Strip EXIF data as user preference

app/controllers/users_controller.rb

@@ -52,6 +52,12 @@ def update
         else
           flash[:notice] = I18n.t 'users.update.settings_not_updated'
         end
+      elsif u[:strip_exif]
+        if @user.update_attributes(u)
+          flash[:notice] = I18n.t 'users.update.settings_updated'
+        else
+          flash[:notice] = I18n.t 'users.update.settings_not_updated'
+        end
       elsif u[:language]
         if @user.update_attributes(u)
           I18n.locale = @user.language
@@ -180,6 +186,7 @@ def user_params
       :invitation_service,
       :invitation_identifier,
       :show_community_spotlight_in_stream,
+      :strip_exif,
       :auto_follow_back,
       :auto_follow_back_aspect_id,
       :remember_me,

app/models/photo.rb

@@ -81,10 +81,13 @@ def self.diaspora_initialize(params = {})
 
     photo.random_string = SecureRandom.hex(10)
 
+    if photo.author.local?
+      photo.unprocessed_image.strip_exif = photo.author.owner.strip_exif
+    end
+
     if params[:user_file]
       image_file = params.delete(:user_file)
       photo.unprocessed_image.store! image_file
-
     elsif params[:image_url]
       photo.remote_unprocessed_image_url = params[:image_url]
       photo.unprocessed_image.store!

app/models/user.rb

@@ -467,6 +467,7 @@ def clear_account!
      :show_community_spotlight_in_stream].each do |field|
       self[field] = false
     end
+    self[:strip_exif] = true
     self[:email] = "deletedaccount_#{self[:id]}@example.org"
 
     random_password = SecureRandom.hex(20)
@@ -505,6 +506,6 @@ def clearable_fields
                             "created_at", "updated_at", "locked_at",
                             "serialized_private_key", "getting_started",
                             "disable_mail", "show_community_spotlight_in_stream",
-                            "email", "remove_after"]
+                            "strip_exif", "email", "remove_after"]
   end
 end

app/serializers/export/user_serializer.rb

@@ -7,10 +7,11 @@ class UserSerializer < ActiveModel::Serializer
                :disable_mail,
                :show_community_spotlight_in_stream,
                :auto_follow_back,
-               :auto_follow_back_aspect
+               :auto_follow_back_aspect,
+               :strip_exif
     has_one    :profile,  serializer:      Export::ProfileSerializer
     has_many   :aspects,  each_serializer: Export::AspectSerializer
     has_many   :contacts, each_serializer: Export::ContactSerializer
 
   end
-end
+end

app/uploaders/processed_image.rb

@@ -19,27 +19,15 @@ def filename
 
   version :thumb_small do
     process :resize_to_fill => [50,50]
-    process :strip
   end
   version :thumb_medium do
     process :resize_to_limit => [100,100]
-    process :strip
   end
   version :thumb_large do
     process :resize_to_limit => [300,300]
-    process :strip
   end
   version :scaled_full do
     process :resize_to_limit => [700,nil]
-    process :strip
-  end
-
-  def strip
-    manipulate! do |img|
-      img.strip
-      img = yield(img) if block_given?
-      img
-    end
   end
 
 end

app/uploaders/unprocessed_image.rb

@@ -5,6 +5,12 @@
 class UnprocessedImage < CarrierWave::Uploader::Base
   include CarrierWave::MiniMagick
 
+  attr_accessor :strip_exif
+
+  def strip_exif
+    @strip_exif || false
+  end
+
   def store_dir
     "uploads/images"
   end
@@ -17,11 +23,13 @@ def filename
     model.random_string + File.extname(@filename) if @filename
   end
 
-  process :orient_image
+  process :basic_process
 
-  def orient_image
+  def basic_process
     manipulate! do |img|
       img.auto_orient
+      img.strip if strip_exif
+      img = yield(img) if block_given?
       img
     end
   end

app/views/users/privacy_settings.html.haml

@@ -15,6 +15,26 @@
           = t('privacy')
         = render 'shared/settings_nav'
 
+  .row-fluid
+    .span3
+    .span5
+      %h3
+        = t('.title')
+
+      = form_for current_user, :url => user_path, :html => { :method => :put } do |f|
+        = f.error_messages
+
+        = f.fields_for :stream_preferences do |type|
+          #stream_prefs
+          = f.label :strip_exif, :class => "checkbox" do
+            = f.check_box :strip_exif
+            = t('.strip_exif')
+
+          .small-horizontal-spacer
+          = f.submit t('.change'), :class => 'btn'
+
+      %hr
+
   .row-fluid
     .span3
     .span5

config/locales/diaspora/en.yml

@@ -1291,8 +1291,10 @@ en:
     privacy_settings:
       title: "Privacy Settings"
       ignored_users: "Ignored Users"
+      strip_exif: "Strip uploaded images metadata (geopos, author, camera, etc.) (Recommended)"
       stop_ignoring: "Stop ignoring"
       no_user_ignored_message: "You are currently ignoring no other user"
+      change: "Change"
 
     destroy:
       success: "Your account has been locked. It may take 20 minutes for us to finish closing your account. Thank you for trying diaspora*."

db/migrate/20141230214830_user_pref_strip_exif.rb

@@ -0,0 +1,9 @@
+class UserPrefStripExif < ActiveRecord::Migration
+  def up
+    add_column :users, :strip_exif, :boolean, default: true
+  end
+
+  def down
+    remove_column :users, :strip_exif
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20141216213423) do
+ActiveRecord::Schema.define(version: 20141230214830) do
 
   create_table "account_deletions", force: true do |t|
     t.string   "diaspora_handle"
@@ -558,6 +558,7 @@
     t.datetime "reset_password_sent_at"
     t.datetime "last_seen"
     t.datetime "remove_after"
+    t.boolean  "strip_exif",                                     default: true
   end
 
   add_index "users", ["authentication_token"], name: "index_users_on_authentication_token", unique: true, using: :btree

spec/lib/diaspora/exporter_spec.rb

@@ -37,6 +37,7 @@ def json
     it { matches :user, :show_community_spotlight_in_stream }
     it { matches :user, :auto_follow_back }
     it { matches :user, :auto_follow_back_aspect }
+    it { matches :user, :strip_exif }
 
     it { matches :user, :profile, :first_name,      root: @user1.person.profile }
     it { matches :user, :profile, :last_name,       root: @user1.person.profile }

spec/models/photo_spec.rb

@@ -140,6 +140,39 @@ def with_carrierwave_processing(&block)
     end
   end
 
+  context 'with a saved photo containing EXIF data' do
+    before do
+      alice.strip_exif = false
+      @exif_filename  = 'exif.jpg'
+      @exif_name      = File.join(File.dirname(__FILE__), '..', 'fixtures', @exif_filename)
+    end
+
+    it 'should contain EXIF data if user prefer' do
+      with_carrierwave_processing do
+        @photo.unprocessed_image.store! File.open(@exif_name)
+        @photo.save
+      end
+
+      new_filename = File.join(File.dirname(__FILE__), '../../public/', @photo.unprocessed_image.store_dir, @photo.unprocessed_image.filename)
+      image = MiniMagick::Image.new(new_filename)
+      expect(image.exif.length).to eq(0)
+    end
+
+    it 'should not contain EXIF data if user prefer' do
+      bob.strip_exif = true
+      @bob_photo  = bob.build_post(:photo, :user_file => File.open(@exif_name), :to => @aspect.id)
+
+      with_carrierwave_processing do
+        @bob_photo.unprocessed_image.store! File.open(@exif_name)
+        @bob_photo.save
+      end
+
+      new_filename = File.join(File.dirname(__FILE__), '../../public/', @photo.unprocessed_image.store_dir, @photo.unprocessed_image.filename)
+      image = MiniMagick::Image.new(new_filename)
+      expect(image.exif.length).to eq(0)
+    end
+  end
+
   describe 'non-image files' do
     it 'should not store' do
       file = File.open(@fail_fixture_name)