github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-26 10:29:47 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
f62ed063fb
discourse/spec/tasks/uploads_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

277 lines
9.9 KiB
Ruby
Raw Normal View History

FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
# frozen_string_literal: true
RSpec.describe "tasks/uploads" do
before do
Rake::Task.clear
Discourse::Application.load_tasks
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
SiteSetting.authorized_extensions += "|pdf"
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
STDIN.stubs(:gets).returns("y\n")
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
describe "uploads:secure_upload_analyse_and_update" do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
let!(:uploads) { [multi_post_upload_1, upload_1, upload_2, upload_3] }
let(:multi_post_upload_1) { Fabricate(:upload_s3) }
let(:upload_1) { Fabricate(:upload_s3) }
let(:upload_2) { Fabricate(:upload_s3) }
let(:upload_3) { Fabricate(:upload_s3, original_filename: "test.pdf", extension: "pdf") }
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
let!(:post_1) { Fabricate(:post) }
let!(:post_2) { Fabricate(:post) }
let!(:post_3) { Fabricate(:post) }
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
before do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
UploadReference.create(target: post_1, upload: multi_post_upload_1)
UploadReference.create(target: post_2, upload: multi_post_upload_1)
UploadReference.create(target: post_2, upload: upload_1)
UploadReference.create(target: post_3, upload: upload_2)
UploadReference.create(target: post_3, upload: upload_3)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
def invoke_task
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
capture_stdout { Rake::Task["uploads:secure_upload_analyse_and_update"].invoke }
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
context "when the store is internal" do
it "does nothing; this is for external store only" do
Upload.expects(:transaction).never
DEV: Use the `type: :multisite` spec setting (#9245) Fixes recent spec flakiness. Also includes: DEV: Prevent accidental exit from specs
2020-03-20 23:18:34 +08:00
expect { invoke_task }.to raise_error(SystemExit)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
end
context "when store is external" do
before do
DEV: Clean up S3 specs, stubs, and helpers Extracted commonly used spec helpers into spec/support/uploads_helpers.rb, removed unused stubs and let definitions. Makes it easier to write new S3-related specs without copy and pasting setup steps from other specs.
2020-09-14 19:32:25 +08:00
setup_s3
uploads.each { |upload| stub_upload(upload) }
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
DEV: Rename secure_media to secure_uploads (#18376) This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 07:24:33 +08:00
context "when secure upload is enabled" do
before { SiteSetting.secure_uploads = true }
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
it "sets an access_control_post for each post upload, using the first linked post in the case of multiple links" do
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(multi_post_upload_1.reload.access_control_post).to eq(post_1)
expect(upload_1.reload.access_control_post).to eq(post_2)
expect(upload_2.reload.access_control_post).to eq(post_3)
expect(upload_3.reload.access_control_post).to eq(post_3)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
FEATURE: Secure uploads in PMs only (#23398) This adds a new secure_uploads_pm_only site setting. When secure_uploads is true with this setting, only uploads created in PMs will be marked secure; no uploads in secure categories will be marked as secure, and the login_required site setting has no bearing on upload security either. This is meant to be a stopgap solution to prevent secure uploads in a single place (private messages) for sensitive admin data exports. Ideally we would want a more comprehensive way of saying that certain upload types get secured which is a hybrid/mixed mode secure uploads, but for now this will do the trick.
2023-09-06 07:39:09 +08:00
context "when login_required" do
before { SiteSetting.login_required = true }
PERF: Speed up secure media and ACL sync rake tasks (#16849) Incorporates learnings from /t/64227: * Changes the code to set access control posts in the rake task to be an efficient UPDATE SQL query. The original version was timing out with 312017 post uploads, the new query took ~3s to run. * Changes the code to mark uploads as secure/not secure in the rake task to be an efficient UPDATE SQL query rather than using UploadSecurity. This took a very long time previously, and now takes only a few seconds. * Spread out ACL syncing for uploads into jobs with batches of 100 uploads at a time, so they can be parallelized instead of having to wait ~1.25 seconds for each ACL to be changed in S3 serially. One issue that still remains is post rebaking. Doing this serially is painfully slow. We have a way to do this in sidekiq via PeriodicalUpdates but this is limited by max_old_rebakes_per_15_minutes. It would be better to fan this rebaking out into jobs like we did for the ACL sync, but that should be done in another PR.
2022-05-23 11:14:11 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
after do
if File.exist?("secure_upload_analyse_and_update_posts_for_rebake.json")
File.delete("secure_upload_analyse_and_update_posts_for_rebake.json")
end
end
it "sets everything attached to a post as secure" do
invoke_task
expect(upload_2.reload.secure).to eq(true)
expect(upload_1.reload.secure).to eq(true)
expect(upload_3.reload.secure).to eq(true)
end
it "writes a file with the post IDs to rebake" do
invoke_task
PERF: Speed up secure media and ACL sync rake tasks (#16849) Incorporates learnings from /t/64227: * Changes the code to set access control posts in the rake task to be an efficient UPDATE SQL query. The original version was timing out with 312017 post uploads, the new query took ~3s to run. * Changes the code to mark uploads as secure/not secure in the rake task to be an efficient UPDATE SQL query rather than using UploadSecurity. This took a very long time previously, and now takes only a few seconds. * Spread out ACL syncing for uploads into jobs with batches of 100 uploads at a time, so they can be parallelized instead of having to wait ~1.25 seconds for each ACL to be changed in S3 serially. One issue that still remains is post rebaking. Doing this serially is painfully slow. We have a way to do this in sidekiq via PeriodicalUpdates but this is limited by max_old_rebakes_per_15_minutes. It would be better to fan this rebaking out into jobs like we did for the ACL sync, but that should be done in another PR.
2022-05-23 11:14:11 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(File.exist?("secure_upload_analyse_and_update_posts_for_rebake.json")).to eq(
true,
)
expect(
JSON.parse(File.read("secure_upload_analyse_and_update_posts_for_rebake.json")),
).to eq({ "post_ids" => [post_1.id, post_2.id, post_3.id] })
end
PERF: Speed up secure media and ACL sync rake tasks (#16849) Incorporates learnings from /t/64227: * Changes the code to set access control posts in the rake task to be an efficient UPDATE SQL query. The original version was timing out with 312017 post uploads, the new query took ~3s to run. * Changes the code to mark uploads as secure/not secure in the rake task to be an efficient UPDATE SQL query rather than using UploadSecurity. This took a very long time previously, and now takes only a few seconds. * Spread out ACL syncing for uploads into jobs with batches of 100 uploads at a time, so they can be parallelized instead of having to wait ~1.25 seconds for each ACL to be changed in S3 serially. One issue that still remains is post rebaking. Doing this serially is painfully slow. We have a way to do this in sidekiq via PeriodicalUpdates but this is limited by max_old_rebakes_per_15_minutes. It would be better to fan this rebaking out into jobs like we did for the ACL sync, but that should be done in another PR.
2022-05-23 11:14:11 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
it "sets the baked_version to NULL for affected posts" do
FEATURE: Secure uploads in PMs only (#23398) This adds a new secure_uploads_pm_only site setting. When secure_uploads is true with this setting, only uploads created in PMs will be marked secure; no uploads in secure categories will be marked as secure, and the login_required site setting has no bearing on upload security either. This is meant to be a stopgap solution to prevent secure uploads in a single place (private messages) for sensitive admin data exports. Ideally we would want a more comprehensive way of saying that certain upload types get secured which is a hybrid/mixed mode secure uploads, but for now this will do the trick.
2023-09-06 07:39:09 +08:00
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(post_1.reload.baked_version).to eq(nil)
expect(post_2.reload.baked_version).to eq(nil)
expect(post_3.reload.baked_version).to eq(nil)
FEATURE: Secure uploads in PMs only (#23398) This adds a new secure_uploads_pm_only site setting. When secure_uploads is true with this setting, only uploads created in PMs will be marked secure; no uploads in secure categories will be marked as secure, and the login_required site setting has no bearing on upload security either. This is meant to be a stopgap solution to prevent secure uploads in a single place (private messages) for sensitive admin data exports. Ideally we would want a more comprehensive way of saying that certain upload types get secured which is a hybrid/mixed mode secure uploads, but for now this will do the trick.
2023-09-06 07:39:09 +08:00
end
context "when secure_uploads_pm_only" do
before { SiteSetting.secure_uploads_pm_only = true }
it "only sets everything attached to a private message post as secure and rebakes all those posts" do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
post_3.topic.update(archetype: "private_message", category: nil)
FEATURE: Secure uploads in PMs only (#23398) This adds a new secure_uploads_pm_only site setting. When secure_uploads is true with this setting, only uploads created in PMs will be marked secure; no uploads in secure categories will be marked as secure, and the login_required site setting has no bearing on upload security either. This is meant to be a stopgap solution to prevent secure uploads in a single place (private messages) for sensitive admin data exports. Ideally we would want a more comprehensive way of saying that certain upload types get secured which is a hybrid/mixed mode secure uploads, but for now this will do the trick.
2023-09-06 07:39:09 +08:00
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(post_1.reload.baked_version).not_to eq(nil)
expect(post_2.reload.baked_version).not_to eq(nil)
expect(post_3.reload.baked_version).to eq(nil)
expect(upload_1.reload.secure).to eq(false)
expect(upload_2.reload.secure).to eq(true)
expect(upload_3.reload.secure).to eq(true)
FEATURE: Secure uploads in PMs only (#23398) This adds a new secure_uploads_pm_only site setting. When secure_uploads is true with this setting, only uploads created in PMs will be marked secure; no uploads in secure categories will be marked as secure, and the login_required site setting has no bearing on upload security either. This is meant to be a stopgap solution to prevent secure uploads in a single place (private messages) for sensitive admin data exports. Ideally we would want a more comprehensive way of saying that certain upload types get secured which is a hybrid/mixed mode secure uploads, but for now this will do the trick.
2023-09-06 07:39:09 +08:00
end
end
PERF: Speed up secure media and ACL sync rake tasks (#16849) Incorporates learnings from /t/64227: * Changes the code to set access control posts in the rake task to be an efficient UPDATE SQL query. The original version was timing out with 312017 post uploads, the new query took ~3s to run. * Changes the code to mark uploads as secure/not secure in the rake task to be an efficient UPDATE SQL query rather than using UploadSecurity. This took a very long time previously, and now takes only a few seconds. * Spread out ACL syncing for uploads into jobs with batches of 100 uploads at a time, so they can be parallelized instead of having to wait ~1.25 seconds for each ACL to be changed in S3 serially. One issue that still remains is post rebaking. Doing this serially is painfully slow. We have a way to do this in sidekiq via PeriodicalUpdates but this is limited by max_old_rebakes_per_15_minutes. It would be better to fan this rebaking out into jobs like we did for the ACL sync, but that should be done in another PR.
2022-05-23 11:14:11 +08:00
end
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
context "when secure_uploads_pm_only" do
before { SiteSetting.secure_uploads_pm_only = true }
it "sets a non-PM post upload to not secure" do
upload_2.update!(secure: true)
invoke_task
expect(upload_2.reload.secure).to eq(false)
end
end
FIX: Change secure media to encompass attachments as well (#9271) If the “secure media” site setting is enabled then ALL files uploaded to Discourse (images, video, audio, pdf, txt, zip etc. etc.) will follow the secure media rules. The “prevent anons from downloading files” setting will no longer have any bearing on upload security. Basically, the feature will more appropriately be called “secure uploads” instead of “secure media”. This is being done because there are communities out there that would like all attachments and media to be secure based on category rules but still allow anonymous users to download attachments in public places, which is not possible in the current arrangement.
2020-03-26 05:16:02 +08:00
it "sets the uploads that are media and attachments in the read restricted topic category to secure" do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
post_3.topic.update(category: Fabricate(:private_category, group: Fabricate(:group)))
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(upload_2.reload.secure).to eq(true)
expect(upload_1.reload.secure).to eq(false)
expect(upload_3.reload.secure).to eq(true)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
it "sets the upload in the PM topic to secure" do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
post_3.topic.update(archetype: "private_message", category: nil)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(upload_2.reload.secure).to eq(true)
expect(upload_1.reload.secure).to eq(false)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
it "sets the baked_version version to NULL for the posts attached for uploads that change secure status" do
post_3.topic.update(category: Fabricate(:private_category, group: Fabricate(:group)))
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(post_1.reload.baked_version).not_to eq(nil)
expect(post_2.reload.baked_version).not_to eq(nil)
expect(post_3.reload.baked_version).to eq(nil)
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
context "for an upload that is already secure and does not need to change" do
before do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
post_3.topic.update(archetype: "private_message", category: nil)
upload_2.update(access_control_post: post_3)
upload_2.update_secure_status
upload_3.update(access_control_post: post_3)
upload_3.update_secure_status
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
it "does not rebake the associated post" do
DEV: Fix flaky time sensitive uploads.rake specs (#9283) Also fix issues in spec where certain uploads were not considered secure
2020-03-26 11:31:39 +08:00
freeze_time
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
post_3.update_columns(baked_at: 1.week.ago)
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
invoke_task
DEV: Fix flaky time sensitive uploads.rake specs (#9283) Also fix issues in spec where certain uploads were not considered secure
2020-03-26 11:31:39 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(post_3.reload.baked_at).to eq_time(1.week.ago)
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
it "does not attempt to update the acl" do
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
FileStore::S3Store.any_instance.expects(:update_upload_ACL).with(upload_2).never
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
invoke_task
end
end
context "for an upload that is already secure and is changing to not secure" do
it "changes the upload to not secure and updates the ACL" do
upload_to_mark_not_secure = Fabricate(:upload_s3, secure: true)
post_for_upload = Fabricate(:post)
FEATURE: Create upload_references table (#16146) This table holds associations between uploads and other models. This can be used to prevent removing uploads that are still in use. * DEV: Create upload_references * DEV: Use UploadReference instead of PostUpload * DEV: Use UploadReference for SiteSetting * DEV: Use UploadReference for Badge * DEV: Use UploadReference for Category * DEV: Use UploadReference for CustomEmoji * DEV: Use UploadReference for Group * DEV: Use UploadReference for ThemeField * DEV: Use UploadReference for ThemeSetting * DEV: Use UploadReference for User * DEV: Use UploadReference for UserAvatar * DEV: Use UploadReference for UserExport * DEV: Use UploadReference for UserProfile * DEV: Add method to extract uploads from raw text * DEV: Use UploadReference for Draft * DEV: Use UploadReference for ReviewableQueuedPost * DEV: Use UploadReference for UserProfile's bio_raw * DEV: Do not copy user uploads to upload references * DEV: Copy post uploads again after deploy * DEV: Use created_at and updated_at from uploads table * FIX: Check if upload site setting is empty * DEV: Copy user uploads to upload references * DEV: Make upload extraction less strict
2022-06-09 07:24:30 +08:00
UploadReference.create(target: post_for_upload, upload: upload_to_mark_not_secure)
DEV: Clean up S3 specs, stubs, and helpers Extracted commonly used spec helpers into spec/support/uploads_helpers.rb, removed unused stubs and let definitions. Makes it easier to write new S3-related specs without copy and pasting setup steps from other specs.
2020-09-14 19:32:25 +08:00
setup_s3
uploads.each { |upload| stub_upload(upload) }
stub_upload(upload_to_mark_not_secure)
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
invoke_task
expect(upload_to_mark_not_secure.reload.secure).to eq(false)
end
end
end
end
end
DEV: Rename secure_media to secure_uploads (#18376) This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 07:24:33 +08:00
describe "uploads:disable_secure_uploads" do
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
def invoke_task
DEV: Rename secure_media to secure_uploads (#18376) This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 07:24:33 +08:00
capture_stdout { Rake::Task["uploads:disable_secure_uploads"].invoke }
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
before do
DEV: Clean up S3 specs, stubs, and helpers Extracted commonly used spec helpers into spec/support/uploads_helpers.rb, removed unused stubs and let definitions. Makes it easier to write new S3-related specs without copy and pasting setup steps from other specs.
2020-09-14 19:32:25 +08:00
setup_s3
uploads.each { |upload| stub_upload(upload) }
DEV: Rename secure_media to secure_uploads (#18376) This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 07:24:33 +08:00
SiteSetting.secure_uploads = true
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
UploadReference.create(target: post_1, upload: upload_1)
UploadReference.create(target: post_1, upload: upload_2)
UploadReference.create(target: post_2, upload: upload_3)
UploadReference.create(target: post_2, upload: upload4)
end
after do
if File.exist?("secure_upload_analyse_and_update_posts_for_rebake.json")
File.delete("secure_upload_analyse_and_update_posts_for_rebake.json")
end
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
let!(:uploads) { [upload_1, upload_2, upload_3, upload4, upload5] }
let(:post_1) { Fabricate(:post) }
let(:post_2) { Fabricate(:post) }
let(:upload_1) { Fabricate(:upload_s3, secure: true, access_control_post: post_1) }
let(:upload_2) { Fabricate(:upload_s3, secure: true, access_control_post: post_1) }
let(:upload_3) { Fabricate(:upload_s3, secure: true, access_control_post: post_2) }
let(:upload4) { Fabricate(:upload_s3, secure: true, access_control_post: post_2) }
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
let(:upload5) { Fabricate(:upload_s3, secure: false) }
DEV: Rename secure_media to secure_uploads (#18376) This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 07:24:33 +08:00
it "disables the secure upload setting" do
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
invoke_task
DEV: Rename secure_media to secure_uploads (#18376) This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 07:24:33 +08:00
expect(SiteSetting.secure_uploads).to eq(false)
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
it "updates all secure uploads to secure: false" do
invoke_task
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
[upload_1, upload_2, upload_3, upload4].each { |upl| expect(upl.reload.secure).to eq(false) }
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
it "sets the baked_version to NULL for affected posts" do
invoke_task
expect(post_1.reload.baked_version).to eq(nil)
expect(post_2.reload.baked_version).to eq(nil)
end
DEV: Fix flaky time sensitive uploads.rake specs (#9283) Also fix issues in spec where certain uploads were not considered secure
2020-03-26 11:31:39 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
it "writes a file with the post IDs to rebake" do
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
invoke_task
DEV: Fix flaky time sensitive uploads.rake specs (#9283) Also fix issues in spec where certain uploads were not considered secure
2020-03-26 11:31:39 +08:00
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
expect(File.exist?("secure_upload_analyse_and_update_posts_for_rebake.json")).to eq(true)
expect(JSON.parse(File.read("secure_upload_analyse_and_update_posts_for_rebake.json"))).to eq(
{ "post_ids" => [post_1.id, post_2.id] },
)
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
DEV: Fix flaky uploads:disable_secure_uploads spec (#18719) This test flakes occassionally, possibly because of the arg ordering which we do not guarantee. In future if this keeps occurring we may want to try make expect_enqueued_with not care about argument orders or the order of arrays etc within those arguments.
2022-10-25 07:01:15 +08:00
it "updates the affected ACLs via the SyncAclsForUploads job" do
invoke_task
expect(Jobs::SyncAclsForUploads.jobs.last["args"][0]["upload_ids"]).to match_array(
DEV: Secure upload rake task improvements (#29484) This commit changes the uploads:secure_upload_analyse_and_update and uploads:disable_secure_uploads to no longer rebake affected posts inline. This just took way too long, and if the task stalled you couldn't be sure if the rest of it completed. Instead, we can update the baked_version of affected posts and utilize our PeriodicalUpdates job to gradually rebake them. I added warnings about increasing the site setting rebake_old_posts_count and the global setting max_old_rebakes_per_15_minutes before doing this as well. For good measure, the affected post IDs are written to a JSON file too.
2024-10-31 11:33:11 +08:00
[upload_1.id, upload_2.id, upload_3.id, upload4.id],
DEV: Fix flaky uploads:disable_secure_uploads spec (#18719) This test flakes occassionally, possibly because of the arg ordering which we do not guarantee. In future if this keeps occurring we may want to try make expect_enqueued_with not care about argument orders or the order of arrays etc within those arguments.
2022-10-25 07:01:15 +08:00
)
DEV: Upload and secure media retroactive rake task improvements (#9027) * Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security * Improved uploads:disable_secure_media to be more efficient and provide better messages to the user. * Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL * Many improvements to uploads:secure_upload_analyse_and_update * Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload. * Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 07:03:58 +08:00
end
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
DEV: Convert the downsizing script to a rake task (#18976) …to make it testable!
2022-11-11 20:00:44 +08:00
describe "uploads:downsize" do
def invoke_task
capture_stdout { Rake::Task["uploads:downsize"].invoke }
end
before { STDIN.stubs(:beep) }
fab!(:upload) { Fabricate(:image_upload, width: 200, height: 200) }
it "corrects upload attributes" do
upload.update!(thumbnail_height: 0)
expect { invoke_task }.to change { upload.reload.thumbnail_height }.to(200)
end
FIX: Allow attr updates of over-size-limit uploads (#18986)
2022-11-12 00:56:11 +08:00
it "updates attributes of uploads that are over the size limit" do
upload.update!(thumbnail_height: 0)
DEV: Add file_size_restriction site setting type (#24704) This change will allow admins to configure file sizes in mb instead of having to convert to kb. Co-authored-by: Ella <ella.estigoy@gmail.com>
2023-12-14 07:22:48 +08:00
SiteSetting.max_image_size_kb = 1
FIX: Allow attr updates of over-size-limit uploads (#18986)
2022-11-12 00:56:11 +08:00
expect { invoke_task }.to change { upload.reload.thumbnail_height }.to(200)
end
DEV: Convert the downsizing script to a rake task (#18976) …to make it testable!
2022-11-11 20:00:44 +08:00
end
FIX: Improvements and fixes for update_upload_acl rake task (#8980) The rake task was broken, because the addition of the UploadSecurity check returned true/false instead of the upload ID to determine which uploads to set secure. Also it was rebaking the posts in the wrong place and pretty inefficiently at that. Also it was rebaking before the upload was being changed to secure in the DB. This also updates the task to set the access_control_post_id for all uploads. the first post the upload is linked to is used for the access control. if the upload doesn't get changed to secure this doesn't affect anything. Added a spec for the rake task to cover common cases.
2020-02-17 12:21:43 +08:00
end
Reference in New Issue Copy Permalink