db_blaster 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config/brakeman.ignore +6 -6
- data/lib/db_blaster.rb +1 -0
- data/lib/db_blaster/finder.rb +2 -13
- data/lib/db_blaster/finder_sql.rb +32 -0
- data/lib/db_blaster/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d612afe45176a37521310c9f694cb2d4b0efe1d42406da82f04bf5fca3187b86
|
|
4
|
+
data.tar.gz: 25aae3fae57025cfcc72d14e192b21950c73baa804b4270c7de2c1377bc09686
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 28412dbbfae7b89fe57afd4e40fd4bc43bfb2c126a5e3fc67e632d776017f07d2f15d7d70da537344e59aa3021bff30131f905305d00c0784ab156a71185efe9
|
|
7
|
+
data.tar.gz: 49c856817e7c650bb36b5a74b3395fcdcd075439c2831aebe720eeda381fcc5e36fd08fbacdb1a4c5bd2fde2ec86e647a14a9a1975a023cc40e76019665e7bb0
|
data/config/brakeman.ignore
CHANGED
|
@@ -3,24 +3,24 @@
|
|
|
3
3
|
{
|
|
4
4
|
"warning_type": "SQL Injection",
|
|
5
5
|
"warning_code": 0,
|
|
6
|
-
"fingerprint": "
|
|
6
|
+
"fingerprint": "3fef6d99f896e29ef9346d81a1557bd3819fbc762b2aa91d44dfa25a5c095485",
|
|
7
7
|
"check_name": "SQL",
|
|
8
8
|
"message": "Possible SQL injection",
|
|
9
9
|
"file": "lib/db_blaster/finder.rb",
|
|
10
|
-
"line":
|
|
10
|
+
"line": 39,
|
|
11
11
|
"link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
|
|
12
|
-
"code": "ActiveRecord::Base.connection.execute(\"#{
|
|
12
|
+
"code": "ActiveRecord::Base.connection.execute(\"#{FinderSql.sql_for_source_table(source_table)} OFFSET #{offset}\")",
|
|
13
13
|
"render_path": null,
|
|
14
14
|
"location": {
|
|
15
15
|
"type": "method",
|
|
16
16
|
"class": "DbBlaster::Finder",
|
|
17
17
|
"method": "find_records_in_batches"
|
|
18
18
|
},
|
|
19
|
-
"user_input": "
|
|
19
|
+
"user_input": "FinderSql.sql_for_source_table(source_table)",
|
|
20
20
|
"confidence": "Medium",
|
|
21
|
-
"note": "
|
|
21
|
+
"note": "no sql injection"
|
|
22
22
|
}
|
|
23
23
|
],
|
|
24
|
-
"updated": "2021-08-
|
|
24
|
+
"updated": "2021-08-11 13:14:00 -0600",
|
|
25
25
|
"brakeman_version": "5.1.1"
|
|
26
26
|
}
|
data/lib/db_blaster.rb
CHANGED
|
@@ -11,6 +11,7 @@ require 'db_blaster/source_table_configuration_builder'
|
|
|
11
11
|
require 'db_blaster/publisher'
|
|
12
12
|
require 'db_blaster/publish_source_table'
|
|
13
13
|
require 'db_blaster/chunker'
|
|
14
|
+
require 'db_blaster/finder_sql'
|
|
14
15
|
require 'db_blaster/finder'
|
|
15
16
|
|
|
16
17
|
# Top-level module that serves as an entry point
|
data/lib/db_blaster/finder.rb
CHANGED
|
@@ -12,7 +12,7 @@ module DbBlaster
|
|
|
12
12
|
@offset = 0
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
delegate :batch_size, :name,
|
|
15
|
+
delegate :batch_size, :name, to: :source_table, prefix: true
|
|
16
16
|
|
|
17
17
|
def self.find(source_table, &block)
|
|
18
18
|
new(source_table, &block).find
|
|
@@ -34,6 +34,7 @@ module DbBlaster
|
|
|
34
34
|
private
|
|
35
35
|
|
|
36
36
|
def find_records_in_batches
|
|
37
|
+
select_sql = FinderSql.sql_for_source_table(source_table)
|
|
37
38
|
loop do
|
|
38
39
|
result = ActiveRecord::Base.connection.execute("#{select_sql} OFFSET #{offset}")
|
|
39
40
|
yield(result)
|
|
@@ -54,17 +55,5 @@ module DbBlaster
|
|
|
54
55
|
def invalid_source_table_message
|
|
55
56
|
"source_table.name: '#{source_table_name}' does not exist!"
|
|
56
57
|
end
|
|
57
|
-
|
|
58
|
-
def select_sql
|
|
59
|
-
"SELECT * FROM #{source_table_name} #{where} ORDER BY updated_at ASC LIMIT #{source_table_batch_size}"
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
def where
|
|
63
|
-
return '' unless source_table_last_published_updated_at
|
|
64
|
-
|
|
65
|
-
ActiveRecord::Base.sanitize_sql_for_conditions(
|
|
66
|
-
['WHERE updated_at >= :updated_at', { updated_at: source_table_last_published_updated_at.to_s(:db) }]
|
|
67
|
-
)
|
|
68
|
-
end
|
|
69
58
|
end
|
|
70
59
|
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module DbBlaster
|
|
4
|
+
# Creates the SQL needed to find records for the provided source_table
|
|
5
|
+
class FinderSql
|
|
6
|
+
attr_reader :source_table
|
|
7
|
+
|
|
8
|
+
def initialize(source_table)
|
|
9
|
+
@source_table = source_table
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def self.sql_for_source_table(source_table)
|
|
13
|
+
new(source_table).select_sql
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def select_sql
|
|
17
|
+
"SELECT * FROM #{source_table.name} #{where} ORDER BY updated_at ASC LIMIT #{source_table.batch_size}"
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def where
|
|
21
|
+
return '' unless from_updated_at
|
|
22
|
+
|
|
23
|
+
ActiveRecord::Base.sanitize_sql_for_conditions(
|
|
24
|
+
['WHERE updated_at >= :updated_at', { updated_at: from_updated_at.to_s(:db) }]
|
|
25
|
+
)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def from_updated_at
|
|
29
|
+
@from_updated_at ||= source_table.last_published_updated_at
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
data/lib/db_blaster/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: db_blaster
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Perry Hertler
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-08-
|
|
11
|
+
date: 2021-08-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-sns
|
|
@@ -123,6 +123,7 @@ files:
|
|
|
123
123
|
- lib/db_blaster/configuration.rb
|
|
124
124
|
- lib/db_blaster/engine.rb
|
|
125
125
|
- lib/db_blaster/finder.rb
|
|
126
|
+
- lib/db_blaster/finder_sql.rb
|
|
126
127
|
- lib/db_blaster/one_record_too_large_error.rb
|
|
127
128
|
- lib/db_blaster/publish_source_table.rb
|
|
128
129
|
- lib/db_blaster/publisher.rb
|