Update to paperclip 4.x and add content type validation

Gemfile

@@ -43,7 +43,7 @@ gem 'open_id_authentication', '>= 1.1.0'
 gem 'validates_email_format_of', '>= 1.5.1'
 gem 'composite_primary_keys', '>= 6.0.1'
 gem 'http_accept_language', '~> 2.0.0'
-gem 'paperclip', '~> 3.0'
+gem 'paperclip', '~> 4.0'
 gem 'deadlock_retry', '>= 1.2.0'
 gem 'openstreetmap-i18n-js', '>= 3.0.0.rc5.3', :require => 'i18n-js'
 gem 'rack-cors'

Gemfile.lock

@@ -28,7 +28,7 @@ GEM
       multi_json (~> 1.3)
       thread_safe (~> 0.1)
       tzinfo (~> 0.3.37)
-    arel (4.0.1)
+    arel (4.0.2)
     atomic (1.1.14)
     bigdecimal (1.1.0)
     builder (3.1.4)
@@ -69,7 +69,7 @@ GEM
       jsonify (< 0.4.0)
     jwt (0.1.11)
       multi_json (>= 1.5)
-    kgio (2.8.1)
+    kgio (2.9.1)
     libxml-ruby (2.7.0)
     mail (2.5.4)
       mime-types (~> 1.16)
@@ -98,14 +98,14 @@ GEM
       rack-openid (~> 1.3)
     openstreetmap-i18n-js (3.0.0.rc5.3)
       i18n
-    paperclip (3.5.3)
+    paperclip (4.1.0)
       activemodel (>= 3.0.0)
       activesupport (>= 3.0.0)
       cocaine (~> 0.5.3)
       mime-types
     pg (0.17.1)
     polyglot (0.3.3)
-    psych (2.0.2)
+    psych (2.0.4)
     r2 (0.2.2)
     rack (1.5.2)
     rack-cors (0.2.9)
@@ -191,7 +191,7 @@ DEPENDENCIES
   oauth-plugin (>= 0.5.1)
   open_id_authentication (>= 1.1.0)
   openstreetmap-i18n-js (>= 3.0.0.rc5.3)
-  paperclip (~> 3.0)
+  paperclip (~> 4.0)
   pg
   psych
   r2

app/models/user.rb

@@ -28,6 +28,10 @@ class User < ActiveRecord::Base
   scope :active, -> { where(:status => ["active", "confirmed"]) }
   scope :public, -> { where(:data_public => true) }
 
+  has_attached_file :image,
+    :default_url => "/assets/:class/:attachment/:style.png",
+    :styles => { :large => "100x100>", :small => "50x50>" }
+
   validates_presence_of :email, :display_name
   validates_confirmation_of :email#, :message => ' addresses must match'
   validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password'
@@ -45,15 +49,12 @@ class User < ActiveRecord::Base
   validates_numericality_of :home_lon, :allow_nil => true
   validates_numericality_of :home_zoom, :only_integer => true, :allow_nil => true
   validates_inclusion_of :preferred_editor, :in => Editors::ALL_EDITORS, :allow_nil => true
+  validates_attachment_content_type :image, :content_type => /\Aimage\/.*\Z/
 
   after_initialize :set_defaults
   before_save :encrypt_password
   after_save :spam_check
 
-  has_attached_file :image,
-    :default_url => "/assets/:class/:attachment/:style.png",
-    :styles => { :large => "100x100>", :small => "50x50>" }
-
   def self.authenticate(options)
     if options[:username] and options[:password]
       user = where("email = ? OR display_name = ?", options[:username], options[:username]).first

db/migrate/20140210003018_add_user_image_content_type.rb

@@ -0,0 +1,5 @@
+class AddUserImageContentType < ActiveRecord::Migration
+  def change
+    add_column :users, :image_content_type, :string
+  end
+end

db/structure.sql

@@ -1072,7 +1072,8 @@ CREATE TABLE users (
     changesets_count integer DEFAULT 0 NOT NULL,
     traces_count integer DEFAULT 0 NOT NULL,
     diary_entries_count integer DEFAULT 0 NOT NULL,
-    image_use_gravatar boolean DEFAULT true NOT NULL
+    image_use_gravatar boolean DEFAULT true NOT NULL,
+    image_content_type character varying(255)
 );
 
 
@@ -2423,6 +2424,8 @@ INSERT INTO schema_migrations (version) VALUES ('20140115192822');
 
 INSERT INTO schema_migrations (version) VALUES ('20140117185510');
 
+INSERT INTO schema_migrations (version) VALUES ('20140210003018');
+
 INSERT INTO schema_migrations (version) VALUES ('21');
 
 INSERT INTO schema_migrations (version) VALUES ('22');