Security News
38% of CISOs Fear They’re Not Moving Fast Enough on AI
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
This gem provides a Rails engine that allows for the storage of images on Amazon S3. Images are organized in galleries. All interactions are done through a simple REST API.
As this is a Rails engine, you need to mount it in your app. This can be done by modifying your config/routes.rb file. You can add a line like:
mount MediaGallery::Engine => "/media_gallery"
Next, you need to deal with access control. The media_gallery engine uses cancancan for access_control. It does not make any assumptions as to what library or method you use for sign in. It works fine with Devise if that is what you are using. JWT access will also work. You do need to override two methods in the MediaGallery::ApplicationController class. These methods are:
The recommended approach for this is to create an initializer. You can check out the one defined in the spec/dummy test app. It defines something like:
MediaGallery::ApplicationController.class_eval do
def current_user
User.find_by_token(request.headers['token'])
end
def create_ability(user)
Ability.new(user)
end
end
You can also look at an example of how this can be done with Devise here.
Lastly, media_gallery uses carrierwave to interact with the S3 storage system. Carrierwave needs to be configured appropriately. The way we do it is through another initializer file (e.g. config/initializers/carrierwave_s3.rb) which defines something like:
class FogSettings
def self.S3
{
:provider => 'AWS',
:aws_access_key_id => ENV['MEDIA_GALLERY_TEST_AWS_PUBLIC'],
:aws_secret_access_key => ENV['MEDIA_GALLERY_TEST_AWS_SECRET']
}
end
def self.directory
ENV['MEDIA_GALLERY_TEST_AWS_DIR']
end
end
CarrierWave.configure do |config|
config.fog_credentials = FogSettings.S3
config.fog_directory = FogSettings.directory
#The following is specifically for Heroku. Heroku only allows you to save data
#in the tmp folder. We therefore make sure that the tmp files are put there.
#See https://github.com/jnicklas/carrierwave/wiki/How-to%3A-Make-Carrierwave-work-on-Heroku
config.cache_dir = "#{Rails.root}/tmp/uploads"
end
In the previous block, the MEDIA_GALLERY_TEST_AWS... keys are fed from the environment. You can use whatever approach you want. If deploying in Heroku or AWS, it's better to use this approach as your deployed code does not have hardcoded values.
Add this line to your application's Gemfile:
gem 'media_gallery'
And then execute:
$ bundle
Or install it yourself as:
$ gem install media_gallery
You'll also need to ensure that the associated migrations are run. You can do this with the following:
bin/rails media_gallery:install:migrations
bin/rails db:migrate SCOPE=media_gallery
If you want to help out, no problem. The more, the merrier. You can fix issues if you want to or look at the list of outstanding features here.
Make sure that you write unit tests. We presently have model and request specs. The request specs require you to have an AWS account with S3 setup correctly. You then need to define three environment variables:
The rspecs look for these variables in your environment. On Linux or Mac, you can add something like this to you .bash_profile
export MEDIA_GALLERY_TEST_AWS_PUBLIC=AJEJEKNJE87JS
export MEDIA_GALLERY_TEST_AWS_SECRET=Bskljfslkdjflksjflkjslls+sljksjlk
export MEDIA_GALLERY_TEST_AWS_DIR=gallery2018
(All values provided in the previous block are fake... obviously :-)
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that media_gallery demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.