clean_room 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/clean_room/air_lock.rb +25 -0
- data/lib/clean_room/dsl.rb +44 -0
- data/lib/clean_room/exceptions.rb +8 -0
- data/lib/clean_room/version.rb +1 -1
- data/test/clean_room_test.rb +59 -0
- data/test/test_helper.rb +5 -0
- metadata +13 -6
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
require 'sanitize'
|
|
2
|
+
|
|
3
|
+
module CleanRoom
|
|
4
|
+
class AirLock
|
|
5
|
+
def shower(value, options)
|
|
6
|
+
if value
|
|
7
|
+
allow = options[:allow] || :plain_text
|
|
8
|
+
|
|
9
|
+
cleaned_value = case allow
|
|
10
|
+
when :html
|
|
11
|
+
Sanitize.clean(value, Sanitize::Config::RELAXED)
|
|
12
|
+
when :simple_html
|
|
13
|
+
Sanitize.clean(value, Sanitize::Config::BASIC)
|
|
14
|
+
when :strict
|
|
15
|
+
regex = /[^#{options[:character_class] || "a-zA-Z0-9 "}]/
|
|
16
|
+
Sanitize.clean(value).gsub(regex, "")
|
|
17
|
+
else
|
|
18
|
+
Sanitize.clean(value)
|
|
19
|
+
end
|
|
20
|
+
else
|
|
21
|
+
nil
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
module CleanRoom
|
|
2
|
+
module DSL
|
|
3
|
+
extend ActiveSupport::Concern
|
|
4
|
+
|
|
5
|
+
included do
|
|
6
|
+
self.sanitizable_attributes = {}
|
|
7
|
+
|
|
8
|
+
if respond_to? :before_save
|
|
9
|
+
before_save :sanitize_attributes
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def sanitize_attributes
|
|
14
|
+
self.class.sanitizable_attributes.each do |name, options|
|
|
15
|
+
sanitize_attribute name, options
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def sanitize_attribute(name, options = {})
|
|
20
|
+
current_value = self.send(name)
|
|
21
|
+
cleaned_value = air_lock.shower(current_value, options)
|
|
22
|
+
|
|
23
|
+
raise Exceptions::Contaminated.new("#{name} contained unacceptable data") if options[:raise] && (current_value != cleaned_value)
|
|
24
|
+
self.send("#{name}=".to_sym, cleaned_value)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def air_lock
|
|
28
|
+
@air_lock ||= AirLock.new
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
module ClassMethods
|
|
32
|
+
attr_accessor :sanitizable_attributes
|
|
33
|
+
|
|
34
|
+
def sanitize_attribute(name, options = {})
|
|
35
|
+
name = name.to_sym
|
|
36
|
+
if instance_methods.include?(name) && instance_methods.include?("#{name}=".to_sym)
|
|
37
|
+
sanitizable_attributes[name] = options
|
|
38
|
+
else
|
|
39
|
+
raise Exceptions::InvalidAttribute.new("#{self.class} does not respond to '#{name}(=)'")
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
data/lib/clean_room/version.rb
CHANGED
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class CleanRoomTest < MiniTest::Unit::TestCase
|
|
4
|
+
def test_can_be_included
|
|
5
|
+
|
|
6
|
+
test_class = Class.new do
|
|
7
|
+
include CleanRoom::DSL
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
test_class = Class.new do
|
|
11
|
+
include CleanRoom::DSL
|
|
12
|
+
attr_accessor :field1
|
|
13
|
+
|
|
14
|
+
sanitize_attribute :field1
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
assert_raises CleanRoom::Exceptions::InvalidAttribute do
|
|
18
|
+
test_class = Class.new do
|
|
19
|
+
include CleanRoom::DSL
|
|
20
|
+
|
|
21
|
+
sanitize_attribute :field1
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
attribute_test(:normal, nil, nil)
|
|
26
|
+
attribute_test(:normal, "test-test", "test-test")
|
|
27
|
+
attribute_test(:normal, "<b>test-test</b>", "test-test")
|
|
28
|
+
attribute_test(:strict, "<b>Test-tesT</b>", "TesttesT")
|
|
29
|
+
attribute_test(:very_strict, "<b>Test-tesT</b>", "esttes")
|
|
30
|
+
attribute_test(:simple_html, "<b>Test-tesT</b>", "<b>Test-tesT</b>")
|
|
31
|
+
attribute_test(:simple_html, "<b>Test-tesT</b><div>block</div><table><tr><td>table</td></tr></table>", "<b>Test-tesT</b> block table")
|
|
32
|
+
attribute_test(:html, "<b>Test-tesT</b><div>block</div><table><tr><td>table</td></tr></table>", "<b>Test-tesT</b> block <table><tr><td>table</td></tr></table>")
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
def attribute_test(field, value_in, value_out)
|
|
37
|
+
test_object.send("#{field}=".to_sym, value_in)
|
|
38
|
+
test_object.sanitize_attributes
|
|
39
|
+
assert_equal value_out, test_object.send(field)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def test_object
|
|
43
|
+
unless @test_object
|
|
44
|
+
test_class = Class.new do
|
|
45
|
+
include CleanRoom::DSL
|
|
46
|
+
attr_accessor :normal, :strict, :very_strict, :simple_html, :html
|
|
47
|
+
|
|
48
|
+
sanitize_attribute :normal
|
|
49
|
+
sanitize_attribute :strict, allow: :strict
|
|
50
|
+
sanitize_attribute :very_strict, allow: :strict, character_class: "a-z"
|
|
51
|
+
sanitize_attribute :simple_html, allow: :simple_html
|
|
52
|
+
sanitize_attribute :html, allow: :html
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
@test_object = test_class.new
|
|
56
|
+
end
|
|
57
|
+
@test_object
|
|
58
|
+
end
|
|
59
|
+
end
|
data/test/test_helper.rb
ADDED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: clean_room
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2012-06-19 00:00:00.000000000 Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activesupport
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70355882688980 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: 3.0.0
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70355882688980
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: sanitize
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70355882688480 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,7 +32,7 @@ dependencies:
|
|
|
32
32
|
version: 2.0.0
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70355882688480
|
|
36
36
|
description: Work in progress, this will be a generic attribute sanitizer which can
|
|
37
37
|
be used for sanitizing models and other objects holding data
|
|
38
38
|
email:
|
|
@@ -48,7 +48,12 @@ files:
|
|
|
48
48
|
- Rakefile
|
|
49
49
|
- clean_room.gemspec
|
|
50
50
|
- lib/clean_room.rb
|
|
51
|
+
- lib/clean_room/air_lock.rb
|
|
52
|
+
- lib/clean_room/dsl.rb
|
|
53
|
+
- lib/clean_room/exceptions.rb
|
|
51
54
|
- lib/clean_room/version.rb
|
|
55
|
+
- test/clean_room_test.rb
|
|
56
|
+
- test/test_helper.rb
|
|
52
57
|
homepage: https://github.com/ahmeij/clean_room
|
|
53
58
|
licenses: []
|
|
54
59
|
post_install_message:
|
|
@@ -73,4 +78,6 @@ rubygems_version: 1.8.11
|
|
|
73
78
|
signing_key:
|
|
74
79
|
specification_version: 3
|
|
75
80
|
summary: An attribute sanitizer
|
|
76
|
-
test_files:
|
|
81
|
+
test_files:
|
|
82
|
+
- test/clean_room_test.rb
|
|
83
|
+
- test/test_helper.rb
|