configuration_management_backdoor 1.1.0 → 2.0.0.pre.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/configuration_management_backdoor_controller.rb +8 -7
  3. data/lib/configuration_management_backdoor/version.rb +1 -1
  4. metadata +5 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 61a3be6cee6598d25a52622f495c28169c313d49
4
- data.tar.gz: faa4145afb1ce798e94334d27a674356e994b3b6
3
+ metadata.gz: de7e5db83a7fff3c95f20f69eb248f513b03e171
4
+ data.tar.gz: d6db5a6af63cdf4ca6c3033d36e544e1d3735d2c
5
5
  SHA512:
6
- metadata.gz: abeb2203f38462a1cb2a94603722b34f794e3ba83341575b3782cfe57497043cb12001e1427d5c571b2171eeae0e7fe18b99badc593a012f861f66f95431e410
7
- data.tar.gz: 949a23db3a9e507c89bb1bf0aff313d1e46c69ee85f69f49b18f216a0ef01c8a43cb5f5ef4c4895d5a28eb0eff4c11287c713441b7a37c54bc16fcc8763285a2
6
+ metadata.gz: 902dc9c7dd3680e98fec265b9dda78f9de3d79fc49e005a243d5cb5233781a2888afa6f9d0806bc7731492d05b90022cc6a3810381b5ce888549ee5b7be9ed47
7
+ data.tar.gz: 185bf61e0edbbaef6a8985259410667eb9d681743178c9bb5e873409881c390915c8c56f6b4c1a0a4fb84303d19c38540346e1398df640330d60eef5122839c9
data/app/controllers/configuration_management_backdoor_controller.rb CHANGED
@@ -3,23 +3,24 @@ class ConfigurationManagementBackdoorController < ApplicationController
3
3
 
4
4
  def authenticate
5
5
  _username, password = ActionController::HttpAuthentication::Basic \
6
- .user_name_and_password(request) rescue [nil, nil]
7
- unless Rails.application.secrets.secret_key_base == password
8
- response.headers['WWW-Authenticate'] =
9
- 'Basic realm="Configuration Management Backdoor via secret_key_base"'
10
- render plain: 'unauthorized', status: :unauthorized
6
+ .user_name_and_password(request) rescue [nil, nil]
7
+ if password == nil
8
+ response.headers['WWW-Authenticate'] = 'Basic realm="Configuration Management Backdoor via secret_key_base"'
9
+ render plain: 'unauthorized', status: 401
10
+ elsif Rails.application.secrets.secret_key_base != password
11
+ render plain: 'Forbidden', status: 403
11
12
  end
12
13
  end
13
14
 
14
15
  def invoke_ruby
15
16
  code = request.body.read
16
- render plain: eval(code)
17
+ render json: {result: eval(code).inspect}
17
18
  end
18
19
 
19
20
  def invoke_sql
20
21
  code = request.body.gets
21
22
  res = ActiveRecord::Base.connection.execute code
22
- render plain: res.to_a.to_s
23
+ render json: {result: res.inspect}
23
24
  end
24
25
 
25
26
  def invoke
data/lib/configuration_management_backdoor/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ConfigurationManagementBackdoor
2
- VERSION = '1.1.0'
2
+ VERSION = '2.0.0-1'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: configuration_management_backdoor
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 2.0.0.pre.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thomas Schank
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-09-19 00:00:00.000000000 Z
11
+ date: 2015-10-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -74,14 +74,13 @@ required_ruby_version: !ruby/object:Gem::Requirement
74
74
  version: '0'
75
75
  required_rubygems_version: !ruby/object:Gem::Requirement
76
76
  requirements:
77
- - - ">="
77
+ - - ">"
78
78
  - !ruby/object:Gem::Version
79
- version: '0'
79
+ version: 1.3.1
80
80
  requirements: []
81
81
  rubyforge_project:
82
- rubygems_version: 2.4.8
82
+ rubygems_version: 2.4.5.1
83
83
  signing_key:
84
84
  specification_version: 4
85
85
  summary: Configuration Management Backdoor for Ruby on Rails
86
86
  test_files: []
87
- has_rdoc: