clean_room 0.0.2 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +20 -3
- data/clean_room.gemspec +1 -0
- data/lib/clean_room/version.rb +1 -1
- data/lib/clean_room.rb +3 -80
- metadata +14 -3
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# CleanRoom
|
2
2
|
|
3
|
-
|
3
|
+
An attribute sanitizer (ruby 1.9) based on the sanitize gem by rgrove (https://github.com/rgrove/sanitize). Currently still dependant on active support, this requirement will be removed in the near future.
|
4
4
|
|
5
5
|
## Installation
|
6
6
|
|
@@ -18,12 +18,29 @@ Or install it yourself as:
|
|
18
18
|
|
19
19
|
## Usage
|
20
20
|
|
21
|
-
|
21
|
+
CleanRoom accepts any attributes for which readers and writers are available. The default is to sanitize and not allow any html in the field. Other settings can be configured with "allow" (see below). Allow accepts:
|
22
|
+
|
23
|
+
* normal (or not set): no html
|
24
|
+
* strict: no html + no characters except a-zA-Z0-9 and spaces. You can pass 'character_class' to specify your own character class of allowed characters
|
25
|
+
* simple_html: allow the tags as by Sanitize::Config::BASIC
|
26
|
+
* html: allow the tags as by Sanitize::Config::RELAXED
|
27
|
+
|
28
|
+
|
29
|
+
class SanitizedAttributes
|
30
|
+
attr_accessor :normal, :strict, :very_strict, :simple_html, :html
|
31
|
+
|
32
|
+
sanitize_attribute :normal
|
33
|
+
sanitize_attribute :strict, allow: :strict, character_class: "a-z"
|
34
|
+
sanitize_attribute :simple_html, allow: :simple_html
|
35
|
+
sanitize_attribute :html, allow: :html
|
36
|
+
end
|
37
|
+
|
22
38
|
|
23
39
|
## Contributing
|
24
40
|
|
25
|
-
1.
|
41
|
+
1. Please fork it;
|
26
42
|
2. Create your feature branch (`git checkout -b my-new-feature`)
|
27
43
|
3. Commit your changes (`git commit -am 'Added some feature'`)
|
28
44
|
4. Push to the branch (`git push origin my-new-feature`)
|
29
45
|
5. Create new Pull Request
|
46
|
+
6. Many thanks!
|
data/clean_room.gemspec
CHANGED
data/lib/clean_room/version.rb
CHANGED
data/lib/clean_room.rb
CHANGED
@@ -1,83 +1,6 @@
|
|
1
1
|
require "active_support"
|
2
2
|
|
3
|
+
require "clean_room/air_lock"
|
4
|
+
require "clean_room/dsl"
|
5
|
+
require "clean_room/exceptions"
|
3
6
|
require "clean_room/version"
|
4
|
-
|
5
|
-
module CleanRoom
|
6
|
-
module DSL
|
7
|
-
extend ActiveSupport::Concern
|
8
|
-
|
9
|
-
included do
|
10
|
-
self.sanitizable_attributes = {}
|
11
|
-
|
12
|
-
if respond_to? :before_save
|
13
|
-
before_save :sanitize_attributes
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
def sanitize_attributes
|
18
|
-
self.class.sanitizable_attributes.each do |name, options|
|
19
|
-
sanitize_attribute name, options
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
def sanitize_attribute(name, options = {})
|
24
|
-
current_value = self.send(name)
|
25
|
-
cleaned_value = air_lock.shower(current_value, options)
|
26
|
-
|
27
|
-
raise Exceptions::Contaminated.new("#{name} contained unacceptable data") if options[:raise] && (current_value != cleaned_value)
|
28
|
-
self.send("#{name}=".to_sym, cleaned_value)
|
29
|
-
end
|
30
|
-
|
31
|
-
def air_lock
|
32
|
-
@air_lock ||= AirLock.new
|
33
|
-
end
|
34
|
-
|
35
|
-
module ClassMethods
|
36
|
-
attr_accessor :sanitizable_attributes
|
37
|
-
|
38
|
-
def sanitize_attribute(name, options = {})
|
39
|
-
name = name.to_sym
|
40
|
-
if instance_methods.include?(name) && instance_methods.include?("#{name}=".to_sym)
|
41
|
-
sanitizable_attributes[name] = options
|
42
|
-
else
|
43
|
-
raise Exceptions::InvalidAttribute.new("#{self.class} does not respond to '#{name}(=)'")
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
module Exceptions
|
50
|
-
class Contaminated < StandardError
|
51
|
-
end
|
52
|
-
class InvalidAttribute < StandardError
|
53
|
-
end
|
54
|
-
end
|
55
|
-
|
56
|
-
class AirLock
|
57
|
-
|
58
|
-
def shower(value, options)
|
59
|
-
if value
|
60
|
-
allow = options[:allow] || :plain_text
|
61
|
-
|
62
|
-
cleaned_value = case allow
|
63
|
-
when :html
|
64
|
-
|
65
|
-
when :simple_html
|
66
|
-
|
67
|
-
else
|
68
|
-
value.gsub(/[^a-zA-Z0-9 ]/, "")
|
69
|
-
end
|
70
|
-
else
|
71
|
-
nil
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
def sanitize(text)
|
76
|
-
#sanitizer.sanitize(text)
|
77
|
-
end
|
78
|
-
|
79
|
-
def sanitizer
|
80
|
-
#@sanitizer ||= HTML::WhiteListSanitizer.new
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: clean_room
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -13,7 +13,7 @@ date: 2012-06-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
16
|
-
requirement: &
|
16
|
+
requirement: &70267688357280 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ! '>='
|
@@ -21,7 +21,18 @@ dependencies:
|
|
21
21
|
version: 3.0.0
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *70267688357280
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: sanitize
|
27
|
+
requirement: &70267688375940 !ruby/object:Gem::Requirement
|
28
|
+
none: false
|
29
|
+
requirements:
|
30
|
+
- - ! '>='
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 2.0.0
|
33
|
+
type: :runtime
|
34
|
+
prerelease: false
|
35
|
+
version_requirements: *70267688375940
|
25
36
|
description: Work in progress, this will be a generic attribute sanitizer which can
|
26
37
|
be used for sanitizing models and other objects holding data
|
27
38
|
email:
|