You can clone with
HTTPS or Subversion.
I'm building an online safe based on carrierwave and a personal cipher library.
My needs are quite simple, I want a user to upload a file, my Rails app encrypt it, then store it (using Fog) in any datacenter.
Then, when retrieving the file, my app needs to decrypt it from cache, and send it to the user.
My uploader :
class EncryptorUploader < CarrierWave::Uploader::Base
before :store, :remember_cache_id
after :store, :delete_tmp_dir
cache_stored_file! if !cached?
#.... Encryption logic altering the cached file in place
How I want to use it (here without activerecord for now):
@uploader = EncryptorUploader.new(FakeClass.new, :fake)
#... Years later, I need to get the file back
#... Decryption logic altering the cached file in place
But process! is called twice, once on store!, which is quite normal, but also on cache_stored_file! (which call cache! too)
Meaning that when I want to retrieve the file, it is double encrypted...
I'm not understanding, if I misuse Carrierwave, or if there is an issue in the cache_stored_file! feature/code.
BTW cache_stored_file! have no test, so I was unable to check what was the point of this method.
Anybody have any though on my case ?
I'm ready to help writing code and test case on this feature or in a new feature matching my needs.
PS : I checked for issue #380 & #422 but it seems to be a different case.
Is there a reason you need to call cache_stored_file! in your encrypt method? I think you're just supposed to return the processed file at the end of your custom method.
Thx for looking at this.
I do not know with which web server I'm gonna interact with, and I'm not sure my Rails app will be allowed to write to the file location. Since then I built a method around openssl that cipher the file in place.
I would be glad to cipher the file in webserver temporary place (less copy means less resource and more security), but I don't think it is cross-compatible.
Anyhow I also wanted to point that cache_stored_file! behavior's seems awkward.
Gotcha. Well, if you'd like to work up a pull request (with tests!) that demonstrates the problem with a proposed fix, that would be awesome!