json2sql 1.0.10 → 1.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/json2sql/input_policy.rb +24 -21
  3. data/lib/json2sql/version.rb +1 -1
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: eb3184ddebd15d9412944f3e518524bbb0ae82b37dfcc925acb4c907e1244c3a
4
- data.tar.gz: 0575b7e23355d4c08954cdf08a8da924bb8fccf67cd77086bb191c10b35a5780
3
+ metadata.gz: b734e672123b35d6b3878a30bf9629821915140e3240eba21cd8e853ac414911
4
+ data.tar.gz: 819e7767505a2154f0071a46ffee6640d30954e7bae623f308cb185791f2f1f3
5
5
  SHA512:
6
- metadata.gz: 3501e46e1a5f0d10abe56a545f965e6c501864e436064f1cbe69e7e3573e35d177ae41b379df5e90ca77baf8d9ca19ea2b3843d21bdbc22b8e5bd21aab86f125
7
- data.tar.gz: 5df88c1b1c985fc920baea0717746e7348c6040ec2d3ef8309a0f52dbb3c72a8f2cdc4e1e520e347bcceb6001ee59206680f90f7663522d0ba40b718ef82a8d7
6
+ metadata.gz: 8a0743bbb6f1e26aacf1cdf62e0e81ce19992a79b0c748225a3d563a810ef4d8278b59d068fe28ee8707bb55080130d27538dc6711a2782dc392762aefd92a32
7
+ data.tar.gz: 90cb0a70a7443c7bd6b3f4c6f12d02298d6e6c906d399cebc02c1edf1c566dc5eef470790d7f9213ef88b266a3b11f39f53fd74eaaa1ca1f37ef8daa015331d8
data/lib/json2sql/input_policy.rb CHANGED
@@ -16,8 +16,8 @@ module Json2sql
16
16
  # nil or absent = no column restriction for that table.
17
17
  # children: nested hash of allowed/denied child tables with their own config.
18
18
  # nil or absent = no restriction on children.
19
- # In :deny mode: use empty hash {} to deny the relation entirely;
20
- # a non-empty config applies column/where filtering without blocking.
19
+ # In :deny mode: a child relation is removed only when all its
20
+ # columns are denied (result is empty array).
21
21
  # parents: nested hash of allowed/denied parent tables with their own config.
22
22
  # nil or absent = no restriction on parents.
23
23
  # In :deny mode: same rules as children.
@@ -81,23 +81,34 @@ module Json2sql
81
81
 
82
82
  %w[children parents].each do |relation|
83
83
 
84
- filter_relations(params, config, relation)
84
+ if @mode == :deny
85
85
 
86
- next unless params[relation].is_a?(Hash)
86
+ next unless params[relation].is_a?(Hash)
87
87
 
88
- relation_configs = config[relation].is_a?(Hash) ? config[relation] : {}
88
+ relation_configs = config[relation].is_a?(Hash) ? config[relation] : {}
89
89
 
90
- params[relation].each { |child_table, child_params| sanitize_table(child_params, relation_configs[child_table] || {}) }
90
+ params[relation].each { |child_table, child_params| sanitize_table(child_params, relation_configs[child_table] || {}) }
91
+
92
+ params[relation].reject! { |_, child_params| child_params.is_a?(Hash) && child_params["columns"].is_a?(Array) && child_params["columns"].empty? }
93
+
94
+ else
95
+
96
+ filter_relations(params, config, relation)
97
+
98
+ next unless params[relation].is_a?(Hash)
99
+
100
+ relation_configs = config[relation].is_a?(Hash) ? config[relation] : {}
101
+
102
+ params[relation].each { |child_table, child_params| sanitize_table(child_params, relation_configs[child_table] || {}) }
103
+
104
+ end
91
105
  end
92
106
  end
93
107
 
94
- # Filters children/parents relations using mode.
95
- # In :allow mode, only relations present as keys in config[relation_key] pass.
96
- # In :deny mode:
97
- # - relation config is nil or {} → relation is denied entirely.
98
- # - relation config is a non-empty Hash → relation passes; sub-config is
99
- # applied recursively (column filtering, where injection, etc.).
108
+ # Filters children/parents relations in :allow mode.
109
+ # Only relations present as keys in config[relation_key] pass through.
100
110
  # If config[relation_key] is absent or not a Hash, relations are untouched.
111
+ # In :deny mode, pruning is handled in sanitize_table after column filtering.
101
112
 
102
113
  def filter_relations(params, config, relation_key)
103
114
 
@@ -109,15 +120,7 @@ module Json2sql
109
120
 
110
121
  return unless relation_config.is_a?(Hash)
111
122
 
112
- params[relation_key] = if @mode == :deny
113
-
114
- relations.reject { |t, _| relation_config.key?(t) && (relation_config[t].nil? || (relation_config[t].is_a?(Hash) && relation_config[t].empty?)) }
115
-
116
- else
117
-
118
- relations.select { |t, _| relation_config.key?(t) }
119
-
120
- end
123
+ params[relation_key] = relations.select { |t, _| relation_config.key?(t) }
121
124
  end
122
125
 
123
126
  # Filters "columns" using mode (:allow or :deny).
data/lib/json2sql/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Json2sql
4
- VERSION = "1.0.10"
4
+ VERSION = "1.0.11"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json2sql
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.10
4
+ version: 1.0.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tiago da Silva