lib/google/cloud/storage/file.rb in google-cloud-storage-1.17.0 vs lib/google/cloud/storage/file.rb in google-cloud-storage-1.18.0
- old
+ new
@@ -15,11 +15,12 @@
require "google/cloud/storage/convert"
require "google/cloud/storage/file/acl"
require "google/cloud/storage/file/list"
require "google/cloud/storage/file/verifier"
-require "google/cloud/storage/file/signer"
+require "google/cloud/storage/file/signer_v2"
+require "google/cloud/storage/file/signer_v4"
require "zlib"
module Google
module Cloud
module Storage
@@ -441,11 +442,11 @@
# {Bucket#storage_class}.
#
# @param [Symbol, String] storage_class Storage class of the file.
#
def storage_class= storage_class
- @gapi.storage_class = storage_class_for(storage_class)
+ @gapi.storage_class = storage_class_for storage_class
update_gapi! :storage_class
end
##
# Whether there is a temporary hold on the file. A temporary hold will
@@ -938,11 +939,11 @@
file, resp =
service.download_file bucket, name, path,
key: encryption_key, range: range,
user_project: user_project
# FIX: downloading with encryption key will return nil
- file ||= ::File.new(path)
+ file ||= ::File.new path
verify = :none if range
verify_file! file, verify
if !skip_decompress &&
Array(resp.header["Content-Encoding"]).include?("gzip")
file = gzip_decompress file
@@ -1382,16 +1383,16 @@
"#{protocol}://storage.googleapis.com/#{bucket}/#{name}"
end
alias url public_url
##
- # Access without authentication can be granted to a File for a specified
- # period of time. This URL uses a cryptographic signature of your
- # credentials to access the file.
+ # Generates a signed URL for the file. See [Signed
+ # URLs](https://cloud.google.com/storage/docs/access-control/signed-urls)
+ # for more information.
#
- # Generating a URL requires service account credentials, either by
- # connecting with a service account when calling
+ # Generating a signed URL requires service account credentials, either
+ # by connecting with a service account when calling
# {Google::Cloud.storage}, or by passing in the service account `issuer`
# and `signing_key` values. Although the private key can be passed as a
# string for convenience, creating and storing an instance of
# `OpenSSL::PKey::RSA` is more efficient when making multiple calls to
# `signed_url`.
@@ -1399,23 +1400,28 @@
# A {SignedUrlUnavailable} is raised if the service account credentials
# are missing. Service account credentials are acquired by following the
# steps in [Service Account Authentication](
# https://cloud.google.com/storage/docs/authentication#service_accounts).
#
- # @see https://cloud.google.com/storage/docs/access-control#Signed-URLs
- # Access Control Signed URLs guide
+ # @see https://cloud.google.com/storage/docs/access-control/signed-urls
+ # Signed URLs guide
+ # @see https://cloud.google.com/storage/docs/access-control/signed-urls#signing-resumable
+ # Using signed URLs with resumable uploads
#
# @param [String] method The HTTP verb to be used with the signed URL.
# Signed URLs can be used
# with `GET`, `HEAD`, `PUT`, and `DELETE` requests. Default is `GET`.
# @param [Integer] expires The number of seconds until the URL expires.
- # Default is 300/5 minutes.
+ # If the `version` is `:v2`, the default is 300 (5 minutes). If the
+ # `version` is `:v4`, the default is 604800 (7 days).
# @param [String] content_type When provided, the client (browser) must
- # send this value in the HTTP header. e.g. `text/plain`
+ # send this value in the HTTP header. e.g. `text/plain`. This param is
+ # not used if the `version` is `:v4`.
# @param [String] content_md5 The MD5 digest value in base64. If you
# provide this in the string, the client (usually a browser) must
- # provide this HTTP header with this same value in its request.
+ # provide this HTTP header with this same value in its request. This
+ # param is not used if the `version` is `:v4`.
# @param [Hash] headers Google extension headers (custom HTTP headers
# that begin with `x-goog-`) that must be included in requests that
# use the signed URL.
# @param [String] issuer Service Account's Client Email.
# @param [String] client_email Service Account's Client Email.
@@ -1429,10 +1435,13 @@
# Parameters such as `response-content-disposition` and
# `response-content-type` can alter the behavior of the response when
# using the URL, but only when the file resource is missing the
# corresponding values. (These values can be permanently set using
# {#content_disposition=} and {#content_type=}.)
+ # @param [Symbol, String] version The version of the signed credential
+ # to create. Must be one of ':v2' or ':v4'. The default value is
+ # ':v2'.
#
# @return [String]
#
# @example
# require "google/cloud/storage"
@@ -1441,25 +1450,24 @@
#
# bucket = storage.bucket "my-todo-app"
# file = bucket.file "avatars/heidi/400x400.png"
# shared_url = file.signed_url
#
- # @example Any of the option parameters may be specified:
+ # @example Using the `expires` and `version` options:
# require "google/cloud/storage"
#
# storage = Google::Cloud::Storage.new
#
# bucket = storage.bucket "my-todo-app"
# file = bucket.file "avatars/heidi/400x400.png"
- # shared_url = file.signed_url method: "PUT",
- # content_type: "image/png",
- # expires: 300 # 5 minutes from now
- #
+ # shared_url = file.signed_url expires: 300, # 5 minutes from now
+ # version: :v4
+
# @example Using the `issuer` and `signing_key` options:
# require "google/cloud/storage"
#
- # storage = Google::Cloud.storage
+ # storage = Google::Cloud::Storage.new
#
# bucket = storage.bucket "my-todo-app"
# file = bucket.file "avatars/heidi/400x400.png"
# key = OpenSSL::PKey::RSA.new "-----BEGIN PRIVATE KEY-----\n..."
# shared_url = file.signed_url issuer: "service-account@gcloud.com",
@@ -1476,22 +1484,50 @@
# headers: {
# "x-goog-acl" => "public-read",
# "x-goog-meta-foo" => "bar,baz"
# }
#
+ # @example Generating a signed URL for resumable upload:
+ # require "google/cloud/storage"
+ #
+ # storage = Google::Cloud::Storage.new
+ #
+ # bucket = storage.bucket "my-todo-app"
+ # file = bucket.file "avatars/heidi/400x400.png", skip_lookup: true
+ # url = file.signed_url method: "POST",
+ # content_type: "image/png",
+ # headers: {
+ # "x-goog-resumable" => "start"
+ # }
+ # # Send the `x-goog-resumable:start` header and the content type
+ # # with the resumable upload POST request.
+ #
def signed_url method: nil, expires: nil, content_type: nil,
content_md5: nil, headers: nil, issuer: nil,
client_email: nil, signing_key: nil, private_key: nil,
- query: nil
+ query: nil, version: nil
ensure_service!
- signer = File::Signer.from_file self
- signer.signed_url method: method, expires: expires, headers: headers,
- content_type: content_type,
- content_md5: content_md5,
- issuer: issuer, client_email: client_email,
- signing_key: signing_key, private_key: private_key,
- query: query
+ version ||= :v2
+ case version.to_sym
+ when :v2
+ signer = File::SignerV2.from_file self
+ signer.signed_url method: method, expires: expires,
+ headers: headers, content_type: content_type,
+ content_md5: content_md5, issuer: issuer,
+ client_email: client_email,
+ signing_key: signing_key,
+ private_key: private_key, query: query
+ when :v4
+ signer = File::SignerV4.from_file self
+ signer.signed_url method: method, expires: expires,
+ headers: headers, issuer: issuer,
+ client_email: client_email,
+ signing_key: signing_key,
+ private_key: private_key, query: query
+ else
+ raise ArgumentError, "version '#{version}' not supported"
+ end
end
##
# The {File::Acl} instance used to control access to the file.
#
@@ -1735,14 +1771,14 @@
# @return [IO] Returns an IO object representing the file data. This
# will either be a `::File` object referencing the local file
# system or a StringIO instance.
def gzip_decompress local_file
if local_file.respond_to? :path
- gz = ::File.open(Pathname(local_file).to_path, "rb") do |f|
- Zlib::GzipReader.new(StringIO.new(f.read))
+ gz = ::File.open Pathname(local_file).to_path, "rb" do |f|
+ Zlib::GzipReader.new StringIO.new(f.read)
end
uncompressed_string = gz.read
- ::File.open(Pathname(local_file).to_path, "w") do |f|
+ ::File.open Pathname(local_file).to_path, "w" do |f|
f.write uncompressed_string
f
end
else # local_file is StringIO
local_file.rewind