RubyGems - input_sanitizer - Versions diffs - 0.1.10 → 0.4.1 - Mend

input_sanitizer 0.1.10 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

checksums.yaml +7 -0
data/.github/workflows/ci.yaml +26 -0
data/.github/workflows/gempush.yml +28 -0
data/.gitignore +2 -1
data/CHANGELOG +99 -0
data/LICENSE +201 -22
data/README.md +24 -4
data/input_sanitizer.gemspec +10 -4
data/lib/input_sanitizer.rb +5 -2
data/lib/input_sanitizer/errors.rb +142 -0
data/lib/input_sanitizer/extended_converters.rb +5 -42
data/lib/input_sanitizer/extended_converters/comma_joined_integers_converter.rb +15 -0
data/lib/input_sanitizer/extended_converters/comma_joined_strings_converter.rb +15 -0
data/lib/input_sanitizer/extended_converters/positive_integer_converter.rb +12 -0
data/lib/input_sanitizer/extended_converters/specific_values_converter.rb +19 -0
data/lib/input_sanitizer/restricted_hash.rb +49 -8
data/lib/input_sanitizer/v1.rb +22 -0
data/lib/input_sanitizer/v1/clean_field.rb +38 -0
data/lib/input_sanitizer/{default_converters.rb → v1/default_converters.rb} +20 -13
data/lib/input_sanitizer/v1/sanitizer.rb +166 -0
data/lib/input_sanitizer/v2.rb +13 -0
data/lib/input_sanitizer/v2/clean_field.rb +36 -0
data/lib/input_sanitizer/v2/clean_payload_collection_field.rb +41 -0
data/lib/input_sanitizer/v2/clean_query_collection_field.rb +40 -0
data/lib/input_sanitizer/v2/error_collection.rb +49 -0
data/lib/input_sanitizer/v2/nested_sanitizer_factory.rb +19 -0
data/lib/input_sanitizer/v2/payload_sanitizer.rb +130 -0
data/lib/input_sanitizer/v2/payload_transform.rb +42 -0
data/lib/input_sanitizer/v2/query_sanitizer.rb +33 -0
data/lib/input_sanitizer/v2/types.rb +227 -0
data/lib/input_sanitizer/version.rb +1 -1
data/spec/extended_converters/comma_joined_integers_converter_spec.rb +18 -0
data/spec/extended_converters/comma_joined_strings_converter_spec.rb +18 -0
data/spec/extended_converters/positive_integer_converter_spec.rb +18 -0
data/spec/extended_converters/specific_values_converter_spec.rb +27 -0
data/spec/restricted_hash_spec.rb +37 -7
data/spec/sanitizer_spec.rb +129 -26
data/spec/spec_helper.rb +17 -2
data/spec/v1/default_converters_spec.rb +141 -0
data/spec/v2/converters_spec.rb +174 -0
data/spec/v2/payload_sanitizer_spec.rb +534 -0
data/spec/v2/payload_transform_spec.rb +98 -0
data/spec/v2/query_sanitizer_spec.rb +300 -0
data/v2.md +52 -0
metadata +105 -40
data/.travis.yml +0 -12
data/lib/input_sanitizer/sanitizer.rb +0 -140
data/spec/default_converters_spec.rb +0 -101
data/spec/extended_converters_spec.rb +0 -62

data/lib/input_sanitizer/v1/sanitizer.rb ADDED Viewed

@@ -0,0 +1,166 @@
+class InputSanitizer::V1::Sanitizer
+  def initialize(data)
+    @data = symbolize_keys(data)
+    @performed = false
+    @errors = []
+    @cleaned = InputSanitizer::RestrictedHash.new(self.class.fields.keys)
+  end
+  def self.clean(data)
+    new(data).cleaned
+  end
+  def [](field)
+    cleaned[field]
+  end
+  def cleaned
+    return @cleaned if @performed
+    perform_clean
+    @performed = true
+    @cleaned.freeze
+  end
+  def valid?
+    cleaned
+    @errors.empty?
+  end
+  def errors
+    cleaned
+    @errors
+  end
+  def self.converters
+    {
+      :integer => InputSanitizer::V1::IntegerConverter.new,
+      :string => InputSanitizer::V1::StringConverter.new,
+      :date => InputSanitizer::V1::DateConverter.new,
+      :time => InputSanitizer::V1::TimeConverter.new,
+      :boolean => InputSanitizer::V1::BooleanConverter.new,
+      :integer_or_blank => InputSanitizer::V1::IntegerConverter.new.extend(InputSanitizer::V1::AllowNil),
+      :string_or_blank => InputSanitizer::V1::StringConverter.new.extend(InputSanitizer::V1::AllowNil),
+      :date_or_blank => InputSanitizer::V1::DateConverter.new.extend(InputSanitizer::V1::AllowNil),
+      :time_or_blank => InputSanitizer::V1::TimeConverter.new.extend(InputSanitizer::V1::AllowNil),
+      :boolean_or_blank => InputSanitizer::V1::BooleanConverter.new.extend(InputSanitizer::V1::AllowNil),
+    }
+  end
+  def self.inherited(subclass)
+    subclass.fields = self.fields.dup
+  end
+  def self.initialize_types_dsl
+    converters.keys.each do |name|
+      class_eval <<-END
+        def self.#{name}(*keys)
+          set_keys_to_converter(keys, :#{name})
+        end
+      END
+    end
+  end
+  initialize_types_dsl
+  def self.custom(*keys)
+    options = keys.pop
+    converter = options.delete(:converter)
+    keys.push(options)
+    raise "You did not define a converter for a custom type" if converter == nil
+    self.set_keys_to_converter(keys, converter)
+  end
+  def self.nested(*keys)
+    options = keys.pop
+    sanitizer = options.delete(:sanitizer)
+    keys.push(options)
+    raise "You did not define a sanitizer for nested value" if sanitizer == nil
+    converter = lambda { |value|
+      instance = sanitizer.new(value)
+      raise InputSanitizer::ConversionError.new(instance.errors) unless instance.valid?
+      instance.cleaned
+    }
+    keys << {} unless keys.last.is_a?(Hash)
+    keys.last[:nested] = true
+    self.set_keys_to_converter(keys, converter)
+  end
+  protected
+  def self.fields
+    @fields ||= {}
+  end
+  def self.fields=(new_fields)
+    @fields = new_fields
+  end
+  private
+  def self.extract_options!(array)
+    array.last.is_a?(Hash) ? array.pop : {}
+  end
+  def perform_clean
+    self.class.fields.each { |field, hash| clean_field(field, hash) }
+  end
+  def clean_field(field, hash)
+    if hash[:options][:nested] && @data.has_key?(field)
+      if hash[:options][:collection]
+        raise InputSanitizer::ConversionError.new("expected an array") unless @data[field].is_a?(Array)
+      else
+        raise InputSanitizer::ConversionError.new("expected a hash") unless @data[field].is_a?(Hash)
+      end
+    end
+    @cleaned[field] = InputSanitizer::V1::CleanField.call(hash[:options].merge({
+      :has_key => @data.has_key?(field),
+      :data => @data[field],
+      :converter => hash[:converter],
+      :provide => @data[hash[:options][:provide]],
+    }))
+  rescue InputSanitizer::ConversionError => error
+    add_error(field, :invalid_value, @data[field], error.message)
+  rescue InputSanitizer::ValueMissingError => error
+    add_error(field, :missing, nil, nil)
+  rescue InputSanitizer::OptionalValueOmitted
+  end
+  def add_error(field, error_type, value, description = nil)
+    @errors << {
+      :field => field,
+      :type => error_type,
+      :value => value,
+      :description => description
+    }
+  end
+  def symbolize_keys(data)
+    symbolized_hash = {}
+    data.each do |key, value|
+      symbolized_hash[key.to_sym] = value
+    end
+    symbolized_hash
+  end
+  def self.set_keys_to_converter(keys, converter_or_type)
+    options = extract_options!(keys)
+    converter = if converter_or_type.is_a?(Symbol)
+      converters[converter_or_type]
+    else
+      converter_or_type
+    end
+    keys.each do |key|
+      fields[key] = {
+        :converter => converter,
+        :options => options
+      }
+    end
+  end
+end

data/lib/input_sanitizer/v2.rb ADDED Viewed

@@ -0,0 +1,13 @@
+module InputSanitizer::V2
+end
+dir = File.dirname(__FILE__)
+require File.join(dir, 'v2/types')
+require File.join(dir, 'v2/clean_payload_collection_field')
+require File.join(dir, 'v2/clean_query_collection_field')
+require File.join(dir, 'v2/clean_field')
+require File.join(dir, 'v2/nested_sanitizer_factory')
+require File.join(dir, 'v2/error_collection')
+require File.join(dir, 'v2/payload_sanitizer')
+require File.join(dir, 'v2/query_sanitizer')
+require File.join(dir, 'v2/payload_transform')

data/lib/input_sanitizer/v2/clean_field.rb ADDED Viewed

@@ -0,0 +1,36 @@
+class InputSanitizer::V2::CleanField < MethodStruct.new(:data, :has_key, :default, :collection, :type, :converter, :options)
+  def call
+    if has_key
+      convert
+    elsif default
+      converter.call(default, options)
+    elsif options[:required]
+      raise InputSanitizer::ValueMissingError
+    else
+      raise InputSanitizer::OptionalValueOmitted
+    end
+  end
+  private
+  def convert
+    if collection
+      collection_clean.call(
+        :data => data,
+        :collection => collection,
+        :converter => converter,
+        :options => options
+      )
+    else
+      converter.call(data, options)
+    end
+  end
+  def collection_clean
+    case type
+    when :payload
+      InputSanitizer::V2::CleanPayloadCollectionField
+    when :query
+      InputSanitizer::V2::CleanQueryCollectionField
+    end
+  end
+end

data/lib/input_sanitizer/v2/clean_payload_collection_field.rb ADDED Viewed

@@ -0,0 +1,41 @@
+class InputSanitizer::V2::CleanPayloadCollectionField < MethodStruct.new(:data, :converter, :collection, :options)
+  def call
+    return nil if options[:allow_nil] && data == nil
+    validate_type
+    validate_size
+    result, errors = [], {}
+    data.each_with_index do |value, idx|
+      begin
+        result << converter.call(value, options)
+      rescue InputSanitizer::ValidationError => e
+        errors[idx] = e
+      end
+    end
+    if errors.any?
+      raise InputSanitizer::CollectionError.new(errors)
+    else
+      result
+    end
+  end
+  private
+  def validate_type
+    unless data.respond_to?(:to_ary)
+      raise InputSanitizer::TypeMismatchError.new(data, :array)
+    end
+  end
+  def validate_size
+    if collection.respond_to?(:fetch)
+      if collection[:minimum] && data.length < collection[:minimum]
+        raise InputSanitizer::CollectionLengthError.new(data.length, collection[:minimum], collection[:maximum])
+      elsif collection[:maximum] && data.length > collection[:maximum]
+        raise InputSanitizer::CollectionLengthError.new(data.length, collection[:minimum], collection[:maximum])
+      end
+    end
+  end
+end

data/lib/input_sanitizer/v2/clean_query_collection_field.rb ADDED Viewed

@@ -0,0 +1,40 @@
+class InputSanitizer::V2::CleanQueryCollectionField < MethodStruct.new(:data, :converter, :collection, :options)
+  def call
+    validate_type
+    validate_size
+    result, errors = [], {}
+    items.each_with_index do |value, idx|
+      begin
+        result << converter.call(value, options)
+      rescue InputSanitizer::ValidationError => e
+        errors[idx] = e
+      end
+    end
+    if errors.any?
+      raise InputSanitizer::CollectionError.new(errors)
+    else
+      result
+    end
+  end
+  private
+  def items
+    @items ||= data.to_s.split(',')
+  end
+  def validate_type
+    InputSanitizer::V2::Types::StringCheck.new.call(data)
+  end
+  def validate_size
+    if collection.respond_to?(:fetch)
+      if collection[:minimum] && items.length < collection[:minimum]
+        raise InputSanitizer::CollectionLengthError.new(items.length, collection[:minimum], collection[:maximum])
+      elsif collection[:maximum] && items.length > collection[:maximum]
+        raise InputSanitizer::CollectionLengthError.new(items.length, collection[:minimum], collection[:maximum])
+      end
+    end
+  end
+end

data/lib/input_sanitizer/v2/error_collection.rb ADDED Viewed

@@ -0,0 +1,49 @@
+class InputSanitizer::V2::ErrorCollection
+  include Enumerable
+  attr_reader :error_codes, :messages
+  def initialize(errors)
+    @error_codes = {}
+    @messages = {}
+    @error_details = {}
+    errors.each do |error|
+      (@error_codes[error.field] ||= []) << error.code
+      (@messages[error.field] ||= []) << error.message
+      error_value_hash = { :value => error.value }
+      (@error_details[error.field] ||= []) << error_value_hash
+    end
+  end
+  def [](attribute)
+    @error_codes[attribute]
+  end
+  def each
+    @error_codes.each_key do |attribute|
+      self[attribute].each { |error| yield attribute, error }
+    end
+  end
+  def size
+    @error_codes.size
+  end
+  alias_method :length, :size
+  alias_method :count, :size
+  def empty?
+    @error_codes.empty?
+  end
+  def add(attribute, code = :invalid, options = {})
+    (@error_codes[attribute] ||= []) << code
+    (@messages[attribute] ||= []) << options.delete(:messages)
+    (@error_details[attribute] ||= []) << options
+  end
+  def to_hash
+    messages.dup
+  end
+  alias_method :full_messages, :to_hash
+end

data/lib/input_sanitizer/v2/nested_sanitizer_factory.rb ADDED Viewed

@@ -0,0 +1,19 @@
+class InputSanitizer::V2::NestedSanitizerFactory
+  class NilAllowed
+    def cleaned
+      nil
+    end
+    def valid?
+      true
+    end
+  end
+  def self.for(nested_sanitizer_klass, value, options)
+    if value.nil? && options[:allow_nil] && !options[:collection]
+      NilAllowed.new
+    else
+      nested_sanitizer_klass.new(value, options)
+    end
+  end
+end

data/lib/input_sanitizer/v2/payload_sanitizer.rb ADDED Viewed

@@ -0,0 +1,130 @@
+class InputSanitizer::V2::PayloadSanitizer < InputSanitizer::Sanitizer
+  attr_reader :validation_context
+  def initialize(data, validation_context = {})
+    super data
+    self.validation_context = validation_context || {}
+  end
+  def validation_context=(context)
+    raise ArgumentError, "validation_context must be a Hash" unless context && context.is_a?(Hash)
+    @validation_context = context
+  end
+  def error_collection
+    @error_collection ||= InputSanitizer::V2::ErrorCollection.new(errors)
+  end
+  def self.converters
+    {
+      :integer => InputSanitizer::V2::Types::IntegerCheck.new,
+      :float => InputSanitizer::V2::Types::FloatCheck.new,
+      :string => InputSanitizer::V2::Types::StringCheck.new,
+      :boolean => InputSanitizer::V2::Types::BooleanCheck.new,
+      :datetime => InputSanitizer::V2::Types::DatetimeCheck.new,
+      :date => InputSanitizer::V2::Types::DatetimeCheck.new(:check_date => true),
+      :url => InputSanitizer::V2::Types::URLCheck.new,
+    }
+  end
+  initialize_types_dsl
+  def self.nested(*keys)
+    options = keys.pop
+    sanitizer = options.delete(:sanitizer)
+    keys.push(options)
+    raise "You did not define a sanitizer for nested value" if sanitizer == nil
+    converter = lambda { |value, converter_options|
+      instance = InputSanitizer::V2::NestedSanitizerFactory.for(sanitizer, value, converter_options)
+      raise InputSanitizer::NestedError.new(instance.errors) unless instance.valid?
+      instance.cleaned
+    }
+    keys << {} unless keys.last.is_a?(Hash)
+    keys.last[:nested] = true
+    self.set_keys_to_converter(keys, converter)
+  end
+  private
+  def perform_clean
+    super
+    @data.reject { |key, _| self.class.fields.keys.include?(key) }.each { |key, _| @errors << InputSanitizer::ExtraneousParamError.new("/#{key}") }
+  end
+  def prepare_options!(options)
+    return options if @validation_context.empty?
+    context = @validation_context.dup
+    context_provided_values = context.delete(:provided)
+    intersection = options.keys & context.keys
+    unless intersection.empty?
+      message = "validation context and converter options have the same keys: #{intersection}. " \
+        "In order to proceed please fix the configuration. " \
+        "In the meantime aborting ..."
+      raise RuntimeError, message
+    end
+    if context_provided_values
+      options[:provided] ||= {}
+      options[:provided] = options[:provided].merge(context_provided_values)
+    end
+    options.merge(context)
+  end
+  def clean_field(field, hash)
+    options = hash[:options].clone
+    collection = options.delete(:collection)
+    default = options.delete(:default)
+    has_key = @data.has_key?(field)
+    value = @data[field]
+    is_nested = options.delete(:nested)
+    provide = options.delete(:provide)
+    provided = Array(provide).inject({}) { |memo, value| memo[value] = @data[value]; memo }
+    options[:provided] = provided
+    if is_nested && has_key
+      if collection
+        raise InputSanitizer::TypeMismatchError.new(value, "array") unless value.is_a?(Array)
+      elsif !options[:allow_nil] || (options[:allow_nil] && !value.nil?)
+        raise InputSanitizer::TypeMismatchError.new(value, "hash") unless value.is_a?(Hash)
+      end
+    end
+    @cleaned[field] = InputSanitizer::V2::CleanField.call(
+      :data => value,
+      :has_key => has_key,
+      :default => default,
+      :collection => collection,
+      :type => sanitizer_type,
+      :converter => hash[:converter],
+      :options => prepare_options!(options)
+    )
+  rescue InputSanitizer::OptionalValueOmitted
+  rescue InputSanitizer::ValidationError => error
+    @errors += handle_error(field, error)
+  end
+  def handle_error(field, error)
+    case error
+    when InputSanitizer::CollectionError
+      error.collection_errors.map do |index, error|
+        handle_error("#{field}/#{index}", error)
+      end
+    when InputSanitizer::NestedError
+      error.nested_errors.map do |error|
+        handle_error("#{field}#{error.field}", error)
+      end
+    else
+      error.field = "/#{field}"
+      Array(error)
+    end.flatten
+  end
+  def sanitizer_type
+    :payload
+  end
+end