Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
dropbox-api-kilgore5
Advanced tools
A Ruby client for the DropBox REST API.
Goal:
To deliver a more Rubyesque experience when using the DropBox API.
Current state:
First release, whole API covered.
From version 0.2.0, Dropbox::API::File#delete and Dropbox::API::Dir#delete are gone!!
The reason is that it's based on Hashie::Mash and was screwing Hash#delete.
It is replaced with Dropbox::API::File#destroy and Dropbox::API::Dir#destroy.
Dropbox::API is available on RubyGems, so:
gem install dropbox-api
Or in your Gemfile:
gem "dropbox-api"
In order to use this client, you need to have an app created on https://www.dropbox.com/developers/apps.
Once you have it, put this configuration somewhere in your code, before you start working with the client.
Dropbox::API::Config.app_key = YOUR_APP_TOKEN
Dropbox::API::Config.app_secret = YOUR_APP_SECRET
Dropbox::API::Config.mode = "sandbox" # if you have a single-directory app or "dropbox" if it has access to the whole dropbox
The client is the base for all communication with the API and wraps around almost all calls available in the API.
In order to create a Dropbox::API::Client object, you need to have the configuration set up for OAuth. Second thing you need is to have the user authorize your app using OAuth. Here's a short intro on how to do this:
consumer = Dropbox::API::OAuth.consumer(:authorize)
request_token = consumer.get_request_token
# Store the token and secret so after redirecting we have the same request token
session[:token] = request_token.token
session[:token_secret] = request_token.secret
request_token.authorize_url(:oauth_callback => 'http://yoursite.com/callback')
# Here the user goes to Dropbox, authorizes the app and is redirected
hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret]}
request_token = OAuth::RequestToken.from_hash(consumer, hash)
result = request_token.get_access_token(:oauth_verifier => oauth_token)
Now that you have the oauth token and secret, you can create a new instance of the Dropbox::API::Client, like this:
client = Dropbox::API::Client.new :token => result.token, :secret => result.secret
Dropbox::API supplies you with a helper rake which will authorize a single client. This is useful for development and testing.
In order to have this rake available, put this on your Rakefile:
require "dropbox-api/tasks"
Dropbox::API::Tasks.install
You will notice that you have a new rake task - dropbox:authorize
When you call this Rake task, it will ask you to provide the consumer key and secret. Afterwards it will present you with an authorize url on Dropbox.
Simply go to that url, authorize the app, then press enter in the console.
The rake task will output valid ruby code which you can use to create a client.
A few things:
Consider the following example which takes all files with names like 'test.txt' and copies them with a suffix '.old'
This is how it would look using the SDK:
# Because you need the session with the right access token, you need to create one instance per user
@session = DropboxSession.new(APP_TOKEN, APP_SECRET)
@session.set_access_token(ACCESS_TOKEN, ACCESS_SECRET)
@client = DropboxClient.new(@session, :app_folder)
# The result is a hash, so we need to call a method on the client, supplying the right key from the hash
@client.search('/', 'test.txt').each do |hash|
@client.file_copy(hash['path'], hash['path'] + ".old")
end
With Dropbox::API, you can clean it up, first you put the app token and secret in a config or initializer file:
Dropbox::API::Config.app_key = APP_TOKEN
Dropbox::API::Config.app_secret = APP_SECRET
And when you want to use it, just create a new client object with a specific access token and secret:
# The app token and secret are read from config, that's all you need to have a client ready for one user
@client = Dropbox::API::Client.new(:token => ACCESS_TOKEN, :secret => ACCESS_SECRET)
# The file is a Dropbox::API::File object, so you can call methods on it!
@client.search('test.txt').each do |file|
file.copy(file.path + ".old2")
end
Dropbox::API does not extend the Ruby primitives, like the dropbox gem:
https://github.com/RISCfuture/dropbox/tree/master/lib/dropbox/extensions
Returns a simple object with information about the account:
client.account # => #<Dropbox::API::Object>
For more info, see https://www.dropbox.com/developers/reference/api#account-info
When provided a path, returns a single file or directory
client.find 'file.txt' # => #<Dropbox::API::File>
When provided a path, returns a list of files or directories within that path
By default it's the root path:
client.ls # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
But you can provide your own path:
client.ls 'somedir' # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
Creates a new directory and returns a Dropbox::API::Dir object
client.mkdir 'new_dir' # => #<Dropbox::API::Dir>
Stores a file with a provided body under a provided name and returns a Dropbox::API::File object
client.upload 'file.txt', 'file body' # => #<Dropbox::API::File>
Downloads a file with a provided name and returns it's content
client.download 'file.txt' # => 'file body'
When provided a pattern, returns a list of files or directories within that path
By default it searches the root path:
client.search 'pattern' # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
However, you can specify your own path:
client.search 'pattern', :path => 'somedir' # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
Returns a cursor and a list of files that have changed since the cursor was generated.
delta = client.delta 'abc123'
delta.cursor # => 'def456'
delta.entries # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
When called without a cursor, it returns all the files.
delta = client.delta 'abc123'
delta.cursor # => 'abc123'
delta.entries # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
These methods are shared by Dropbox::API::File and Dropbox::API::Dir
Copies a file/directory to a new specified filename
file.copy 'newfilename.txt' # => #<Dropbox::API::File>
Moves a file/directory to a new specified filename
file.move 'newfilename.txt' # => #<Dropbox::API::File>
Deletes a file/directory
file.destroy 'newfilename.txt' # => #<Dropbox::API::File>
Returns an Array of Dropbox::API::File objects with appropriate rev attribute
For more info, see https://www.dropbox.com/developers/reference/api#revisions
Restores a file to a specific revision
For more info, see https://www.dropbox.com/developers/reference/api#restore
Returns the link to a file page in Dropbox
For more info, see https://www.dropbox.com/developers/reference/api#shares
Returns the link to a file in Dropbox
For more info, see https://www.dropbox.com/developers/reference/api#media
Returns the thumbnail for an image
For more info, see https://www.dropbox.com/developers/reference/api#thumbnail
Downloads a file and returns it's content
file.download # => 'file body'
Returns a list of files or directorys within that directory
dir.ls # => [#<Dropbox::API::File>, #<Dropbox::API::Dir>]
In order to run tests, you need to have an application created and authorized. Put all tokens in spec/connection.yml and you're good to go.
Check out spec/connection.sample.yml for an example.
Copyright (c) 2011 Marcin Bunsch, Future Simple Inc. See LICENSE for details.
FAQs
Unknown package
We found that dropbox-api-kilgore5 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.