET'
+config.filestack_rails.security = {'call' => %w[pick store read convert] }
+```
+If you set security to an empty object like so
+```ruby
+config.filestack_rails.security = {}
+```
+it will provide a policy and signature with only an expiry setting (this defaults to one hour).
+
+You can access the generated policy and signature anytime by calling their attributes on the created security object.
+
+```ruby
+puts config.filestack_rails.security.policy
+puts config.filestack_rails.security.signature
+```
+You can also generate a new security object at any time, although this will only affect the filestack_image tag, and not the File Picker client. 
+
 ## Usage
 
 The Filestack-Rails plugin provides three main functionalities: 
diff --git a/app/helpers/filestack_rails/application_helper.rb b/app/helpers/filestack_rails/application_helper.rb
@@ -10,7 +10,13 @@ def filestack_js_include_tag
 
     def filestack_js_init_tag
       client_name, apikey = get_client_and_api_key
-      javascript_string = "var #{client_name} = filestack.init('#{apikey}');"
+      signature, policy = get_policy_and_signature
+      javascript_string = if policy && signature
+                            "var #{client_name} = filestack.init('#{apikey}'," \
+                            "{'signature': '#{signature}', 'policy': '#{policy}'});"
+                          else
+                            "var #{client_name} = filestack.init('#{apikey}');"
+                          end
       javascript_tag javascript_string
     end
 
@@ -57,5 +63,16 @@ def get_client_and_api_key
       apikey = ::Rails.application.config.filestack_rails.api_key
       [client_name, apikey]
     end
+
+    def get_policy_and_signature
+      if ::Rails.application.config.filestack_rails.security
+        signature = ::Rails.application.config.filestack_rails.security.signature
+        policy = ::Rails.application.config.filestack_rails.security.policy
+      else
+        signature = nil
+        policy = nil
+      end
+      return [signature, policy]
+    end
   end
 end
diff --git a/filestack-rails.gemspec b/filestack-rails.gemspec
@@ -5,7 +5,7 @@ require "filestack_rails/version"
 
 # Describe your gem and declare its dependencies:
 Gem::Specification.new do |s|
-  s.name        = "filestack_rails"
+  s.name        = "filestack-rails"
   s.version     = FilestackRails::VERSION
   s.authors     = ["filestack"]
   s.email       = ["dev@filestack.com"]
diff --git a/lib/filestack-rails.rb b/lib/filestack-rails.rb
diff --git a/lib/filestack_rails/configuration.rb b/lib/filestack_rails/configuration.rb
@@ -1,49 +1,7 @@
 module FilestackRails
   class Configuration
+    attr_accessor :api_key, :client_name, :secret_key, :security, :expiry, :app_secret
 
-    # Define your API Key to be used.
-    #
-    # #### Examples
-    #
-    # This is to be used on the `config/application.rb`:
-    #
-    #      config.filepicker_rails.api_key = 'Your filepicker.io API Key'
-    #
-    attr_writer :api_key
-
-    attr_writer :client_name
-
-    # Define your Secret key to be used on Policy.
-    #
-    # More info about Policy on [Ink documentation](https://developers.filepicker.io/docs/security/)
-    #
-    # #### Examples
-    #
-    # This is to be used on the `config/application.rb`:
-    #
-    #      config.filepicker_rails.secret_key = 'Your filepicker.io Secret Key'
-    #
-    attr_writer :secret_key
-
-    # @private
-    attr_reader :secret_key
-
-    # Set your CDN Path to be used
-    #
-    # More info about CDN on [Ink documentation](https://developers.filepicker.io/docs/cdn/)
-    #
-    # #### Examples
-    #
-    # This is to be used on the `config/application.rb`:
-    #
-    #      config.filepicker_rails.cdn_host = 'Your CDN host name'
-    #
-    attr_writer :cdn_host
-
-    # @private
-    attr_reader :cdn_host
-
-    # @private
     def api_key
       @api_key or raise "Set config.filepicker_rails.api_key"
     end
@@ -52,32 +10,16 @@ def client_name
       @client_name or 'filestack_client'
     end
 
-    # Define the expire time when using Policy.
-    #
-    # By default the expiry time is 10 minutes.
-    # If you need to change the expiry time this should be an integer and
-    # it is expressed in seconds since the [Epoch](http://en.wikipedia.org/wiki/Unix_time).
-    #
-    # #### Examples
-    #
-    # This is to be used on the `config/application.rb`:
-    #
-    #      config.filepicker_rails.expiry = -> { (Time.zone.now + 5.minutes).to_i }
-    #      # Define the expiry time to 5 minutes
-    #
-    # If you need always the same url, a static expiry time, to do some cache.
-    # You can set a date starting of the Epoch.
-    #
-    #     config.filepicker_rails.expiry = -> { 100.years.since(Time.at(0)).to_i }
-    #
-    def expiry=(expiry)
-      raise ArgumentError, 'Must be a callable' unless expiry.respond_to?(:call)
-      @expiry = expiry
+    def expiry
+      @expiry or ( Time.zone.now.to_i + 600 )
     end
 
-    # @private
-    def expiry
-      @expiry ||= -> { Time.zone.now.to_i + 600 }
+    def security=(security_options = {})
+      if @app_secret.nil?
+        raise 'You must have secret key to use security'
+      end
+      @security = FilestackSecurity.new(@app_secret, options: security_options)
     end
+
   end
 end
diff --git a/lib/filestack_rails/transform.rb b/lib/filestack_rails/transform.rb
@@ -2,7 +2,12 @@
 
 class FilestackTransform
     def initialize(apikey)
-        @transform = Transform.new(apikey:apikey)
+        security = ::Rails.application.config.filestack_rails.security
+        if !security.nil?
+            @transform = Transform.new(apikey: apikey, security: security)
+        else
+            @transform = Transform.new(apikey: apikey)
+        end
     end
 
     def method_missing(method_name, **args)
diff --git a/spec/dummy/config/application.rb b/spec/dummy/config/application.rb
@@ -3,7 +3,7 @@
 require 'rails/all'
 
 Bundler.require(*Rails.groups)
-require 'filestack_rails'
+require 'filestack-rails'
 
 module Dummy
   class Application < Rails::Application
@@ -12,6 +12,7 @@ class Application < Rails::Application
     config.assets.compile = true
     config.filestack_rails.api_key = 'API_KEY'
     config.filestack_rails.client_name = 'rich_client'
+    config.filestack_rails.app_secret = 'OLHJG4JUABB7DFL6CGATC4SN74'
 
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
diff --git a/spec/lib/configuration_spec.rb b/spec/lib/configuration_spec.rb
@@ -6,29 +6,11 @@
   end
 
   describe "#api_key=" do
-    it "respond to api_key=" do
+    it "responds to api_key=" do
       expect(configuration).to respond_to(:api_key=)
     end
   end
 
-  describe "#secret_key=" do
-    it "respond to secret_key=" do
-      expect(configuration).to respond_to(:secret_key=)
-    end
-  end
-
-  describe "#expiry=" do
-    it "respond to expiry=" do
-      expect(configuration).to respond_to(:expiry=)
-    end
-
-    it 'raises error if not receive a callable' do
-      expect do
-        configuration.expiry = 12
-      end.to raise_error(ArgumentError, 'Must be a callable')
-    end
-  end
-
   describe "#api_key" do
     it "have defined value" do
       configuration.api_key = "my api key"
@@ -41,4 +23,17 @@
       end.to raise_error(RuntimeError, "Set config.filepicker_rails.api_key")
     end
   end
+
+  describe "#security" do
+    it "has no security" do
+      expect(configuration.security).to be(nil)
+    end
+
+    it "has security" do
+      configuration.app_secret = 'somesecret'
+      configuration.security = {}
+      expect(configuration.security.policy)
+      expect(configuration.security.signature)
+    end
+  end
 end
