From 4961daea45c3df5fe87cbbcbcadb01a0220cb85a Mon Sep 17 00:00:00 2001
From: Grant Bourque <grant.bourque@mutations.ltd>
Date: Tue, 17 Dec 2019 17:54:05 -0600
Subject: [PATCH 1/2] Add public interface alternative to whitelist

Add public interface alternative to whitelist
so users who prefer not to use that terminology
can use allowlist in their own uploader code.

To make this change minimally intrusive as a start,
the default whitelist methods now call the allowlist methods
so either method can be overridden and it will work as expected
while maintaining backwards compatibility.

https://developers.google.com/style/word-list#blacklist
https://github.com/rubocop-hq/rubocop/pull/6464
---
 lib/carrierwave/uploader/content_type_whitelist.rb | 6 +++++-
 lib/carrierwave/uploader/extension_whitelist.rb    | 6 +++++-
 spec/uploader/content_type_whitelist_spec.rb       | 6 ++++++
 spec/uploader/extension_whitelist_spec.rb          | 8 ++++++++
 4 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/lib/carrierwave/uploader/content_type_whitelist.rb b/lib/carrierwave/uploader/content_type_whitelist.rb
index 379bf342c..e1549ffab 100644
--- a/lib/carrierwave/uploader/content_type_whitelist.rb
+++ b/lib/carrierwave/uploader/content_type_whitelist.rb
@@ -7,6 +7,8 @@ module ContentTypeWhitelist
         before :cache, :check_content_type_whitelist!
       end
 
+      def content_type_allowlist; end
+
       ##
       # Override this method in your uploader to provide a whitelist of files content types
       # which are allowed to be uploaded.
@@ -28,7 +30,9 @@ module ContentTypeWhitelist
       #       [/(text|application)\/json/]
       #     end
       #
-      def content_type_whitelist; end
+      def content_type_whitelist
+        content_type_allowlist
+      end
 
     private
 
diff --git a/lib/carrierwave/uploader/extension_whitelist.rb b/lib/carrierwave/uploader/extension_whitelist.rb
index 25723e627..2e3ebacc4 100644
--- a/lib/carrierwave/uploader/extension_whitelist.rb
+++ b/lib/carrierwave/uploader/extension_whitelist.rb
@@ -7,6 +7,8 @@ module ExtensionWhitelist
         before :cache, :check_extension_whitelist!
       end
 
+      def extension_allowlist; end
+
       ##
       # Override this method in your uploader to provide a white list of extensions which
       # are allowed to be uploaded. Compares the file's extension case insensitive.
@@ -31,7 +33,9 @@ module ExtensionWhitelist
       #       [/jpe?g/, 'gif', 'png']
       #     end
       #
-      def extension_whitelist; end
+      def extension_whitelist
+        extension_allowlist
+      end
 
     private
 
diff --git a/spec/uploader/content_type_whitelist_spec.rb b/spec/uploader/content_type_whitelist_spec.rb
index ae9c16554..662a21253 100644
--- a/spec/uploader/content_type_whitelist_spec.rb
+++ b/spec/uploader/content_type_whitelist_spec.rb
@@ -36,6 +36,12 @@
           expect { uploader.cache!(bork_file) }.to raise_error(CarrierWave::IntegrityError)
         end
 
+        it "raises an integrity error the file has not an allowlisted content type" do
+          allow(uploader).to receive(:content_type_allowlist).and_return(['image/gif'])
+
+          expect { uploader.cache!(bork_file) }.to raise_error(CarrierWave::IntegrityError)
+        end
+
         it "accepts content types as regular expressions" do
           allow(uploader).to receive(:content_type_whitelist).and_return([/image\//])
 
diff --git a/spec/uploader/extension_whitelist_spec.rb b/spec/uploader/extension_whitelist_spec.rb
index 955073312..e200a3917 100644
--- a/spec/uploader/extension_whitelist_spec.rb
+++ b/spec/uploader/extension_whitelist_spec.rb
@@ -43,6 +43,14 @@
           }).to raise_error(CarrierWave::IntegrityError)
         end
 
+        it "raises an integrity error if the file has not an allowlisted extension" do
+          allow(@uploader).to receive(:extension_allowlist).and_return(%w(txt doc xls))
+
+          expect(running {
+            @uploader.cache!(File.open(file_path('test.jpg')))
+          }).to raise_error(CarrierWave::IntegrityError)
+        end
+
         it "raises an integrity error if the file has not a whitelisted extension, using start of string matcher" do
           allow(@uploader).to receive(:extension_whitelist).and_return(%w(txt))
 

From 48cef4d3f81a8a4e5961d958d545266efecd3dfc Mon Sep 17 00:00:00 2001
From: Grant Bourque <grant.bourque@mutations.ltd>
Date: Tue, 17 Dec 2019 17:55:00 -0600
Subject: [PATCH 2/2] Add public interface alternative to blacklist

Add public interface alternative to blacklist
so users who prefer not to use that terminology
can use blocklist in their own uploader code.

To make this change minimally intrusive as a start,
the default blacklist methods now call the blocklist methods
so either method can be overridden and it will work as expected
while maintaining backwards compatibility.

https://developers.google.com/style/word-list#blacklist
https://github.com/rubocop-hq/rubocop/pull/6464
---
 lib/carrierwave/uploader/content_type_blacklist.rb | 6 +++++-
 lib/carrierwave/uploader/extension_blacklist.rb    | 6 +++++-
 spec/uploader/content_type_blacklist_spec.rb       | 6 ++++++
 spec/uploader/extension_blacklist_spec.rb          | 2 +-
 4 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/lib/carrierwave/uploader/content_type_blacklist.rb b/lib/carrierwave/uploader/content_type_blacklist.rb
index cfce2751d..aa49608f8 100644
--- a/lib/carrierwave/uploader/content_type_blacklist.rb
+++ b/lib/carrierwave/uploader/content_type_blacklist.rb
@@ -28,7 +28,11 @@ module ContentTypeBlacklist
       #       [/(text|application)\/json/]
       #     end
       #
-      def content_type_blacklist; end
+      def content_type_blacklist
+        content_type_blocklist
+      end
+
+      def content_type_blocklist; end
 
     private
 
diff --git a/lib/carrierwave/uploader/extension_blacklist.rb b/lib/carrierwave/uploader/extension_blacklist.rb
index ef99d9c16..3f956f6b0 100644
--- a/lib/carrierwave/uploader/extension_blacklist.rb
+++ b/lib/carrierwave/uploader/extension_blacklist.rb
@@ -32,7 +32,11 @@ module ExtensionBlacklist
       #     end
       #
 
-      def extension_blacklist; end
+      def extension_blacklist
+        extension_blocklist
+      end
+
+      def extension_blocklist; end
 
     private
 
diff --git a/spec/uploader/content_type_blacklist_spec.rb b/spec/uploader/content_type_blacklist_spec.rb
index fa46e31fe..46894998c 100644
--- a/spec/uploader/content_type_blacklist_spec.rb
+++ b/spec/uploader/content_type_blacklist_spec.rb
@@ -36,6 +36,12 @@
           expect { uploader.cache!(ruby_file) }.to raise_error(CarrierWave::IntegrityError)
         end
 
+        it "raises an integrity error if the file has a blocklisted content type" do
+          allow(uploader).to receive(:content_type_blocklist).and_return(['image/png'])
+
+          expect { uploader.cache!(ruby_file) }.to raise_error(CarrierWave::IntegrityError)
+        end
+
         it "accepts content types as regular expressions" do
           allow(uploader).to receive(:content_type_blacklist).and_return([/image\//])
 
diff --git a/spec/uploader/extension_blacklist_spec.rb b/spec/uploader/extension_blacklist_spec.rb
index 200f0dfaa..014240c1c 100644
--- a/spec/uploader/extension_blacklist_spec.rb
+++ b/spec/uploader/extension_blacklist_spec.rb
@@ -14,7 +14,7 @@
   before { allow(CarrierWave).to receive(:generate_cache_id).and_return(cache_id) }
 
   describe '#cache!' do
-    before { allow(uploader).to receive(:extension_blacklist).and_return(extension_blacklist) }
+    before { allow(uploader).to receive(:extension_blocklist).and_return(extension_blacklist) }
 
     context "when there are no blacklisted extensions" do
       let(:extension_blacklist) { nil }