From c6530519975341d7784a252132b2f0854f488901 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Wed, 24 Feb 2021 00:31:43 +0800 Subject: [PATCH] Revert "[Ruby] force users to specify the temp folder path to address security concerns (#8730)" (#8807) This reverts commit 18a6f5a941f3b5777977693f3b59ac5d200928a8. --- .../main/resources/ruby-client/api_client.mustache | 7 ------- .../ruby-client/api_client_typhoeus_partial.mustache | 11 +---------- .../petstore/ruby-faraday/lib/petstore/api_client.rb | 7 ------- .../client/petstore/ruby/lib/petstore/api_client.rb | 9 --------- .../ruby-client/lib/x_auth_id_alias/api_client.rb | 9 --------- .../ruby/lib/dynamic_servers/api_client.rb | 10 +--------- .../ruby-client/lib/petstore/api_client.rb | 10 +--------- 7 files changed, 3 insertions(+), 60 deletions(-) diff --git a/modules/openapi-generator/src/main/resources/ruby-client/api_client.mustache b/modules/openapi-generator/src/main/resources/ruby-client/api_client.mustache index 7d2cc4a6cb59..2741a73794ed 100644 --- a/modules/openapi-generator/src/main/resources/ruby-client/api_client.mustache +++ b/modules/openapi-generator/src/main/resources/ruby-client/api_client.mustache @@ -71,13 +71,6 @@ module {{moduleName}} {{/isFaraday}} {{#isFaraday}} if return_type == 'File' - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"]) " + - "to avoid dowloading the file to a location readable by everyone." - end - content_disposition = response.headers['Content-Disposition'] if content_disposition && content_disposition =~ /filename=/i filename = content_disposition[/filename=['"]?([^'"\s]+)['"]?/, 1] diff --git a/modules/openapi-generator/src/main/resources/ruby-client/api_client_typhoeus_partial.mustache b/modules/openapi-generator/src/main/resources/ruby-client/api_client_typhoeus_partial.mustache index 496ba6c46fa4..e0c9e7cc1d65 100644 --- a/modules/openapi-generator/src/main/resources/ruby-client/api_client_typhoeus_partial.mustache +++ b/modules/openapi-generator/src/main/resources/ruby-client/api_client_typhoeus_partial.mustache @@ -52,8 +52,8 @@ {{#hasAuthMethods}} update_params_for_auth! header_params, query_params, opts[:auth_names] - {{/hasAuthMethods}} + # set ssl_verifyhosts option based on @config.verify_ssl_host (true/false) _verify_ssl_host = @config.verify_ssl_host ? 2 : 0 @@ -122,13 +122,6 @@ # # @see Configuration#temp_folder_path def download_file(request) - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"])" + - "to avoid dowloading the file to a location readable by everyone." - end - tempfile = nil encoding = nil request.on_headers do |response| @@ -144,12 +137,10 @@ tempfile = Tempfile.open(prefix, @config.temp_folder_path, encoding: encoding) @tempfile = tempfile end - request.on_body do |chunk| chunk.force_encoding(encoding) tempfile.write(chunk) end - request.on_complete do |response| if tempfile tempfile.close diff --git a/samples/client/petstore/ruby-faraday/lib/petstore/api_client.rb b/samples/client/petstore/ruby-faraday/lib/petstore/api_client.rb index 58682d45a4ca..6bb453bf498e 100644 --- a/samples/client/petstore/ruby-faraday/lib/petstore/api_client.rb +++ b/samples/client/petstore/ruby-faraday/lib/petstore/api_client.rb @@ -203,13 +203,6 @@ def deserialize(response, return_type) # handle file downloading - return the File instance processed in request callbacks # note that response body is empty when the file is written in chunks in request on_body callback if return_type == 'File' - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"]) " + - "to avoid dowloading the file to a location readable by everyone." - end - content_disposition = response.headers['Content-Disposition'] if content_disposition && content_disposition =~ /filename=/i filename = content_disposition[/filename=['"]?([^'"\s]+)['"]?/, 1] diff --git a/samples/client/petstore/ruby/lib/petstore/api_client.rb b/samples/client/petstore/ruby/lib/petstore/api_client.rb index e0d78ae6f87f..bc82c400eacf 100644 --- a/samples/client/petstore/ruby/lib/petstore/api_client.rb +++ b/samples/client/petstore/ruby/lib/petstore/api_client.rb @@ -164,13 +164,6 @@ def build_request_body(header_params, form_params, body) # # @see Configuration#temp_folder_path def download_file(request) - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"])" + - "to avoid dowloading the file to a location readable by everyone." - end - tempfile = nil encoding = nil request.on_headers do |response| @@ -186,12 +179,10 @@ def download_file(request) tempfile = Tempfile.open(prefix, @config.temp_folder_path, encoding: encoding) @tempfile = tempfile end - request.on_body do |chunk| chunk.force_encoding(encoding) tempfile.write(chunk) end - request.on_complete do |response| if tempfile tempfile.close diff --git a/samples/openapi3/client/extensions/x-auth-id-alias/ruby-client/lib/x_auth_id_alias/api_client.rb b/samples/openapi3/client/extensions/x-auth-id-alias/ruby-client/lib/x_auth_id_alias/api_client.rb index 38759a537e2c..c369f53d3f81 100644 --- a/samples/openapi3/client/extensions/x-auth-id-alias/ruby-client/lib/x_auth_id_alias/api_client.rb +++ b/samples/openapi3/client/extensions/x-auth-id-alias/ruby-client/lib/x_auth_id_alias/api_client.rb @@ -164,13 +164,6 @@ def build_request_body(header_params, form_params, body) # # @see Configuration#temp_folder_path def download_file(request) - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"])" + - "to avoid dowloading the file to a location readable by everyone." - end - tempfile = nil encoding = nil request.on_headers do |response| @@ -186,12 +179,10 @@ def download_file(request) tempfile = Tempfile.open(prefix, @config.temp_folder_path, encoding: encoding) @tempfile = tempfile end - request.on_body do |chunk| chunk.force_encoding(encoding) tempfile.write(chunk) end - request.on_complete do |response| if tempfile tempfile.close diff --git a/samples/openapi3/client/features/dynamic-servers/ruby/lib/dynamic_servers/api_client.rb b/samples/openapi3/client/features/dynamic-servers/ruby/lib/dynamic_servers/api_client.rb index bfd29c6e0adf..8ae4ab399d1e 100644 --- a/samples/openapi3/client/features/dynamic-servers/ruby/lib/dynamic_servers/api_client.rb +++ b/samples/openapi3/client/features/dynamic-servers/ruby/lib/dynamic_servers/api_client.rb @@ -94,6 +94,7 @@ def build_request(http_method, path, opts = {}) query_params = opts[:query_params] || {} form_params = opts[:form_params] || {} + # set ssl_verifyhosts option based on @config.verify_ssl_host (true/false) _verify_ssl_host = @config.verify_ssl_host ? 2 : 0 @@ -162,13 +163,6 @@ def build_request_body(header_params, form_params, body) # # @see Configuration#temp_folder_path def download_file(request) - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"])" + - "to avoid dowloading the file to a location readable by everyone." - end - tempfile = nil encoding = nil request.on_headers do |response| @@ -184,12 +178,10 @@ def download_file(request) tempfile = Tempfile.open(prefix, @config.temp_folder_path, encoding: encoding) @tempfile = tempfile end - request.on_body do |chunk| chunk.force_encoding(encoding) tempfile.write(chunk) end - request.on_complete do |response| if tempfile tempfile.close diff --git a/samples/openapi3/client/features/generate-alias-as-model/ruby-client/lib/petstore/api_client.rb b/samples/openapi3/client/features/generate-alias-as-model/ruby-client/lib/petstore/api_client.rb index 740adf9c6170..5fc4263b17a2 100644 --- a/samples/openapi3/client/features/generate-alias-as-model/ruby-client/lib/petstore/api_client.rb +++ b/samples/openapi3/client/features/generate-alias-as-model/ruby-client/lib/petstore/api_client.rb @@ -94,6 +94,7 @@ def build_request(http_method, path, opts = {}) query_params = opts[:query_params] || {} form_params = opts[:form_params] || {} + # set ssl_verifyhosts option based on @config.verify_ssl_host (true/false) _verify_ssl_host = @config.verify_ssl_host ? 2 : 0 @@ -162,13 +163,6 @@ def build_request_body(header_params, form_params, body) # # @see Configuration#temp_folder_path def download_file(request) - # throw an exception if the temp folder path is not defined - # to avoid using the default temp directory which can be read by anyone - if @config.temp_folder_path.nil? - raise "@config.temp_folder_path must be setup first (e.g. ENV[\"HOME\"], ENV[\"HOMEPATH\"])" + - "to avoid dowloading the file to a location readable by everyone." - end - tempfile = nil encoding = nil request.on_headers do |response| @@ -184,12 +178,10 @@ def download_file(request) tempfile = Tempfile.open(prefix, @config.temp_folder_path, encoding: encoding) @tempfile = tempfile end - request.on_body do |chunk| chunk.force_encoding(encoding) tempfile.write(chunk) end - request.on_complete do |response| if tempfile tempfile.close