activesupport 5.0.0 → 6.1.0

data/lib/active_support/parameter_filter.rb

@@ -0,0 +1,133 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/object/duplicable"
+
+module ActiveSupport
+  # +ParameterFilter+ allows you to specify keys for sensitive data from
+  # hash-like object and replace corresponding value. Filtering only certain
+  # sub-keys from a hash is possible by using the dot notation:
+  # 'credit_card.number'. If a proc is given, each key and value of a hash and
+  # all sub-hashes are passed to it, where the value or the key can be replaced
+  # using String#replace or similar methods.
+  #
+  #   ActiveSupport::ParameterFilter.new([:password])
+  #   => replaces the value to all keys matching /password/i with "[FILTERED]"
+  #
+  #   ActiveSupport::ParameterFilter.new([:foo, "bar"])
+  #   => replaces the value to all keys matching /foo|bar/i with "[FILTERED]"
+  #
+  #   ActiveSupport::ParameterFilter.new(["credit_card.code"])
+  #   => replaces { credit_card: {code: "xxxx"} } with "[FILTERED]", does not
+  #   change { file: { code: "xxxx"} }
+  #
+  #   ActiveSupport::ParameterFilter.new([-> (k, v) do
+  #     v.reverse! if /secret/i.match?(k)
+  #   end])
+  #   => reverses the value to all keys matching /secret/i
+  class ParameterFilter
+    FILTERED = "[FILTERED]" # :nodoc:
+
+    # Create instance with given filters. Supported type of filters are +String+, +Regexp+, and +Proc+.
+    # Other types of filters are treated as +String+ using +to_s+.
+    # For +Proc+ filters, key, value, and optional original hash is passed to block arguments.
+    #
+    # ==== Options
+    #
+    # * <tt>:mask</tt> - A replaced object when filtered. Defaults to +"[FILTERED]"+
+    def initialize(filters = [], mask: FILTERED)
+      @filters = filters
+      @mask = mask
+    end
+
+    # Mask value of +params+ if key matches one of filters.
+    def filter(params)
+      compiled_filter.call(params)
+    end
+
+    # Returns filtered value for given key. For +Proc+ filters, third block argument is not populated.
+    def filter_param(key, value)
+      @filters.empty? ? value : compiled_filter.value_for_key(key, value)
+    end
+
+  private
+    def compiled_filter
+      @compiled_filter ||= CompiledFilter.compile(@filters, mask: @mask)
+    end
+
+    class CompiledFilter # :nodoc:
+      def self.compile(filters, mask:)
+        return lambda { |params| params.dup } if filters.empty?
+
+        strings, regexps, blocks, deep_regexps, deep_strings = [], [], [], nil, nil
+
+        filters.each do |item|
+          case item
+          when Proc
+            blocks << item
+          when Regexp
+            if item.to_s.include?("\\.")
+              (deep_regexps ||= []) << item
+            else
+              regexps << item
+            end
+          else
+            s = Regexp.escape(item.to_s)
+            if s.include?("\\.")
+              (deep_strings ||= []) << s
+            else
+              strings << s
+            end
+          end
+        end
+
+        regexps << Regexp.new(strings.join("|"), true) unless strings.empty?
+        (deep_regexps ||= []) << Regexp.new(deep_strings.join("|"), true) if deep_strings&.any?
+
+        new regexps, deep_regexps, blocks, mask: mask
+      end
+
+      attr_reader :regexps, :deep_regexps, :blocks
+
+      def initialize(regexps, deep_regexps, blocks, mask:)
+        @regexps = regexps
+        @deep_regexps = deep_regexps&.any? ? deep_regexps : nil
+        @blocks = blocks
+        @mask = mask
+      end
+
+      def call(params, parents = [], original_params = params)
+        filtered_params = params.class.new
+
+        params.each do |key, value|
+          filtered_params[key] = value_for_key(key, value, parents, original_params)
+        end
+
+        filtered_params
+      end
+
+      def value_for_key(key, value, parents = [], original_params = nil)
+        parents.push(key) if deep_regexps
+        if regexps.any? { |r| r.match?(key.to_s) }
+          value = @mask
+        elsif deep_regexps && (joined = parents.join(".")) && deep_regexps.any? { |r| r.match?(joined) }
+          value = @mask
+        elsif value.is_a?(Hash)
+          value = call(value, parents, original_params)
+        elsif value.is_a?(Array)
+          # If we don't pop the current parent it will be duplicated as we
+          # process each array value.
+          parents.pop if deep_regexps
+          value = value.map { |v| value_for_key(key, v, parents, original_params) }
+          # Restore the parent stack after processing the array.
+          parents.push(key) if deep_regexps
+        elsif blocks.any?
+          key = key.dup if key.duplicable?
+          value = value.dup if value.duplicable?
+          blocks.each { |b| b.arity == 2 ? b.call(key, value) : b.call(key, value, original_params) }
+        end
+        parents.pop if deep_regexps
+        value
+      end
+    end
+  end
+end

data/lib/active_support/per_thread_registry.rb

@@ -1,7 +1,9 @@
-require 'active_support/core_ext/module/delegation'
+# frozen_string_literal: true
+
+require "active_support/core_ext/module/delegation"
 
 module ActiveSupport
-  # NOTE: This approach has been deprecated for end-user code in favor of thread_mattr_accessor and friends.
+  # NOTE: This approach has been deprecated for end-user code in favor of {thread_mattr_accessor}[rdoc-ref:Module#thread_mattr_accessor] and friends.
   # Please use that approach instead.
   #
   # This module is used to encapsulate access to thread local variables.
@@ -38,15 +40,15 @@ module ActiveSupport
   # If the class has an initializer, it must accept no arguments.
   module PerThreadRegistry
     def self.extended(object)
-      object.instance_variable_set '@per_thread_registry_key', object.name.freeze
+      object.instance_variable_set :@per_thread_registry_key, object.name.freeze
     end
 
     def instance
       Thread.current[@per_thread_registry_key] ||= new
     end
 
-    protected
-      def method_missing(name, *args, &block) # :nodoc:
+    private
+      def method_missing(name, *args, &block)
         # Caches the method definition as a singleton method of the receiver.
         #
         # By letting #delegate handle it, we avoid an enclosure that'll capture args.

data/lib/active_support/proxy_object.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActiveSupport
   # A class with no predefined methods that behaves similarly to Builder's
   # BlankSlate. Used for proxy classes.

data/lib/active_support/rails.rb

@@ -1,4 +1,6 @@
-# This is private interface.
+# frozen_string_literal: true
+
+# This is a private interface.
 #
 # Rails components cherry pick from Active Support as needed, but there are a
 # few features that are used for sure in some way or another and it is not worth
@@ -9,19 +11,16 @@
 # Rails and can change anytime.
 
 # Defines Object#blank? and Object#present?.
-require 'active_support/core_ext/object/blank'
-
-# Rails own autoload, eager_load, etc.
-require 'active_support/dependencies/autoload'
+require "active_support/core_ext/object/blank"
 
 # Support for ClassMethods and the included macro.
-require 'active_support/concern'
+require "active_support/concern"
 
 # Defines Class#class_attribute.
-require 'active_support/core_ext/class/attribute'
+require "active_support/core_ext/class/attribute"
 
 # Defines Module#delegate.
-require 'active_support/core_ext/module/delegation'
+require "active_support/core_ext/module/delegation"
 
 # Defines ActiveSupport::Deprecation.
-require 'active_support/deprecation'
+require "active_support/deprecation"

data/lib/active_support/railtie.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support"
 require "active_support/i18n_railtie"
 
@@ -7,10 +9,38 @@ module ActiveSupport
 
     config.eager_load_namespaces << ActiveSupport
 
+    initializer "active_support.set_authenticated_message_encryption" do |app|
+      config.after_initialize do
+        unless app.config.active_support.use_authenticated_message_encryption.nil?
+          ActiveSupport::MessageEncryptor.use_authenticated_message_encryption =
+            app.config.active_support.use_authenticated_message_encryption
+        end
+      end
+    end
+
+    initializer "active_support.reset_all_current_attributes_instances" do |app|
+      app.reloader.before_class_unload { ActiveSupport::CurrentAttributes.clear_all }
+      app.executor.to_run              { ActiveSupport::CurrentAttributes.reset_all }
+      app.executor.to_complete         { ActiveSupport::CurrentAttributes.reset_all }
+
+      ActiveSupport.on_load(:active_support_test_case) do
+        require "active_support/current_attributes/test_helper"
+        include ActiveSupport::CurrentAttributes::TestHelper
+      end
+    end
+
     initializer "active_support.deprecation_behavior" do |app|
       if deprecation = app.config.active_support.deprecation
         ActiveSupport::Deprecation.behavior = deprecation
       end
+
+      if disallowed_deprecation = app.config.active_support.disallowed_deprecation
+        ActiveSupport::Deprecation.disallowed_behavior = disallowed_deprecation
+      end
+
+      if disallowed_warnings = app.config.active_support.disallowed_deprecation_warnings
+        ActiveSupport::Deprecation.disallowed_warnings = disallowed_warnings
+      end
     end
 
     # Sets the default value for Time.zone
@@ -21,30 +51,51 @@ module ActiveSupport
       rescue TZInfo::DataSourceNotFound => e
         raise e.exception "tzinfo-data is not present. Please add gem 'tzinfo-data' to your Gemfile and run bundle install"
       end
-      require 'active_support/core_ext/time/zones'
-      zone_default = Time.find_zone!(app.config.time_zone)
-
-      unless zone_default
-        raise 'Value assigned to config.time_zone not recognized. ' \
-          'Run "rake time:zones:all" for a time zone names list.'
-      end
-
-      Time.zone_default = zone_default
+      require "active_support/core_ext/time/zones"
+      Time.zone_default = Time.find_zone!(app.config.time_zone)
     end
 
     # Sets the default week start
     # If assigned value is not a valid day symbol (e.g. :sunday, :monday, ...), an exception will be raised.
     initializer "active_support.initialize_beginning_of_week" do |app|
-      require 'active_support/core_ext/date/calculations'
+      require "active_support/core_ext/date/calculations"
       beginning_of_week_default = Date.find_beginning_of_week!(app.config.beginning_of_week)
 
       Date.beginning_of_week_default = beginning_of_week_default
     end
 
+    initializer "active_support.require_master_key" do |app|
+      if app.config.respond_to?(:require_master_key) && app.config.require_master_key
+        begin
+          app.credentials.key
+        rescue ActiveSupport::EncryptedFile::MissingKeyError => error
+          $stderr.puts error.message
+          exit 1
+        end
+      end
+    end
+
     initializer "active_support.set_configs" do |app|
       app.config.active_support.each do |k, v|
         k = "#{k}="
-        ActiveSupport.send(k, v) if ActiveSupport.respond_to? k
+        ActiveSupport.public_send(k, v) if ActiveSupport.respond_to? k
+      end
+    end
+
+    initializer "active_support.set_hash_digest_class" do |app|
+      config.after_initialize do
+        if app.config.active_support.use_sha1_digests
+          ActiveSupport::Deprecation.warn(<<-MSG.squish)
+            config.active_support.use_sha1_digests is deprecated and will
+            be removed from Rails 6.2. Use
+            config.active_support.hash_digest_class = ::Digest::SHA1 instead.
+          MSG
+          ActiveSupport::Digest.hash_digest_class = ::Digest::SHA1
+        end
+
+        if klass = app.config.active_support.hash_digest_class
+          ActiveSupport::Digest.hash_digest_class = klass
+        end
       end
     end
   end

data/lib/active_support/reloader.rb

@@ -1,4 +1,7 @@
-require 'active_support/execution_wrapper'
+# frozen_string_literal: true
+
+require "active_support/execution_wrapper"
+require "active_support/executor"
 
 module ActiveSupport
   #--
@@ -26,14 +29,17 @@ module ActiveSupport
 
     define_callbacks :class_unload
 
+    # Registers a callback that will run once at application startup and every time the code is reloaded.
     def self.to_prepare(*args, &block)
       set_callback(:prepare, *args, &block)
     end
 
+    # Registers a callback that will run immediately before the classes are unloaded.
     def self.before_class_unload(*args, &block)
       set_callback(:class_unload, *args, &block)
     end
 
+    # Registers a callback that will run immediately after the classes are unloaded.
     def self.after_class_unload(*args, &block)
       set_callback(:class_unload, :after, *args, &block)
     end
@@ -44,11 +50,9 @@ module ActiveSupport
     def self.reload!
       executor.wrap do
         new.tap do |instance|
-          begin
-            instance.run!
-          ensure
-            instance.complete!
-          end
+          instance.run!
+        ensure
+          instance.complete!
         end
       end
       prepare!
@@ -69,11 +73,8 @@ module ActiveSupport
       end
     end
 
-    class_attribute :executor
-    class_attribute :check
-
-    self.executor = Executor
-    self.check = lambda { false }
+    class_attribute :executor, default: Executor
+    class_attribute :check, default: lambda { false }
 
     def self.check! # :nodoc:
       @should_reload ||= check.call

data/lib/active_support/rescuable.rb

@@ -1,6 +1,8 @@
-require 'active_support/concern'
-require 'active_support/core_ext/class/attribute'
-require 'active_support/core_ext/string/inflections'
+# frozen_string_literal: true
+
+require "active_support/concern"
+require "active_support/core_ext/class/attribute"
+require "active_support/core_ext/string/inflections"
 
 module ActiveSupport
   # Rescuable module adds support for easier exception handling.
@@ -8,8 +10,7 @@ module ActiveSupport
     extend Concern
 
     included do
-      class_attribute :rescue_handlers
-      self.rescue_handlers = []
+      class_attribute :rescue_handlers, default: []
     end
 
     module ClassMethods
@@ -36,7 +37,7 @@ module ActiveSupport
       #       render xml: exception, status: 500
       #     end
       #
-      #     protected
+      #     private
       #       def deny_access
       #         ...
       #       end
@@ -52,7 +53,7 @@ module ActiveSupport
           if block_given?
             with = block
           else
-            raise ArgumentError, 'Need a handler. Pass the with: keyword argument or provide a block.'
+            raise ArgumentError, "Need a handler. Pass the with: keyword argument or provide a block."
           end
         end
 
@@ -74,7 +75,7 @@ module ActiveSupport
       #
       # If no handler matches the exception, check for a handler matching the
       # (optional) exception.cause. If no handler matches the exception or its
-      # cause, this returns nil so you can deal with unhandled exceptions.
+      # cause, this returns +nil+, so you can deal with unhandled exceptions.
       # Be sure to re-raise unhandled exceptions if this is what you expect.
       #
       #     begin
@@ -83,11 +84,19 @@ module ActiveSupport
       #       rescue_with_handler(exception) || raise
       #     end
       #
-      # Returns the exception if it was handled and nil if it was not.
-      def rescue_with_handler(exception, object: self)
+      # Returns the exception if it was handled and +nil+ if it was not.
+      def rescue_with_handler(exception, object: self, visited_exceptions: [])
+        visited_exceptions << exception
+
         if handler = handler_for_rescue(exception, object: object)
           handler.call exception
           exception
+        elsif exception
+          if visited_exceptions.include?(exception.cause)
+            nil
+          else
+            rescue_with_handler(exception.cause, object: object, visited_exceptions: visited_exceptions)
+          end
         end
       end
 
@@ -121,7 +130,7 @@ module ActiveSupport
               end
             end
 
-            handler || find_rescue_handler(exception.cause)
+            handler
           end
         end
 

data/lib/active_support/secure_compare_rotator.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require "active_support/security_utils"
+require "active_support/messages/rotator"
+
+module ActiveSupport
+  # The ActiveSupport::SecureCompareRotator is a wrapper around +ActiveSupport::SecurityUtils.secure_compare+
+  # and allows you to rotate a previously defined value to a new one.
+  #
+  # It can be used as follow:
+  #
+  #   rotator = ActiveSupport::SecureCompareRotator.new('new_production_value')
+  #   rotator.rotate('previous_production_value')
+  #   rotator.secure_compare!('previous_production_value')
+  #
+  # One real use case example would be to rotate a basic auth credentials:
+  #
+  #   class MyController < ApplicationController
+  #     def authenticate_request
+  #       rotator = ActiveSupport::SecureComparerotator.new('new_password')
+  #       rotator.rotate('old_password')
+  #
+  #       authenticate_or_request_with_http_basic do |username, password|
+  #         rotator.secure_compare!(password)
+  #       rescue ActiveSupport::SecureCompareRotator::InvalidMatch
+  #         false
+  #       end
+  #     end
+  #   end
+  class SecureCompareRotator
+    include SecurityUtils
+    prepend Messages::Rotator
+
+    InvalidMatch = Class.new(StandardError)
+
+    def initialize(value, **_options)
+      @value = value
+    end
+
+    def secure_compare!(other_value, on_rotation: @on_rotation)
+      secure_compare(@value, other_value) ||
+        run_rotations(on_rotation) { |wrapper| wrapper.secure_compare!(other_value) } ||
+        raise(InvalidMatch)
+    end
+
+    private
+      def build_rotation(previous_value, _options)
+        self.class.new(previous_value)
+      end
+  end
+end

data/lib/active_support/security_utils.rb

@@ -1,27 +1,38 @@
-require 'digest'
+# frozen_string_literal: true
 
 module ActiveSupport
   module SecurityUtils
-    # Constant time string comparison.
+    # Constant time string comparison, for fixed length strings.
     #
     # The values compared should be of fixed length, such as strings
-    # that have already been processed by HMAC. This should not be used
-    # on variable length plaintext strings because it could leak length info
-    # via timing attacks.
-    def secure_compare(a, b)
-      return false unless a.bytesize == b.bytesize
+    # that have already been processed by HMAC. Raises in case of length mismatch.
+
+    if defined?(OpenSSL.fixed_length_secure_compare)
+      def fixed_length_secure_compare(a, b)
+        OpenSSL.fixed_length_secure_compare(a, b)
+      end
+    else
+      def fixed_length_secure_compare(a, b)
+        raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize
 
-      l = a.unpack "C#{a.bytesize}"
+        l = a.unpack "C#{a.bytesize}"
 
-      res = 0
-      b.each_byte { |byte| res |= byte ^ l.shift }
-      res == 0
+        res = 0
+        b.each_byte { |byte| res |= byte ^ l.shift }
+        res == 0
+      end
     end
-    module_function :secure_compare
+    module_function :fixed_length_secure_compare
 
-    def variable_size_secure_compare(a, b) # :nodoc:
-      secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b))
+    # Secure string comparison for strings of variable length.
+    #
+    # While a timing attack would not be able to discern the content of
+    # a secret compared via secure_compare, it is possible to determine
+    # the secret length. This should be considered when using secure_compare
+    # to compare weak, short secrets to user input.
+    def secure_compare(a, b)
+      a.length == b.length && fixed_length_secure_compare(a, b)
     end
-    module_function :variable_size_secure_compare
+    module_function :secure_compare
   end
 end

data/lib/active_support/string_inquirer.rb

@@ -1,3 +1,7 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/symbol/starts_ends_with"
+
 module ActiveSupport
   # Wrapping a string in this class gives you a prettier way to test
   # for equality. The value returned by <tt>Rails.env</tt> is wrapped
@@ -8,15 +12,20 @@ module ActiveSupport
   # you can call this:
   #
   #   Rails.env.production?
+  #
+  # == Instantiating a new StringInquirer
+  #
+  #   vehicle = ActiveSupport::StringInquirer.new('car')
+  #   vehicle.car?   # => true
+  #   vehicle.bike?  # => false
   class StringInquirer < String
     private
-
       def respond_to_missing?(method_name, include_private = false)
-        method_name[-1] == '?'
+        method_name.end_with?("?") || super
       end
 
       def method_missing(method_name, *arguments)
-        if method_name[-1] == '?'
+        if method_name.end_with?("?")
           self == method_name[0..-2]
         else
           super