Skip to content

Correctly merge signature and expire params in UploadParamsGenerator #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
geeosh wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Correctly merge signature and expire params in UploadParamsGenerator #184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions lib/uploadcare/param/upload/signature_generator.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ def self.call
to_sign = Uploadcare.config.secret_key + expires_at.to_s
signature = Digest::MD5.hexdigest(to_sign)
{
signature: signature,
expire: expires_at
'signature' => signature,
'expire' => expires_at
Comment on lines +17 to +18
Copy link

Copilot AI Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test for SignatureGenerator in spec/uploadcare/param/upload/signature_generator_spec.rb still expects symbol keys (:signature and :expire), but this change returns string keys. The test at line 13 defines expected_result with symbol keys and will fail with this implementation. The expected result in the test should be updated to use string keys to match this change.

Suggested change
'signature' => signature,
'expire' => expires_at
signature: signature,
expire: expires_at

Copilot uses AI. Check for mistakes.
}
end
end
Expand Down
7 changes: 4 additions & 3 deletions lib/uploadcare/param/upload/upload_params_generator.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,10 @@ class << self
def call(options = {})
{
'UPLOADCARE_PUB_KEY' => Uploadcare.config.public_key,
'UPLOADCARE_STORE' => store_value(options[:store]),
'signature' => (Upload::SignatureGenerator.call if Uploadcare.config.sign_uploads)
}.merge(metadata(options)).compact
'UPLOADCARE_STORE' => store_value(options[:store])
}.merge(
Uploadcare.config.sign_uploads ? Upload::SignatureGenerator.call : {}
).merge(metadata(options)).compact
end

private
Expand Down
7 changes: 7 additions & 0 deletions spec/uploadcare/param/upload/upload_params_generator_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,13 @@ module Upload
expect(params['UPLOADCARE_PUB_KEY']).not_to be_nil
expect(params['UPLOADCARE_STORE']).not_to be_nil
end

it 'generates upload params with signature if sign_uploads is true' do
Uploadcare.config.sign_uploads = true
params = subject.call
expect(params['signature']).not_to be_nil
expect(params['expire']).not_to be_nil
Comment on lines +23 to +24
Copy link

Copilot AI Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test should verify that 'signature' and 'expire' have the correct types and reasonable values, not just that they are not nil. Consider adding expectations like expect(params['signature']).to be_a(String) and expect(params['expire']).to be_a(Integer) to ensure the values are of the expected types.

Copilot uses AI. Check for mistakes.
end
Comment on lines +20 to +25
Copy link
Contributor

@coderabbitai coderabbitai bot Dec 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Restore config state after test to prevent test pollution.

The test modifies the global Uploadcare.config.sign_uploads setting but doesn't restore it afterward, which could affect other tests running in the same suite.

Apply this diff to ensure the config is restored:

 it 'generates upload params with signature if sign_uploads is true' do
+  original_value = Uploadcare.config.sign_uploads
   Uploadcare.config.sign_uploads = true
   params = subject.call
   expect(params['signature']).not_to be_nil
   expect(params['expire']).not_to be_nil
+ensure
+  Uploadcare.config.sign_uploads = original_value
 end
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
it 'generates upload params with signature if sign_uploads is true' do
Uploadcare.config.sign_uploads = true
params = subject.call
expect(params['signature']).not_to be_nil
expect(params['expire']).not_to be_nil
end
it 'generates upload params with signature if sign_uploads is true' do
begin
original_value = Uploadcare.config.sign_uploads
Uploadcare.config.sign_uploads = true
params = subject.call
expect(params['signature']).not_to be_nil
expect(params['expire']).not_to be_nil
ensure
Uploadcare.config.sign_uploads = original_value
end
end
🤖 Prompt for AI Agents 
In spec/uploadcare/param/upload/upload_params_generator_spec.rb around lines 20
to 25, the test mutates the global Uploadcare.config.sign_uploads without
restoring it; wrap the change so the original value is saved before setting
sign_uploads = true and restored after the example (use an ensure block inside
the example or an RSpec around/after hook) so other tests are not polluted —
save original = Uploadcare.config.sign_uploads, set
Uploadcare.config.sign_uploads = true, run the subject.call expectations, then
ensure Uploadcare.config.sign_uploads = original.

Copy link

Copilot AI Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding a test case to verify that 'signature' and 'expire' are NOT present in the params when sign_uploads is false. This would ensure the conditional logic works correctly in both directions and prevent regression if the default behavior changes.

Copilot uses AI. Check for mistakes.
end
end
end
Expand Down
Loading