New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Storing blob when validation fails #55
Comments
@anquinn can you try to make a fix? or at least add a test that fails and reproduces your problem? |
This is my first time using active_storage, still figuring it all out. Just wanted to report the bug. |
I have the same problem on Rails 5.2. I initially made a custom
So for now, I'll manually instruct my controller to I'll try to write a test for this later. In the meantime you should be able to reproduce this behaviour easily in the rails console :
|
@Mate2xo yes, this is a strange issue, and I don't have a fix. So a possible solution would be is do create at least some snippet of code that could be used inside gem or app to cleanup attachments. I like your idea of adding a spec for this and it would be a good start to fix this issue. Your contribution is more than welcome! |
OK I'll try some things and share the results |
Can someone help with the validation of this PR? |
Yeah I guess the |
In the meantime, as I am not familiar yet with |
I think I can provide a little more insight on what's happening here, though I can't offer a solution. I added a custom after_validation method on a model using ActiveStorage and I noticed some weird behaviour, that the file was being persisted even though the validation had failed. The ActiveStorage begins upload of new file and persists it Ultimately this comes down to an immature product being released and featuring a massive security hole, that files could be uploaded, stored and available for users to download before being checked for content-type, size etc. I'm pretty steamed about this because one of the validations I'm doing is antivirus checking, so a lack of validations isn't acceptable. I understand that this has been fixed in Rails 6.0, but my product is on Rails 5.2 and we don't currently have the time or capacity to upgrade it to Rails 6.0. We need to find a way to stop ActiveStorage jobs from running until after the validations have passed. |
If I understand correctly Rails's documentation, when a validation fails the callback chain is stopped; thus the |
I put a binding.pry in the method on my local environment and it was definitely being called. |
Ok good to know, thanks |
Just sharing my "solution" to this. I have a job running every night to scan for blobs that don't have an attachment associated to them. This can result because of this issue, or when somebody deletes a picture, and the server only processed removing the attachment, but not the blob, or if AWS (in my case) wasn't reachable. Here's the code class ScanUnusedActiveStorageBlobs
extend Resque::Plugins::Heroku
@queue = :maintenance
def self.perform
inactive_for = 1.month
inactive_blobs = ActiveStorage::Blob.where('id not in (select blob_id from active_storage_attachments)').where('created_at < ?', inactive_for.ago)
inactive_blobs.each_with_index do |blob, index|
blob.purge
end
end
end |
Rails version: 6.0.2.1
Gem version: 0.8.6
Validation:
validates :bill_kit, content_type: { in: ['application/pdf', 'application/msword', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document'], message: 'is not a PDF or Word Document' }
If you upload a file other than a word doc or a PDF the validation fails (as it should) but the blob is still stored in the db. The attachment is not created.
The text was updated successfully, but these errors were encountered: