flipper-ui 0.22.2 → 0.23.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b17af1c2cd05d9026a457941c46e7c497460e4289bd8446b90d2f0342e53f34c
-  data.tar.gz: 4adae31beca41aebaae69c9c3a0efe51bb024d0acc54eadf3982ddfff4a16748
+  metadata.gz: 3a6e8757e6a2726e4cf55323286a04caf186af13c6841a4e8b82b813b3c69f2f
+  data.tar.gz: 9ea49e24c52b723f7385da8c90dcae9daf96bef269f0b0e6066df1bc11065411
 SHA512:
-  metadata.gz: a8e0d113cb89d77c9e8cd0ec83d8deb7a26f3f6e00452aa81ab6a308843dfe45e069b0e1303374ece24e4a5bd79718958e160249db9195ea22249bab2df66a5d
-  data.tar.gz: cc5f6567f690c2bd48b762083046b19e868f4885384885667f20d808cd09f0533df5d3df5239e4a21cc649babbe231e494af984b5c1261b4ef9358b68581784a
+  metadata.gz: c7e435cc10e1b05c2282c022d977666479de870dc14cad3914e19e17acb6eacaf644fe37bf751f2931fb26525079a07b00b374f4815afdd10ab0e4192448ad27
+  data.tar.gz: a3a8fa7a1be586667573b98ee311a157f23591ee4f7bad15b1638aa25a1ec6444f75c909f90cd331d9cd17d8ba8869367755c299a9798e6eedef8583c2833dc7

data/flipper-ui.gemspec

@@ -24,4 +24,5 @@ Gem::Specification.new do |gem|
   gem.add_dependency 'rack-protection', '>= 1.5.3', '< 2.2.0'
   gem.add_dependency 'flipper', "~> #{Flipper::VERSION}"
   gem.add_dependency 'erubi', '>= 1.0.0', '< 2.0.0'
+  gem.add_dependency 'sanitize', '< 7'
 end

data/lib/flipper/ui/action.rb

@@ -3,6 +3,7 @@ require 'flipper/ui/configuration'
 require 'flipper/ui/error'
 require 'erubi'
 require 'json'
+require 'sanitize'
 
 module Flipper
   module UI
@@ -28,20 +29,20 @@ module Flipper
 
       SOURCES = {
         bootstrap_css: {
-          src: "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css".freeze,
-          hash: "sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm".freeze
+          src: 'https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css'.freeze,
+          hash: 'sha384-B0vP5xmATw1+K9KRQjQERJvTumQW0nPEzvF6L/Z6nronJ3oUOFUFpCjEUQouq2+l'.freeze
         }.freeze,
         jquery_js: {
-          src: "https://code.jquery.com/jquery-3.2.1.slim.min.js".freeze,
-          hash: "sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN".freeze
+          src: 'https://code.jquery.com/jquery-3.6.0.slim.js'.freeze,
+          hash: 'sha256-HwWONEZrpuoh951cQD1ov2HUK5zA5DwJ1DNUXaM6FsY='.freeze
         }.freeze,
         popper_js: {
-          src: "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js".freeze,
-          hash: "sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q".freeze
+          src: 'https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js'.freeze,
+          hash: 'sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q'.freeze
         }.freeze,
         bootstrap_js: {
-          src: "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js".freeze,
-          hash: "sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl".freeze
+          src: 'https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js'.freeze,
+          hash: 'sha384-+YQ4JLhjyBLPDQt//I+STsc9iw4uQqACwlvpslubQzn4u2UU2UFM80nGisd026JF'.freeze
         }.freeze
       }.freeze
       SCRIPT_SRCS = SOURCES.values_at(:jquery_js, :popper_js, :bootstrap_js).map { |s| s[:src] }
@@ -238,6 +239,7 @@ module Flipper
       def view(name)
         path = views_path.join("#{name}.erb")
         raise "Template does not exist: #{path}" unless path.exist?
+
         eval(Erubi::Engine.new(path.read, escape: true).src)
       end
 

data/lib/flipper/ui/views/feature.erb

@@ -9,7 +9,7 @@
     <div class="col">
       <div class="card">
         <div class="card-body">
-          <%= @feature.description %>
+          <%== Sanitize.fragment(@feature.description, Sanitize::Config::BASIC) %>
         </div>
       </div>
     </div>

data/lib/flipper/ui/views/features.erb

@@ -47,7 +47,7 @@
               <div class="text-truncate" style="font-weight: 500"><%= feature.key %></div>
               <% if Flipper::UI.configuration.show_feature_description_in_list? && Flipper::UI::Util.present?(feature.description) %>
                 <div class="text-muted font-weight-light" style="line-height: 1.4; white-space: initial; padding: 8px 0">
-                  <%= feature.description %>
+                  <%== Sanitize.fragment(feature.description, Sanitize::Config::BASIC) %>
                 </div>
               <% end %>
               <div class="text-muted text-truncate">

data/lib/flipper/ui/views/layout.erb

@@ -13,7 +13,7 @@
     <div class="container mw-600">
       <%- unless Flipper::UI.configuration.banner_text.nil? -%>
         <div class="alert alert-<%= Flipper::UI.configuration.banner_class %> text-center font-weight-bold">
-          <%= Flipper::UI.configuration.banner_text %>
+          <%== Sanitize.fragment(Flipper::UI.configuration.banner_text, Sanitize::Config::BASIC) %>
         </div>
       <%- end -%>
 

data/lib/flipper/version.rb

@@ -1,3 +1,3 @@
 module Flipper
-  VERSION = '0.22.2'.freeze
+  VERSION = '0.23.0'.freeze
 end

data/spec/flipper/ui/action_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Action do
   describe 'request methods' do
     let(:action_subclass) do

data/spec/flipper/ui/actions/actors_gate_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::ActorsGate do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/actions/add_feature_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::AddFeature do
   describe 'GET /features/new with feature_creation_enabled set to true' do
     before do

data/spec/flipper/ui/actions/boolean_gate_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::BooleanGate do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/actions/feature_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::Feature do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/actions/features_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::Features do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/actions/file_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::File do
   describe 'GET /images/logo.png' do
     before do

data/spec/flipper/ui/actions/groups_gate_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::GroupsGate do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/actions/home_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::Home do
   describe 'GET /' do
     before do

data/spec/flipper/ui/actions/percentage_of_actors_gate_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::PercentageOfActorsGate do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/actions/percentage_of_time_gate_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Actions::PercentageOfTimeGate do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

data/spec/flipper/ui/configuration_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Configuration do
   let(:configuration) { described_class.new }
 

data/spec/flipper/ui/decorators/feature_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI::Decorators::Feature do
   let(:source)  { {} }
   let(:adapter) { Flipper::Adapters::Memory.new(source) }

data/spec/flipper/ui/decorators/gate_spec.rb

@@ -1,4 +1,3 @@
-require 'helper'
 require 'flipper/ui/decorators/gate'
 
 RSpec.describe Flipper::UI::Decorators::Gate do

data/spec/flipper/ui/util_spec.rb

@@ -1,4 +1,3 @@
-require 'helper'
 require 'flipper/ui/util'
 
 RSpec.describe Flipper::UI::Util do

data/spec/flipper/ui_spec.rb

@@ -1,5 +1,3 @@
-require 'helper'
-
 RSpec.describe Flipper::UI do
   let(:token) do
     if Rack::Protection::AuthenticityToken.respond_to?(:random_token)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: flipper-ui
 version: !ruby/object:Gem::Version
-  version: 0.22.2
+  version: 0.23.0
 platform: ruby
 authors:
 - John Nunemaker
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-06 00:00:00.000000000 Z
+date: 2021-12-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -56,14 +56,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.22.2
+        version: 0.23.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.22.2
+        version: 0.23.0
 - !ruby/object:Gem::Dependency
   name: erubi
   requirement: !ruby/object:Gem::Requirement
@@ -84,6 +84,20 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: sanitize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7'
 description: 
 email:
 - nunemaker@gmail.com
@@ -91,11 +105,6 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- docs/ui/README.md
-- docs/ui/images/banner.png
-- docs/ui/images/description.png
-- docs/ui/images/feature.png
-- docs/ui/images/features.png
 - examples/ui/authorization.ru
 - examples/ui/basic.ru
 - flipper-ui.gemspec
@@ -169,7 +178,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: UI for the Flipper gem

data/docs/ui/README.md

@@ -1,190 +0,0 @@
-# Flipper::UI
-
-UI for the [Flipper](https://github.com/jnunemaker/flipper) gem.
-
-## Screenshots
-
-Viewing list of features:
-
-![features](images/features.png)
-
-Viewing an individual feature:
-
-![feature](images/feature.png)
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-    gem 'flipper-ui'
-
-And then execute:
-
-    $ bundle
-
-Or install it yourself as:
-
-    $ gem install flipper-ui
-
-## Usage
-
-### Rails
-
-Given that you've already initialized `Flipper` as per the [flipper](https://github.com/jnunemaker/flipper) readme, you can mount `Flipper::UI` to a route of your choice:
-
-```ruby
-# config/routes.rb
-YourRailsApp::Application.routes.draw do
-  mount Flipper::UI.app(Flipper) => '/flipper'
-end
-```
-
-If you'd like to lazy load flipper, you can instead pass a block to initialize it:
-
-```ruby
-# config/routes.rb
-YourRailsApp::Application.routes.draw do
-  flipper_block = lambda {
-    # some flipper initialization here, for example:
-    adapter = Flipper::Adapters::Memory.new
-    Flipper.new(adapter)
-  }
-  mount Flipper::UI.app(flipper_block) => '/flipper'
-end
-```
-
-#### Security
-
-You almost certainly want to limit access when using Flipper::UI in production.
-
-##### Basic Authentication via Rack
-The `Flipper::UI.app` method yields a builder instance prior to any predefined middleware. You can insert the `Rack::Auth::Basic` middleware, that'll prompt for a username and password when visiting the defined (i.e., `/flipper`) route.
-
-```ruby
-# config/routes.rb
-
-flipper_app = Flipper::UI.app(Flipper.instance) do |builder|
-  builder.use Rack::Auth::Basic do |username, password|
-    # Verify credentials
-  end
-end
-mount flipper_app, at: '/flipper'
-```
-
-##### Route Constraints
-It is possible to use [routes constraints](http://guides.rubyonrails.org/routing.html#request-based-constraints) to limit access to routes:
-
-```ruby
-# config/routes.rb
-
-flipper_constraint = lambda { |request| request.remote_ip == '127.0.0.1' }
-constraints flipper_constraint do
-  mount Flipper::UI.app(flipper) => '/flipper'
-end
-```
-
-Another example is to use the `current_user` when using a gem-based authentication system (i.e., [warden](https://github.com/hassox/warden) or [devise](https://github.com/plataformatec/devise)):
-
-```ruby
-# initializers/admin_access.rb
-
-class CanAccessFlipperUI
-  def self.matches?(request)
-    current_user = request.env['warden'].user
-    current_user.present? && current_user.respond_to?(:admin?) && current_user.admin?
-  end
-end
-
-# config/routes.rb
-
-constraints CanAccessFlipperUI do
-  mount Flipper::UI.app(Flipper) => '/flipper'
-end
-```
-
-### Standalone
-
-Minimal example for Rack:
-
-```ruby
-# config.ru
-
-require 'flipper/ui'
-
-adapter = Flipper::Adapters::Memory.new
-flipper = Flipper.new(adapter)
-
-run Flipper::UI.app(flipper) { |builder|
-  builder.use Rack::Session::Cookie, secret: "something long and random"
-}
-```
-
-The key is that you need to have sessions setup. Rails does this for you, so this step isn't necessary, but for standalone rack, you'll need it. Without sessions setup, you will receive a Runtime error like:
-
-```
-RuntimeError: you need to set up a session middleware *before* Rack::Protection::RemoteToken.
-```
-
-See [examples/ui/basic.ru](https://github.com/jnunemaker/flipper/blob/master/examples/ui/basic.ru) for a more full example
-
-### Configuration
-
-Flipper UI can be customized via `configure`, which yields a configuration instance.
-
-#### Description
-
-We can associate a `description` for each `feature` by providing a descriptions source:
-
-```ruby
-Flipper::UI.configure do |config|
-  config.descriptions_source = ->(keys) do
-    # descriptions loaded from YAML file or database (postgres, mysql, etc)
-    # return has to be hash of {String key => String description}
-  end
-
-  # Defaults to false. Set to true to show feature descriptions on the list
-  # page as well as the view page.
-  # config.show_feature_description_in_list = true
-end
-```
-
-Descriptions show up in the UI like so:
-
-![description](images/description.png)
-
-#### Banner
-
-Flipper UI can display a banner across the top of the page. The `banner_text` and `banner_class` can be configured by using the `Flipper::UI.configure` block as seen below.
-
-```ruby
-Flipper::UI.configure do |config|
-  config.banner_text = 'Production Environment'
-  config.banner_class = 'danger'
-end
-```
-
-By default the `environment` is set to an empty string so no banner will show. If you wish to customize the look of the banner, you can set `banner_class` to one of the bootstrap color classes: `primary`, `secondary`, `success`, `danger`, `warning`, `info`, `light`, or `dark`. The default `banner_class` is `danger`.
-
-The above configuration results in:
-
-![banner](images/banner.png)
-
-#### Fun mode
-
-By default, Flipper UI displays a videoclip when there are no flags. The `fun` mode can be configured by using the `Flipper::UI.configure` block as seen below.
-
-```ruby
-Flipper::UI.configure do |config|
-  config.fun = false
-end
-```
-
-## Contributing
-
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. **Fire up the app** (`script/server`)
-4. Run the tests `bundle exec rake`
-5. Commit your changes (`git commit -am 'Added some feature'`)
-6. Push to the branch (`git push origin my-new-feature`)
-7. Create new Pull Request