Add public interface alternative to whitelist

Add public interface alternative to whitelist so users who prefer not to use that terminology can use allowlist in their own uploader code. To make this change minimally intrusive as a start, the default whitelist methods now call the allowlist methods so either method can be overridden and it will work as expected while maintaining backwards compatibility. https://developers.google.com/style/word-list#blacklist rubocop/rubocop#6464
Kadenze · Mar 27, 2021 · db1ab22 · db1ab22
1 parent 1f2cb50
commit db1ab22
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/lib/carrierwave/uploader/content_type_whitelist.rb b/lib/carrierwave/uploader/content_type_whitelist.rb
@@ -7,6 +7,8 @@ module ContentTypeWhitelist
         before :cache, :check_content_type_whitelist!
       end
 
+      def content_type_allowlist; end
+
       ##
       # Override this method in your uploader to provide a whitelist of files content types
       # which are allowed to be uploaded.
@@ -28,7 +30,9 @@ module ContentTypeWhitelist
       #       [/(text|application)\/json/]
       #     end
       #
-      def content_type_whitelist; end
+      def content_type_whitelist
+        content_type_allowlist
+      end
 
     private
 

diff --git a/lib/carrierwave/uploader/extension_whitelist.rb b/lib/carrierwave/uploader/extension_whitelist.rb
@@ -7,6 +7,8 @@ module ExtensionWhitelist
         before :cache, :check_extension_whitelist!
       end
 
+      def extension_allowlist; end
+
       ##
       # Override this method in your uploader to provide a white list of extensions which
       # are allowed to be uploaded. Compares the file's extension case insensitive.
@@ -31,7 +33,9 @@ module ExtensionWhitelist
       #       [/jpe?g/, 'gif', 'png']
       #     end
       #
-      def extension_whitelist; end
+      def extension_whitelist
+        extension_allowlist
+      end
 
     private
 

diff --git a/spec/uploader/content_type_whitelist_spec.rb b/spec/uploader/content_type_whitelist_spec.rb
@@ -36,6 +36,12 @@
           expect { uploader.cache!(bork_file) }.to raise_error(CarrierWave::IntegrityError)
         end
 
+        it "raises an integrity error the file has not an allowlisted content type" do
+          allow(uploader).to receive(:content_type_allowlist).and_return(['image/gif'])
+
+          expect { uploader.cache!(bork_file) }.to raise_error(CarrierWave::IntegrityError)
+        end
+
         it "accepts content types as regular expressions" do
           allow(uploader).to receive(:content_type_whitelist).and_return([/image\//])
 

diff --git a/spec/uploader/extension_whitelist_spec.rb b/spec/uploader/extension_whitelist_spec.rb
@@ -43,6 +43,14 @@
           }).to raise_error(CarrierWave::IntegrityError)
         end
 
+        it "raises an integrity error if the file has not an allowlisted extension" do
+          allow(@uploader).to receive(:extension_allowlist).and_return(%w(txt doc xls))
+
+          expect(running {
+            @uploader.cache!(File.open(file_path('test.jpg')))
+          }).to raise_error(CarrierWave::IntegrityError)
+        end
+
         it "raises an integrity error if the file has not a whitelisted extension, using start of string matcher" do
           allow(@uploader).to receive(:extension_whitelist).and_return(%w(txt))