encrypted_form_fields 0.2.1 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +22 -0
- data/.travis.yml +12 -9
- data/Appraisals +8 -0
- data/Gemfile +1 -1
- data/README.md +4 -1
- data/encrypted_form_fields.gemspec +4 -2
- data/gemfiles/rails_5.0.gemfile +7 -0
- data/gemfiles/rails_5.1.gemfile +7 -0
- data/lib/encrypted_form_fields.rb +5 -8
- data/lib/encrypted_form_fields/dfs.rb +1 -0
- data/lib/encrypted_form_fields/encrypted_parameters.rb +2 -0
- data/lib/encrypted_form_fields/helpers/encrypted_field.rb +2 -1
- data/lib/encrypted_form_fields/helpers/form_builder.rb +1 -0
- data/lib/encrypted_form_fields/helpers/form_helper.rb +2 -1
- data/lib/encrypted_form_fields/helpers/form_tag_helper.rb +2 -0
- data/lib/encrypted_form_fields/railtie.rb +1 -1
- data/lib/encrypted_form_fields/version.rb +1 -1
- data/test/encrypted_form_fields_test.rb +4 -3
- data/test/encrypted_parameters_test.rb +9 -8
- data/test/form_builder_test.rb +10 -7
- data/test/form_tag_helper_test.rb +14 -10
- data/test/test_helper.rb +10 -5
- metadata +21 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c32468212438ab6a7bae8e7b3e8603428eddcc79
|
4
|
+
data.tar.gz: d87272e1d881dcfcd7e4871810a37bcd2adb2f12
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5d557ffba1f1f081e014cde4fe7254aa895b9df3981a349687460f9ac05f6fcf468b4fe43d4b229e9da69324fa7ea2443e84ae6e17ba4b2951eb7683063d46c3
|
7
|
+
data.tar.gz: ba9eeaee15c3cc05a653f0103d095f86d4536849fc2a9635a113bb4457cb5080658704d7b4a2a644587cc1689cb40e61fd4b8640f61934089706b19a9d5afa86
|
data/.rubocop.yml
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
AllCops:
|
2
|
+
Exclude:
|
3
|
+
- "encrypted_form_fields.gemspec"
|
4
|
+
|
5
|
+
Metrics/AbcSize:
|
6
|
+
Exclude:
|
7
|
+
- "test/**/*_test.rb"
|
8
|
+
|
9
|
+
Metrics/LineLength:
|
10
|
+
Max: 164
|
11
|
+
|
12
|
+
Style/Documentation:
|
13
|
+
Enabled: false
|
14
|
+
|
15
|
+
Style/ModuleFunction:
|
16
|
+
Enabled: false
|
17
|
+
|
18
|
+
Style/SpaceInsideHashLiteralBraces:
|
19
|
+
Enabled: true
|
20
|
+
|
21
|
+
Style/StringLiterals:
|
22
|
+
EnforcedStyle: double_quotes
|
data/.travis.yml
CHANGED
@@ -2,19 +2,22 @@ language: ruby
|
|
2
2
|
sudo: false
|
3
3
|
cache: bundler
|
4
4
|
gemfile:
|
5
|
-
- gemfiles/rails_4.0.gemfile
|
6
|
-
- gemfiles/rails_4.1.gemfile
|
7
5
|
- gemfiles/rails_4.2.gemfile
|
6
|
+
- gemfiles/rails_5.0.gemfile
|
7
|
+
- gemfiles/rails_5.1.gemfile
|
8
|
+
- Gemfile
|
8
9
|
rvm:
|
9
|
-
- 2.
|
10
|
-
- 2.
|
11
|
-
- 2.
|
12
|
-
- jruby
|
13
|
-
- jruby-9.0.1.0
|
14
|
-
- rbx-2.5
|
10
|
+
- '2.2.6'
|
11
|
+
- '2.3.3'
|
12
|
+
- '2.4.1'
|
13
|
+
- jruby-9.1.8.0
|
15
14
|
matrix:
|
16
15
|
include:
|
17
|
-
- rvm: 2.
|
16
|
+
- rvm: '2.3.3'
|
17
|
+
gemfile: 'gemfiles/rails_4.0.gemfile'
|
18
|
+
- rvm: '2.3.3'
|
19
|
+
gemfile: 'gemfiles/rails_4.1.gemfile'
|
20
|
+
- rvm: '2.4.1'
|
18
21
|
gemfile: gemfiles/rails_head.gemfile
|
19
22
|
allow_failures:
|
20
23
|
- gemfile: gemfiles/rails_head.gemfile
|
data/Appraisals
CHANGED
@@ -10,6 +10,14 @@ appraise "rails-4.2" do
|
|
10
10
|
gem 'rails', '~> 4.2.0'
|
11
11
|
end
|
12
12
|
|
13
|
+
appraise "rails-5.0" do
|
14
|
+
gem 'rails', '~> 5.0.0'
|
15
|
+
end
|
16
|
+
|
17
|
+
appraise "rails-5.1" do
|
18
|
+
gem 'rails', '~> 5.1.0.beta1'
|
19
|
+
end
|
20
|
+
|
13
21
|
appraise "rails-head" do
|
14
22
|
gem 'rails', github: 'rails'
|
15
23
|
gem 'arel', github: 'rails/arel'
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -1,7 +1,10 @@
|
|
1
|
-
# EncryptedFormFields
|
1
|
+
# EncryptedFormFields
|
2
2
|
|
3
3
|
Encrypted form fields for Rails apps.
|
4
4
|
|
5
|
+
[![Build Status](https://travis-ci.org/lautis/encrypted_form_fields.svg)](https://travis-ci.org/lautis/encrypted_form_fields)
|
6
|
+
[![Gem Version](https://badge.fury.io/rb/encrypted_form_fields.svg)](http://badge.fury.io/rb/encrypted_form_fields)
|
7
|
+
|
5
8
|
## Installation
|
6
9
|
|
7
10
|
Add this line to your application's Gemfile:
|
@@ -12,16 +12,18 @@ Gem::Specification.new do |spec|
|
|
12
12
|
spec.description = %q{Encrypted form fields for Rails}
|
13
13
|
spec.homepage = "https://github.com/lautis/encrypted_form_fields"
|
14
14
|
spec.license = "MIT"
|
15
|
+
spec.required_ruby_version = ">= 1.9.3"
|
15
16
|
|
16
17
|
spec.files = `git ls-files`.split($/)
|
17
18
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
19
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
20
|
spec.require_paths = ["lib"]
|
20
21
|
|
21
|
-
spec.add_runtime_dependency "actionpack", ">= 4.0"
|
22
|
-
spec.add_runtime_dependency "activesupport", ">= 4.0"
|
22
|
+
spec.add_runtime_dependency "actionpack", ">= 4.0"
|
23
|
+
spec.add_runtime_dependency "activesupport", ">= 4.0"
|
23
24
|
spec.add_development_dependency "rake"
|
24
25
|
spec.add_development_dependency "bundler", "~> 1.3"
|
25
26
|
spec.add_development_dependency "minitest"
|
26
27
|
spec.add_development_dependency "appraisal", "~> 2.0"
|
28
|
+
spec.add_development_dependency "nokogiri", "~> 1.6"
|
27
29
|
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen-string-literal: true
|
1
2
|
require "action_controller"
|
2
3
|
require "action_view"
|
3
4
|
require "active_support/message_encryptor"
|
@@ -6,7 +7,7 @@ require "encrypted_form_fields/version"
|
|
6
7
|
require "encrypted_form_fields/dfs"
|
7
8
|
require "encrypted_form_fields/encrypted_parameters"
|
8
9
|
require "encrypted_form_fields/helpers/form_builder"
|
9
|
-
require
|
10
|
+
require "encrypted_form_fields/railtie" if defined?(Rails)
|
10
11
|
|
11
12
|
module EncryptedFormFields
|
12
13
|
class << self
|
@@ -15,18 +16,14 @@ module EncryptedFormFields
|
|
15
16
|
@secret_key_base = key
|
16
17
|
end
|
17
18
|
|
18
|
-
|
19
|
-
@secret_key_base
|
20
|
-
end
|
19
|
+
attr_reader :secret_key_base
|
21
20
|
|
22
21
|
def secret_token=(key)
|
23
22
|
@encryptor = nil
|
24
23
|
@secret_token = key
|
25
24
|
end
|
26
25
|
|
27
|
-
|
28
|
-
@secret_token
|
29
|
-
end
|
26
|
+
attr_reader :secret_token
|
30
27
|
|
31
28
|
def prefix_name(name)
|
32
29
|
first, rest = name.split("[", 2)
|
@@ -52,7 +49,7 @@ module EncryptedFormFields
|
|
52
49
|
|
53
50
|
def encryptor
|
54
51
|
@encryptor ||= begin
|
55
|
-
key = ActiveSupport::KeyGenerator.new(secret_token).generate_key(secret_key_base)
|
52
|
+
key = ActiveSupport::KeyGenerator.new(secret_token).generate_key(secret_key_base, 32)
|
56
53
|
ActiveSupport::MessageEncryptor.new(key)
|
57
54
|
end
|
58
55
|
end
|
@@ -1,15 +1,16 @@
|
|
1
|
-
|
1
|
+
# frozen-string-literal: true
|
2
|
+
require "test_helper"
|
2
3
|
|
3
4
|
class EncryptedFormFieldsTest < MiniTest::Unit::TestCase
|
4
5
|
def test_encrypting_parameters
|
5
|
-
hash = EncryptedFormFields.encrypt_parameters(
|
6
|
+
hash = EncryptedFormFields.encrypt_parameters("foo" => "bar")
|
6
7
|
decrypted = EncryptedFormFields.decrypt_and_verify(hash["foo"])
|
7
8
|
assert_equal("bar", decrypted)
|
8
9
|
end
|
9
10
|
|
10
11
|
def test_decrypting_parameters
|
11
12
|
value = EncryptedFormFields.encrypt_and_sign("bar")
|
12
|
-
hash = EncryptedFormFields.decrypt_parameters(
|
13
|
+
hash = EncryptedFormFields.decrypt_parameters("foo" => { "0" => value })
|
13
14
|
assert_equal("bar", hash["foo"]["0"])
|
14
15
|
end
|
15
16
|
end
|
@@ -1,4 +1,5 @@
|
|
1
|
-
|
1
|
+
# frozen-string-literal: true
|
2
|
+
require "test_helper"
|
2
3
|
|
3
4
|
class EncryptedParametersTest < MiniTest::Unit::TestCase
|
4
5
|
def test_missing_encrypted_params
|
@@ -7,7 +8,7 @@ class EncryptedParametersTest < MiniTest::Unit::TestCase
|
|
7
8
|
end
|
8
9
|
|
9
10
|
def test_invalid_encrypted_params
|
10
|
-
controller = MockController.new(
|
11
|
+
controller = MockController.new("_encrypted" => { "key" => "value" })
|
11
12
|
assert_raises ActiveSupport::MessageVerifier::InvalidSignature do
|
12
13
|
controller.encrypted_params
|
13
14
|
end
|
@@ -15,13 +16,13 @@ class EncryptedParametersTest < MiniTest::Unit::TestCase
|
|
15
16
|
|
16
17
|
def test_properly_encrypted_params
|
17
18
|
value = EncryptedFormFields.encrypt_and_sign("value")
|
18
|
-
controller = MockController.new(
|
19
|
-
assert_equal({"key" => "value"}, controller.encrypted_params)
|
19
|
+
controller = MockController.new("_encrypted" => { "key" => value })
|
20
|
+
assert_equal({ "key" => "value" }, controller.encrypted_params)
|
20
21
|
|
21
|
-
controller = MockController.new(
|
22
|
-
assert_equal({"key" => ["value"]}, controller.encrypted_params)
|
22
|
+
controller = MockController.new("_encrypted" => { "key" => [value] })
|
23
|
+
assert_equal({ "key" => ["value"] }, controller.encrypted_params)
|
23
24
|
|
24
|
-
controller = MockController.new(
|
25
|
-
assert_equal({"key" => {"nested" => "value"}}, controller.encrypted_params)
|
25
|
+
controller = MockController.new("_encrypted" => { "key" => { "nested" => value } })
|
26
|
+
assert_equal({ "key" => { "nested" => "value" } }, controller.encrypted_params)
|
26
27
|
end
|
27
28
|
end
|
data/test/form_builder_test.rb
CHANGED
@@ -1,5 +1,7 @@
|
|
1
|
-
|
2
|
-
require
|
1
|
+
# frozen-string-literal: true
|
2
|
+
require "test_helper"
|
3
|
+
require "nokogiri"
|
4
|
+
require "encrypted_form_fields/helpers/form_helper"
|
3
5
|
|
4
6
|
class FormBuilderTest < MiniTest::Unit::TestCase
|
5
7
|
def setup
|
@@ -13,11 +15,12 @@ class FormBuilderTest < MiniTest::Unit::TestCase
|
|
13
15
|
|
14
16
|
def test_encrypted_form_tag
|
15
17
|
form_builder = ActionView::Helpers::FormBuilder.new(:foo, @object, @template, {})
|
16
|
-
|
17
|
-
|
18
|
+
document = Nokogiri::HTML.fragment(form_builder.encrypted_field(:bar))
|
19
|
+
tag = document.css("input").first
|
20
|
+
decrypted_value = EncryptedFormFields.decrypt_and_verify(tag.attributes["value"].value)
|
18
21
|
assert_equal @object.bar, decrypted_value
|
19
|
-
assert_equal "_encrypted[foo][bar]", tag.attributes["name"]
|
20
|
-
assert_equal "hidden", tag.attributes["type"]
|
21
|
-
assert_equal "_encrypted_foo_bar", tag.attributes["id"]
|
22
|
+
assert_equal "_encrypted[foo][bar]", tag.attributes["name"].value
|
23
|
+
assert_equal "hidden", tag.attributes["type"].value
|
24
|
+
assert_equal "_encrypted_foo_bar", tag.attributes["id"].value
|
22
25
|
end
|
23
26
|
end
|
@@ -1,21 +1,25 @@
|
|
1
|
-
|
2
|
-
require
|
1
|
+
# frozen-string-literal: true
|
2
|
+
require "test_helper"
|
3
|
+
require "nokogiri"
|
4
|
+
require "encrypted_form_fields/helpers/form_tag_helper"
|
3
5
|
|
4
6
|
class FormTagHelperTest < ActionView::TestCase
|
5
7
|
tests EncryptedFormFields::Helpers::FormTagHelper
|
6
8
|
|
7
9
|
def test_encrypted_form_tag
|
8
|
-
|
9
|
-
|
10
|
+
document = Nokogiri::HTML.fragment(encrypted_field_tag("field", "value"))
|
11
|
+
tag = document.css("input").first
|
12
|
+
decrypted_value = EncryptedFormFields.decrypt_and_verify(tag.attributes["value"].value)
|
10
13
|
assert_equal "value", decrypted_value
|
11
|
-
assert_equal "_encrypted[field]", tag.attributes["name"]
|
12
|
-
assert_equal "hidden", tag.attributes["type"]
|
13
|
-
assert_equal "field", tag.attributes["id"]
|
14
|
+
assert_equal "_encrypted[field]", tag.attributes["name"].value
|
15
|
+
assert_equal "hidden", tag.attributes["type"].value
|
16
|
+
assert_equal "field", tag.attributes["id"].value
|
14
17
|
end
|
15
18
|
|
16
19
|
def test_symbol_form_field_name
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
+
document = Nokogiri::HTML.fragment(encrypted_field_tag(:field, "value"))
|
21
|
+
tag = document.css("input").first
|
22
|
+
EncryptedFormFields.decrypt_and_verify(tag.attributes["value"].value)
|
23
|
+
assert_equal "_encrypted[field]", tag.attributes["name"].value
|
20
24
|
end
|
21
25
|
end
|
data/test/test_helper.rb
CHANGED
@@ -1,8 +1,9 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
1
|
+
# frozen-string-literal: true
|
2
|
+
ENV["RAILS_ENV"] = "test"
|
3
|
+
require "minitest/autorun"
|
4
|
+
require "minitest/pride"
|
5
|
+
require "securerandom"
|
6
|
+
require "encrypted_form_fields"
|
6
7
|
|
7
8
|
EncryptedFormFields.secret_key_base = SecureRandom.hex
|
8
9
|
EncryptedFormFields.secret_token = SecureRandom.hex
|
@@ -19,4 +20,8 @@ class MockController
|
|
19
20
|
end
|
20
21
|
end
|
21
22
|
|
23
|
+
if ActiveSupport::TestCase.respond_to?(:test_order=)
|
24
|
+
ActiveSupport::TestCase.test_order = :random
|
25
|
+
end
|
26
|
+
|
22
27
|
MockController.send(:include, EncryptedFormFields::EncryptedParameters)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: encrypted_form_fields
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ville Lautanala
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-05-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: actionpack
|
@@ -17,9 +17,6 @@ dependencies:
|
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
19
|
version: '4.0'
|
20
|
-
- - "<"
|
21
|
-
- !ruby/object:Gem::Version
|
22
|
-
version: '6'
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -27,9 +24,6 @@ dependencies:
|
|
27
24
|
- - ">="
|
28
25
|
- !ruby/object:Gem::Version
|
29
26
|
version: '4.0'
|
30
|
-
- - "<"
|
31
|
-
- !ruby/object:Gem::Version
|
32
|
-
version: '6'
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
28
|
name: activesupport
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -37,9 +31,6 @@ dependencies:
|
|
37
31
|
- - ">="
|
38
32
|
- !ruby/object:Gem::Version
|
39
33
|
version: '4.0'
|
40
|
-
- - "<"
|
41
|
-
- !ruby/object:Gem::Version
|
42
|
-
version: '6'
|
43
34
|
type: :runtime
|
44
35
|
prerelease: false
|
45
36
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -47,9 +38,6 @@ dependencies:
|
|
47
38
|
- - ">="
|
48
39
|
- !ruby/object:Gem::Version
|
49
40
|
version: '4.0'
|
50
|
-
- - "<"
|
51
|
-
- !ruby/object:Gem::Version
|
52
|
-
version: '6'
|
53
41
|
- !ruby/object:Gem::Dependency
|
54
42
|
name: rake
|
55
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -106,6 +94,20 @@ dependencies:
|
|
106
94
|
- - "~>"
|
107
95
|
- !ruby/object:Gem::Version
|
108
96
|
version: '2.0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: nokogiri
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '1.6'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - "~>"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '1.6'
|
109
111
|
description: Encrypted form fields for Rails
|
110
112
|
email:
|
111
113
|
- lautis@gmail.com
|
@@ -114,6 +116,7 @@ extensions: []
|
|
114
116
|
extra_rdoc_files: []
|
115
117
|
files:
|
116
118
|
- ".gitignore"
|
119
|
+
- ".rubocop.yml"
|
117
120
|
- ".travis.yml"
|
118
121
|
- Appraisals
|
119
122
|
- Gemfile
|
@@ -124,6 +127,8 @@ files:
|
|
124
127
|
- gemfiles/rails_4.0.gemfile
|
125
128
|
- gemfiles/rails_4.1.gemfile
|
126
129
|
- gemfiles/rails_4.2.gemfile
|
130
|
+
- gemfiles/rails_5.0.gemfile
|
131
|
+
- gemfiles/rails_5.1.gemfile
|
127
132
|
- gemfiles/rails_head.gemfile
|
128
133
|
- lib/encrypted_form_fields.rb
|
129
134
|
- lib/encrypted_form_fields/dfs.rb
|
@@ -151,7 +156,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
151
156
|
requirements:
|
152
157
|
- - ">="
|
153
158
|
- !ruby/object:Gem::Version
|
154
|
-
version:
|
159
|
+
version: 1.9.3
|
155
160
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
156
161
|
requirements:
|
157
162
|
- - ">="
|
@@ -159,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
159
164
|
version: '0'
|
160
165
|
requirements: []
|
161
166
|
rubyforge_project:
|
162
|
-
rubygems_version: 2.
|
167
|
+
rubygems_version: 2.6.11
|
163
168
|
signing_key:
|
164
169
|
specification_version: 4
|
165
170
|
summary: Encrypted form fields for Rails
|