input_sanitizer 0.1.10 → 0.4.1

data/input_sanitizer.gemspec

@@ -3,11 +3,12 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
 require 'input_sanitizer/version'
 
 Gem::Specification.new do |gem|
-  gem.authors       = ["Tomek Paczkowski", "Tomasz Werbicki", "Michal Bugno"]
-  gem.email         = ["tom@futuresimple.com", "tomasz@futuresimple.com", "michal@futuresimple.com"]
+  gem.authors       = ["Zendesk"]
+  gem.email         = ["opensource@zendesk.com"]
   gem.description   = %q{Gem to sanitize hash of incoming data}
   gem.summary       = %q{Gem to sanitize hash of incoming data}
   gem.homepage      = ""
+  gem.license       = "Apache-2.0"
 
   gem.files         = `git ls-files`.split($\)
   gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
@@ -16,6 +17,11 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = InputSanitizer::VERSION
 
-  gem.add_development_dependency "rspec"
-  gem.add_development_dependency "simplecov"
+  gem.add_runtime_dependency "method_struct", ">= 0.2.2"
+
+  gem.add_runtime_dependency "activesupport", ">= 3.0.0"
+  gem.add_development_dependency "pry", "~> 0.10.1"
+  gem.add_development_dependency "simplecov", "~> 0.9.2"
+
+  gem.add_development_dependency "rspec", "~> 3.2.0"
 end

data/lib/input_sanitizer.rb

@@ -1,5 +1,8 @@
 module InputSanitizer
 end
 
-require "input_sanitizer/version"
-require 'input_sanitizer/sanitizer'
+require 'method_struct'
+
+require 'input_sanitizer/version'
+require 'input_sanitizer/v1'
+require 'input_sanitizer/v2'

data/lib/input_sanitizer/errors.rb

@@ -0,0 +1,142 @@
+module InputSanitizer
+  class OptionalValueOmitted < StandardError; end
+
+  class KeyNotAllowedError < ArgumentError; end
+
+  class ValidationError < StandardError
+    attr_accessor :field
+    attr_reader :value
+  end
+
+  class ConversionError < ValidationError; end
+
+  class ValueMissingError < ValidationError
+    def code
+      :missing
+    end
+
+    def initialize
+      super("is missing")
+    end
+  end
+
+  class BlankValueError < ValidationError
+    def code
+      :blank
+    end
+
+    def initialize
+      super("can't be blank")
+    end
+  end
+
+  class RegexpMismatchError < ValidationError
+    def code
+      :regexp
+    end
+
+    def initialize
+      super("does not match regular expression")
+    end
+  end
+
+  class ValueNotAllowedError < ValidationError
+    def code
+      :inclusion
+    end
+
+    def initialize(value)
+      @value = value
+      super("is not included in the list")
+    end
+  end
+
+  class TypeMismatchError < ValidationError
+    def code
+      case @type
+      when :integer
+        :not_an_integer
+      when :url
+        :invalid_uri
+      else
+        :invalid_type
+      end
+    end
+
+    def initialize(value, type)
+      @value = value
+      @type = type
+
+      message = case @type
+      when :integer
+        "must be an integer"
+      when :url
+        'must be a valid URI (include the scheme name part, both http and https are accepted, '\
+        'and the hierarchical part)'
+      else
+        "must be a value of type '#{type}'"
+      end
+
+      super(message)
+    end
+  end
+
+  class ExtraneousParamError < ValidationError
+    def code
+      :unknown_param
+    end
+
+    def initialize(name)
+      @field = name
+      super("is an unexpected parameter")
+    end
+  end
+
+  class CollectionLengthError < ValidationError
+    def code
+      :invalid_length
+    end
+
+    def initialize(value, min, max)
+      if min && max
+        super("must be of length between #{min} and #{max}, given: #{value}")
+      elsif min
+        super("must be of length greater than or equal to #{min}, given: #{value}")
+      else
+        super("must be of length less than or equal to #{max}, given: #{value}")
+      end
+    end
+  end
+
+  class ValueError < ValidationError
+    def code
+      :invalid_value
+    end
+
+    def initialize(value, min, max)
+      if min && max
+        super("must be between #{min} and #{max}, given: #{value}")
+      elsif min
+        super("must be higher than or equal to #{min}, given: #{value}")
+      else
+        super("must be lower than or equal to #{max}, given: #{value}")
+      end
+    end
+  end
+
+  class NestedError < ValidationError
+    attr_reader :nested_errors
+
+    def initialize(nested_errors)
+      @nested_errors = nested_errors
+    end
+  end
+
+  class CollectionError < ValidationError
+    attr_reader :collection_errors
+
+    def initialize(collection_errors)
+      @collection_errors = collection_errors
+    end
+  end
+end

data/lib/input_sanitizer/extended_converters.rb

@@ -1,42 +1,5 @@
-module InputSanitizer
-  class PositiveIntegerConverter < IntegerConverter
-    def call(value)
-      val = super
-      raise ConversionError.new("invalid integer (neagtive or zero)") if val <= 0
-      val
-    end
-  end
-
-  class CommaJoinedIntegersConverter
-    def call(value)
-      non_valid = value.gsub(/[0-9,]/, "")
-      if non_valid.empty?
-        parts = value.split(",").map(&:to_i)
-      else
-        invalid_chars = non_valid.split(//)
-        invalid_chars_desc = invalid_chars.join(", ")
-        raise InputSanitizer::ConversionError.new("Invalid chars: #{invalid_chars_desc}")
-      end
-    end
-  end
-
-  class SpecificValuesConverter
-    def initialize(values)
-      @valid_values = values
-    end
-
-    def call(value)
-      found = @valid_values.include?(value) ? value : nil
-      if !found
-        found = @valid_values.include?(value.to_sym) ? value.to_sym : nil
-      end
-      if !found
-        values_joined = @valid_values.join(", ")
-        error_message = "Possible values: #{values_joined}"
-        raise InputSanitizer::ConversionError.new(error_message)
-      else
-        found
-      end
-    end
-  end
-end
+dir = File.dirname(__FILE__)
+require File.join(dir, 'extended_converters', 'positive_integer_converter')
+require File.join(dir, 'extended_converters', 'comma_joined_integers_converter')
+require File.join(dir, 'extended_converters', 'comma_joined_strings_converter')
+require File.join(dir, 'extended_converters', 'specific_values_converter')

data/lib/input_sanitizer/extended_converters/comma_joined_integers_converter.rb

@@ -0,0 +1,15 @@
+module InputSanitizer
+  class CommaJoinedIntegersConverter
+    def call(value)
+      value = value.to_s
+      non_valid = value.gsub(/[0-9,]/, "")
+
+      if non_valid.empty?
+        value.split(",").map(&:to_i)
+      else
+        invalid_chars = non_valid.split(//).join(", ")
+        raise InputSanitizer::ConversionError.new("Invalid integers: #{invalid_chars}")
+      end
+    end
+  end
+end

data/lib/input_sanitizer/extended_converters/comma_joined_strings_converter.rb

@@ -0,0 +1,15 @@
+module InputSanitizer
+  class CommaJoinedStringsConverter
+    def call(value)
+      value = value.to_s
+      non_valid = value.gsub(/[a-zA-Z,_]/, "")
+
+      if non_valid.empty?
+        value.split(",").map(&:to_s)
+      else
+        invalid_chars = non_valid.split(//).join(", ")
+        raise InputSanitizer::ConversionError.new("Invalid strings: #{invalid_chars}")
+      end
+    end
+  end
+end

data/lib/input_sanitizer/extended_converters/positive_integer_converter.rb

@@ -0,0 +1,12 @@
+module InputSanitizer
+  class PositiveIntegerConverter < V1::IntegerConverter
+    def call(value)
+      super.tap { |value| raise_error if value <= 0 }
+    end
+
+    private
+    def raise_error
+      raise ConversionError.new("invalid integer (neagtive or zero)")
+    end
+  end
+end

data/lib/input_sanitizer/extended_converters/specific_values_converter.rb

@@ -0,0 +1,19 @@
+module InputSanitizer
+  class SpecificValuesConverter
+    def initialize(values)
+      @valid_values = values
+    end
+
+    def call(value)
+      case
+      when @valid_values.include?(value)
+        value
+      when value.respond_to?(:to_sym) && @valid_values.include?(value.to_sym)
+        value.to_sym
+      else
+        values_joined = @valid_values.join(", ")
+        raise InputSanitizer::ConversionError.new("Possible values: #{values_joined}")
+      end
+    end
+  end
+end

data/lib/input_sanitizer/restricted_hash.rb

@@ -1,24 +1,65 @@
 module InputSanitizer
-  class KeyNotAllowedError < ArgumentError; end
-
   class RestrictedHash < Hash
     def initialize(allowed_keys)
-      @allowed_keys = allowed_keys
-      super() { |hash, key| default_for_key(key) }
+      @allowed_keys = Set.new(allowed_keys)
+      super()
+    end
+
+    def [](key)
+      raise_not_allowed(key) unless key_allowed?(key)
+      fetch(key, nil)
+    end
+
+    def []=(key, val)
+      @allowed_keys.add(key)
+      super
+    end
+
+    def store(key, val)
+      @allowed_keys.add(key)
+      super
+    end
+
+    def merge!(hash, &block)
+      @allowed_keys.merge(Set[*hash.keys])
+      super
+    end
+
+    def merge(hash, &block)
+      @allowed_keys.merge(Set[*hash.keys])
+      super
     end
 
     def key_allowed?(key)
       @allowed_keys.include?(key)
     end
 
-    private
-    def default_for_key(key)
-      key_allowed?(key) ? nil : raise_not_allowed(key)
+    def transform_keys
+      return enum_for(:transform_keys) unless block_given?
+
+      new_allowed_keys = @allowed_keys.map { |key| yield(key) }
+      result = self.class.new(new_allowed_keys)
+      each_key do |key|
+        result[yield(key)] = self[key]
+      end
+      result
     end
 
+    def transform_keys!
+      return enum_for(:transform_keys!) unless block_given?
+
+      @allowed_keys.map! { |key| yield(key) }
+      keys.each do |key|
+        self[yield(key)] = delete(key)
+      end
+      self
+    end
+
+    private
+
     def raise_not_allowed(key)
       msg = "Key not allowed: #{key}"
-      raise KeyNotAllowedError.new(msg)
+      raise KeyNotAllowedError, msg
     end
   end
 end

data/lib/input_sanitizer/v1.rb

@@ -0,0 +1,22 @@
+module InputSanitizer::V1
+end
+
+dir = File.dirname(__FILE__)
+require File.join(dir, 'errors')
+require File.join(dir, 'restricted_hash')
+require File.join(dir, 'v1', 'default_converters')
+require File.join(dir, 'v1', 'clean_field')
+require File.join(dir, 'v1', 'sanitizer')
+require File.join(dir, 'extended_converters')
+
+# Backward compatibility
+module InputSanitizer
+  Sanitizer = V1::Sanitizer
+
+  IntegerConverter = V1::IntegerConverter
+  StringConverter = V1::StringConverter
+  DateConverter = V1::DateConverter
+  TimeConverter = V1::TimeConverter
+  BooleanConverter = V1::BooleanConverter
+  AllowNil = V1::AllowNil
+end

data/lib/input_sanitizer/v1/clean_field.rb

@@ -0,0 +1,38 @@
+InputSanitizer::V1::CleanField = MethodStruct.new(:data, :has_key, :converter, :required, :collection, :namespace, :default, :provide, :allow) do
+  def call
+    if has_key
+      convert
+    elsif default
+      converter.call(default)
+    elsif required
+      raise InputSanitizer::ValueMissingError
+    else
+      raise InputSanitizer::OptionalValueOmitted
+    end
+  end
+
+  private
+  def convert
+    if collection
+      data.map { |value| convert_single(value) }
+    else
+      convert_single(data)
+    end
+  end
+
+  def convert_single(value)
+    if namespace
+      { namespace => convert_value(value[namespace]) }
+    else
+      convert_value(value)
+    end
+  end
+
+  def convert_value(value)
+    if provide
+      converter.call(value, provide)
+    else
+      converter.call(value)
+    end
+  end
+end

data/lib/input_sanitizer/{default_converters.rb → v1/default_converters.rb}

@@ -1,14 +1,12 @@
 require 'time'
+require 'date'
 
-module InputSanitizer
-  class ConversionError < Exception
-  end
-
+module InputSanitizer::V1
   class IntegerConverter
     def call(value)
       cast = value.to_i
       if cast.to_s != value.to_s
-        raise ConversionError.new("invalid integer")
+        raise InputSanitizer::ConversionError.new("invalid integer")
       end
       cast
     end
@@ -24,24 +22,31 @@ module InputSanitizer
     ISO_RE = /\A\d{4}-?\d{2}-?\d{2}/
 
     def call(value)
-      raise ConversionError.new("invalid time") unless value =~ ISO_RE
+      raise InputSanitizer::ConversionError.new("invalid time") unless value =~ ISO_RE
       Date.parse(value)
     rescue ArgumentError
-      raise ConversionError.new("invalid iso8601 date")
+      raise InputSanitizer::ConversionError.new("invalid iso8601 date")
     end
   end
 
   class TimeConverter
-    ISO_RE = /\A\d{4}-?\d{2}-?\d{2}([T ]?\d{2}(:?\d{2}(:?\d{2})?)?)?\Z/
+    ISO_RE = /\A\d{4}-?\d{2}-?\d{2}([T ]?\d{2}(:?\d{2}(:?\d{2}((\.)?\d{0,3}(Z)?)?)?)?)?\Z/
 
     def call(value)
-      if value =~ ISO_RE
-        strip_timezone(Time.parse(value))
+      case value
+      when Time
+        value.getutc
+      when String
+        if value =~ ISO_RE
+          strip_timezone(Time.parse(value))
+        else
+          raise InputSanitizer::ConversionError.new("invalid time")
+        end
       else
-        raise ConversionError.new("invalid time")
+        raise InputSanitizer::ConversionError.new("invalid time")
       end
     rescue ArgumentError
-      raise ConversionError.new("invalid time")
+      raise InputSanitizer::ConversionError.new("invalid time")
     end
 
     def strip_timezone(time)
@@ -59,6 +64,8 @@ module InputSanitizer
       '0' => false,
       'yes' => true,
       'no' => false,
+      1 => true,
+      0 => false,
     }
 
     def call(value)
@@ -74,7 +81,7 @@ module InputSanitizer
         message += " for true, or "
         message += falsy.join(", ")
         message += " for false."
-        raise ConversionError.new(message)
+        raise InputSanitizer::ConversionError.new(message)
       end
     end
   end