RubyGems - active-access - Versions diffs - 0.5.2 → 0.6.0 - Mend

active-access 0.5.2 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/.rubocop.yml +4 -0
data/Gemfile.lock +1 -1
data/lib/active-access/middleware.rb +12 -1
data/lib/active-access/utility/config.rb +24 -12
data/lib/active-access/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7076d0331ab9ea3ab40dbe6c552bb70f2250d6b0595ccf2bdf522777393cd9a5
-  data.tar.gz: 4be4155fa5aa815aea27aea98af0cb46ce9ef2f37bc3380d51db0fa94291c6b5
+  metadata.gz: 752724276a2f33e14a2f16d012edb57288e71ad8d451ff00db106d71fe151b3f
+  data.tar.gz: a5ce3f6831dfa59933e886a2aede8e1117e54af676728d2ac0e9bec5d9f3dab3
 SHA512:
-  metadata.gz: 06ed95fbdcc880a71dc46ac6267e351f25d0e19996d827d51e5d5faf578f703f7dc7dbfa906dd7d4a151b9b95e1f7a89c482dd0e741851540453bdb0dde4b324
-  data.tar.gz: 4685f3961201a16c7448afa5a1acb40bd0dbb5d2addb897843860803649ef9b0c319ec56fc600e93a94dff640a9e81ca75d061b2b78fb226c1a2d5c7ab359665
+  metadata.gz: c219009620244d24db334cfb802ad46591a4d3874ce918fc9026c5fa376a93a140bbc7df3d01c06c6c649841eb73ad2780c2010a735e01cf0b74b910bf4351ea
+  data.tar.gz: 6aee1b4116e571f5957e338de020e4aee181e0655f751e05ef20afbea226c8809926298daca7be77045c578d4beb561ade70f87e32d5f8de4f4a06d89d0a2b0b

data/.rubocop.yml CHANGED

@@ -37,6 +37,10 @@ StringLiterals:
 #################
 # Disabled cops #
 #################
+Metrics/AbcSize:
+  Exclude:
+    - spec/**/*
 Metrics/ClassLength:
   Enabled: false

data/Gemfile.lock CHANGED

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    active-access (0.5.2)
+    active-access (0.6.0)
       activesupport (>= 4.2)
       rack (>= 1.0)

data/lib/active-access/middleware.rb CHANGED

@@ -31,6 +31,7 @@ module ActiveAccess
     def allow?(rack_request)
       request = Rack::Request.new(rack_request)
       return true unless protected_domain?(request)
+      return true if whitelisted_path?(request)
       if request.ip.present?
         ip_address = IPAddr.new(request.ip.split("%").first)
@@ -40,7 +41,13 @@ module ActiveAccess
     def protected_domain?(request)
       return false if config.protected_domains.blank?
-      config.protected_domains[request.host].presence
+      config.protected_domains[config.strip_url(request.host)]
+    end
+    def whitelisted_path?(request)
+      return false if config.whitelisted_urls.blank?
+      request_method = whitelisted_request_method(request)
+      request_method && (request_method == "ANY" || request_method.upcase == request.request_method)
     end
     # A place to fetch a cached / a list of IP's
@@ -55,6 +62,10 @@ module ActiveAccess
       end
     end
+    def whitelisted_request_method(request)
+      config.whitelisted_urls[request.path] || config.whitelisted_urls[config.strip_url(request.url)]
+    end
     def config
       ActiveAccess.config
     end

data/lib/active-access/utility/config.rb CHANGED

@@ -8,17 +8,16 @@ module ActiveAccess
       def initialize(*)
         super
-        if protected_domains.nil?
-          self["protected_domains"] = {}
-        elsif protected_domains.is_a?(Array)
-          domains = protected_domains
-          self["protected_domains"] = {}
-          self.protected_domains    = domains
-        end
-        self.allowed_ips = allowed_ips
-        self.enabled     = true if enabled.nil?
-        self.message     = "Resource Not Found" if message.nil?
+        domains                   = protected_domains
+        good_urls                 = whitelisted_urls
+        self["protected_domains"] = {}
+        self["whitelisted_urls"]  = {}
+        self.whitelisted_urls  = good_urls
+        self.protected_domains = domains
+        self.allowed_ips       = allowed_ips
+        self.enabled           = true if enabled.nil?
+        self.message           = "Resource Not Found" if message.nil?
       end
       def allowed_ips=(ip_addresses)
@@ -27,7 +26,20 @@ module ActiveAccess
       def protected_domains=(domains)
         return if domains.blank?
-        split_or_ship(domains).each { |domain| self["protected_domains"][domain.to_s] = true }
+        split_or_ship(domains).each { |domain| self["protected_domains"][strip_url(domain)] = true }
+      end
+      def whitelisted_urls=(url_sets)
+        return if url_sets.blank?
+        split_or_ship(url_sets).each do |url_set|
+          url, request_method = url_set
+          next if url.blank?
+          self["whitelisted_urls"][strip_url(url)] = request_method.nil? ? "GET" : request_method.to_s.upcase
+        end
+      end
+      def strip_url(url)
+        url.to_s.sub(%r{^https?\:\/\/(www.)?}, "")
       end
       private

data/lib/active-access/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module ActiveAccess
-  VERSION = "0.5.2"
+  VERSION = "0.6.0"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active-access
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.6.0
 platform: ruby
 authors:
 - George J. Protacio-Karaszi