mini_paperclip is a subset of paperclip
- Major API follow paperclip.
- Minor API and configuration changed from paperclip.
- Keep DB columns, S3 Objects and application code.
- Keep maintenable.
- Keep MINI.
class Book < ActiveRecord::Base
extend MiniPaperclip::ClassMethods
has_attached_file :image
end
book = Book.find(id)
book.update!(book_params) # { image: ... }
book.image # #<MiniPaperclip::Attachment >
book.image.url # "http://..."
- <attachment>_file_name
- <attachment>_file_size
- <attachment>_content_type
- <attachment>_updated_at
book.image = ? # assign value to columns
book.save # write file to storage
? is ...
- MiniPaperclip::Attachment # copy file
- ActionDispatch::Http::UploadedFile # in rails simple case
- url string e.g. "https://s3/bucket/key.png" # download contents from url
- data-uri string # read by base64 encoded string. but <attachment>_file_name could not set
You can set configuration e.g initializers or environments
MiniPaperclip.config.tap do |config|
config.storage # default storage. `:filesystem` or `:s3`
config.filesystem_path # saving file path
config.hash_data # interpolated `:hash` base data
config.hash_secret # interpolated `:hash` secret
config.styles # default styles
config.url_scheme # 'http' or 'https'
config.url_host # host name for `url`
config.url_path # path for `url` and S3 object
config.url_missing_path # path when not attached
config.s3_host_alias # CDN host name
config.s3_bucket_name # should set when storage = :s3
config.s3_acl # s3 object acl
config.s3_cache_control # Set this value to Cache-Control header when put-object
config.interpolates # minimum templates using by `String#gsub!`
config.keep_old_files # Delete old attached file if it's false (default false)
config.read_timeout # timeout when attachment set url
config.logger # You can set logger object.
end
And any configuration can overwrite by attachment.
class Book < ActiveRecord::Base
has_attached_file :image,
styles: { medium: "500x500#" },
s3_host_alias: ENV['CLOUD_FRONT_DOMAIN'],
hash_data: ':attachment/:id/:updated_at'
...
class Book < ActiveRecord::Base
extend MiniPaperclip::ClassMethods
has_attached_file :image
validates_attachment :image,
content_type: { content_type: ["image/jpeg", "image/png"] },
size: { less_than: 1.megabytes },
if: :need_validation?
end
Interpolate is a simple template system like this.
template: :class/:attachment/:id/:hash.:extension
result: books/images/1234/abcdef1234567.png
You can check default interpolates.
p MiniPaperclip.config.interpolaters
You can add any interpolate key and process.
MiniPaperclip.config.interpolates[':custom_style'] = -> (style) {
# This block is called by the scope in the instance of the Interpolator
# You can also call `attachment` and `config` in this block
}
Paperclip had a security issue.
http://homakov.blogspot.com/2014/02/paperclip-vulnerability-leading-to-xss.html
Security and Performance has a serious performance tradeoff.
mini_paperclip take security very seriously.
mini_paperclip force validate content-type both metadata and content same as paperclip.
mini_paperclip don't read metadata from HTTP responce or data-uri.
Add this line to your application's Gemfile:
gem 'mini_paperclip'And then execute:
$ bundle install
Or install it yourself as:
$ gem install mini_paperclip
After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/reproio/mini_paperclip. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the code of conduct.
The gem is available as open source under the terms of the MIT License.
Everyone interacting in the MiniPaperclip project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.