action_ip_filter 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -0
- data/README.md +7 -7
- data/lib/action_ip_filter/ip_filterable.rb +2 -2
- data/lib/action_ip_filter/version.rb +1 -1
- metadata +5 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8d061bab952784ba92d038b0a28d34418e9c360d6d6abd543621535170a9a21c
|
|
4
|
+
data.tar.gz: 8a57d44aa950fb7c9bc0dad8a3493add8c626df62cecea9d0a8536d5ae7bc6d6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7f868950a961ac26cfebace46005f363f4cace350a63d0c58996b20966312a245794b8fe571b0abec32c216baae81e41fad39ea0eb393997348043e650263c3e
|
|
7
|
+
data.tar.gz: 746dc0312e87366a4d6d4e36e0bd31648255d646fb6f7d103f6e00bb4d68d1863ef4c2154737db74f3655934da81a73737b2b6a920d3338a0e8c9b69faf09afd
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [0.2.0] - 2025-11-28
|
|
4
|
+
|
|
5
|
+
### Breaking Changes
|
|
6
|
+
|
|
7
|
+
- Change the interface: `s/restrict_ip/filter_ip/g`
|
|
8
|
+
|
|
9
|
+
## [0.1.1] - 2025-11-28
|
|
10
|
+
|
|
11
|
+
### Maintenance
|
|
12
|
+
|
|
13
|
+
- Add a GitHub Action's workflow to publish the gem to RubyGems.org
|
|
14
|
+
- Add the co-mainteners
|
|
15
|
+
|
|
3
16
|
## [0.1.0] - 2025-11-28
|
|
4
17
|
|
|
5
18
|
- Initial release
|
data/README.md
CHANGED
|
@@ -36,13 +36,13 @@ bundle install
|
|
|
36
36
|
|
|
37
37
|
### Basic Usage
|
|
38
38
|
|
|
39
|
-
Include the concern and use `
|
|
39
|
+
Include the concern and use `filter_ip` to protect specific actions:
|
|
40
40
|
|
|
41
41
|
```ruby
|
|
42
42
|
class AdminController < ApplicationController
|
|
43
43
|
include ActionIpFilter::IpFilterable
|
|
44
44
|
|
|
45
|
-
|
|
45
|
+
filter_ip :index, :show, allowed_ips: %w[192.0.2.0/24 198.51.100.1]
|
|
46
46
|
|
|
47
47
|
def index
|
|
48
48
|
# Only accessible from 192.0.2.0/24 or 198.51.100.1
|
|
@@ -60,14 +60,14 @@ end
|
|
|
60
60
|
|
|
61
61
|
### Restrict All Actions
|
|
62
62
|
|
|
63
|
-
Use `
|
|
63
|
+
Use `filter_ip_for_all` to protect all actions with optional exceptions:
|
|
64
64
|
|
|
65
65
|
```ruby
|
|
66
66
|
class WebhooksController < ApplicationController
|
|
67
67
|
include ActionIpFilter::IpFilterable
|
|
68
68
|
|
|
69
|
-
|
|
70
|
-
|
|
69
|
+
filter_ip_for_all allowed_ips: ENV["WEBHOOK_ALLOWED_IPS"].to_s.split(","),
|
|
70
|
+
except: [:health_check]
|
|
71
71
|
|
|
72
72
|
def stripe
|
|
73
73
|
# Restricted
|
|
@@ -87,7 +87,7 @@ Pass a Proc for dynamic IP resolution:
|
|
|
87
87
|
class SecureController < ApplicationController
|
|
88
88
|
include ActionIpFilter::IpFilterable
|
|
89
89
|
|
|
90
|
-
|
|
90
|
+
filter_ip :sensitive_action,
|
|
91
91
|
allowed_ips: -> { Rails.application.credentials.dig(:allowed_ips) || [] }
|
|
92
92
|
end
|
|
93
93
|
```
|
|
@@ -100,7 +100,7 @@ Customize the response when access is denied. The block is executed via `instanc
|
|
|
100
100
|
class ApiController < ApplicationController
|
|
101
101
|
include ActionIpFilter::IpFilterable
|
|
102
102
|
|
|
103
|
-
|
|
103
|
+
filter_ip :create,
|
|
104
104
|
allowed_ips: %w[192.0.2.0/24],
|
|
105
105
|
on_denied: -> { render json: { error: "Access denied from #{request.remote_ip}" }, status: :forbidden }
|
|
106
106
|
end
|
|
@@ -26,7 +26,7 @@ module ActionIpFilter
|
|
|
26
26
|
# @rbs allowed_ips: Array[String] | ^() -> Array[String]
|
|
27
27
|
# @rbs on_denied: (^() -> void)?
|
|
28
28
|
# @rbs return: void
|
|
29
|
-
def
|
|
29
|
+
def filter_ip(*actions, allowed_ips:, on_denied: nil)
|
|
30
30
|
actions.flatten.each do |action|
|
|
31
31
|
self.action_ip_restrictions = action_ip_restrictions.merge(action.to_sym => {allowed_ips:, on_denied:})
|
|
32
32
|
before_action -> { check_ip_restriction(action) }, only: action
|
|
@@ -37,7 +37,7 @@ module ActionIpFilter
|
|
|
37
37
|
# @rbs except: Array[Symbol]
|
|
38
38
|
# @rbs on_denied: (^() -> void)?
|
|
39
39
|
# @rbs return: void
|
|
40
|
-
def
|
|
40
|
+
def filter_ip_for_all(allowed_ips:, except: [], on_denied: nil)
|
|
41
41
|
# note: hyphen is not allowed in method (i.e., action) names, so it's safe to use it as a marker
|
|
42
42
|
self.action_ip_restrictions = action_ip_restrictions.merge("all-marker": {allowed_ips:, on_denied:})
|
|
43
43
|
before_action :check_ip_restriction_for_all, except:
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: action_ip_filter
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- SmartBank, Inc.
|
|
@@ -112,6 +112,9 @@ description: A lightweight concern that allows IP address restrictions on specif
|
|
|
112
112
|
level for minimal overhead.
|
|
113
113
|
email:
|
|
114
114
|
- moznion@mail.moznion.net
|
|
115
|
+
- rubygems.w6mfa@stenyan.jp
|
|
116
|
+
- okmtshm+rubygems@gmail.com
|
|
117
|
+
- over.rye@gmail.com
|
|
115
118
|
executables: []
|
|
116
119
|
extensions: []
|
|
117
120
|
extra_rdoc_files: []
|
|
@@ -147,7 +150,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
147
150
|
- !ruby/object:Gem::Version
|
|
148
151
|
version: '0'
|
|
149
152
|
requirements: []
|
|
150
|
-
rubygems_version: 3.6.
|
|
153
|
+
rubygems_version: 3.6.9
|
|
151
154
|
specification_version: 4
|
|
152
155
|
summary: IP address restriction concern for Rails controllers
|
|
153
156
|
test_files: []
|