-1

I use CarrierWave to upload files to my app.

I'm trying to setup database by fake data.

seeds.rb

require "open-uri"
require 'openssl'

# https://github.com/stympy/faker/issues/763
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

puts 'Start inserting seed users...'

User.create!(name:  "Example User",
             username: "exampleuser",
             email: "example@railstutorial.org",
             website: "https://railstutorial.jp",
             bio: Faker::Lorem.sentence(6),
             phone: 99999999,
             gender: 1,
             avatar: open(Faker::Avatar.image(slug = nil, size = '300x300', format = 'jpg')),
             password:              "password",
             password_confirmation: "password")

99.times do |n|
 user = User.create!({
    name: Faker::Name.name,
    username: Faker::Internet.unique.user_name,
    email: Faker::Internet.unique.email,
    website: Faker::Internet.url,
    bio: Faker::Lorem.sentence(6),
    phone: Faker::PhoneNumber.cell_phone.to_i,
    gender: 0,
    avatar: open(Faker::Avatar.image(slug = nil, size = '300x300', format = 'png')),
    password:              "password",
    password_confirmation: "password"
  })

  puts "#{user.username} created!"
end

puts "Start inserting seed posts..."

users = User.order(:created_at).take(6)
50.times do
  users.each do |user|
    post = user.posts.create!({
      image: open(Faker::Avatar.image(slug = nil, size = '300x300', format = 'jpg')),
      content: Faker::Lorem.sentence(5)
    })

    puts "#{post.user.username}'s post created!"
  end
end

When I executed

bin/rails db:seed

it returns

rails aborted!
ActiveRecord::RecordInvalid: Validation failed: Avatar You are not allowed to upload "" files, allowed types: jpg, jpeg, png

So commented out the below method and try again then it works.

# def extension_whitelist
#   %w(jpg jpeg png)
# end

But I want to use extension_whitelist to prevent be uploaded weird data.

How to avoid extension_whitelist while using Faker::Avatar.image?

mechnicov
  • 12,025
  • 4
  • 33
  • 56
ryo1916
  • 1
  • 1
  • 1
  • 1
    First thing I've got to ask ... why are you doing this? If it's purely for manual testing purposes, then you should really be putting this effort into unit and system tests instead. – Jon Feb 23 '19 at 07:23

1 Answers1

0

It's hard to answer without MCVE.

I have a feeling that loading from the web is not supported in your app.

But if you say it is possible, you can use type content filter in CarrierWave.

So you can replace your extension_whitelist by this method:

def content_type_whitelist
  /image\//
end

It will validate MIME-types.

mechnicov
  • 12,025
  • 4
  • 33
  • 56