RubyGems - liquid-autoescape - Versions diffs - 0.2.1 - Mend

liquid-autoescape 0.2.1

Files changed (22) hide show

checksums.yaml +15 -0
data/LICENSE +21 -0
data/README.md +165 -0
data/lib/liquid/autoescape.rb +33 -0
data/lib/liquid/autoescape/configuration.rb +41 -0
data/lib/liquid/autoescape/core_exemptions.rb +40 -0
data/lib/liquid/autoescape/errors.rb +11 -0
data/lib/liquid/autoescape/exemption.rb +47 -0
data/lib/liquid/autoescape/exemption_list.rb +106 -0
data/lib/liquid/autoescape/filters.rb +26 -0
data/lib/liquid/autoescape/liquid_ext/variable.rb +38 -0
data/lib/liquid/autoescape/tags/autoescape.rb +45 -0
data/lib/liquid/autoescape/template_variable.rb +74 -0
data/lib/liquid/autoescape/version.rb +5 -0
data/spec/functional/autoescape_tag_spec.rb +200 -0
data/spec/unit/autoescape_spec.rb +49 -0
data/spec/unit/configuration_spec.rb +72 -0
data/spec/unit/core_exemptions_spec.rb +72 -0
data/spec/unit/exemption_list_spec.rb +165 -0
data/spec/unit/exemption_spec.rb +29 -0
data/spec/unit/template_variable_spec.rb +80 -0
metadata +148 -0

data/spec/unit/core_exemptions_spec.rb ADDED Viewed

@@ -0,0 +1,72 @@
+require "liquid/autoescape"
+require "liquid/autoescape/core_exemptions"
+require "liquid/autoescape/template_variable"
+module Liquid
+  module Autoescape
+    describe CoreExemptions do
+      let(:exemptions) { Module.new { extend CoreExemptions } }
+      let(:variable) { TemplateVariable.new(:name => name, :filters => filters) }
+      let(:name) { "variable" }
+      let(:filters) { [] }
+      describe ".uses_escaping_filter?" do
+        subject { exemptions.uses_escaping_filter?(variable) }
+        context "when no filters are used" do
+          let(:filters) { [] }
+          it { should be(false) }
+        end
+        context "when the escape filter is used" do
+          let(:filters) { [:escape] }
+          it { should be(true) }
+        end
+        context "when the skip_escape filter is used" do
+          let(:filters) { [:skip_escape] }
+          it { should be(true) }
+        end
+        context "when a non-escaping filter is used" do
+          let(:filters) { [:downcase] }
+          it { should be(false) }
+        end
+        context "when an escaping filter is used with a non-escaping filter" do
+          let(:filters) { [:downcase, :escape] }
+          it { should be(true) }
+        end
+      end
+      describe ".uses_trusted_filter?" do
+        subject { exemptions.uses_trusted_filter?(variable) }
+        before(:each) do
+          Autoescape.configure { |config| config.trusted_filters << :downcase }
+        end
+        after(:each) do
+          Autoescape.reconfigure
+        end
+        context "when a trusted filter is used" do
+          let(:filters) { [:downcase] }
+          it { should be(true) }
+        end
+        context "when a non-trusted filter is used" do
+          let(:filters) { [:capitalize] }
+          it { should be(false) }
+        end
+      end
+    end
+  end
+end

data/spec/unit/exemption_list_spec.rb ADDED Viewed

@@ -0,0 +1,165 @@
+require "liquid/autoescape/exemption_list"
+require "liquid/autoescape/template_variable"
+module Liquid
+  module Autoescape
+    describe ExemptionList do
+      let(:exemptions) { ExemptionList.new }
+      describe ".from_module" do
+        it "creates a new exemption list with the module's methods as exemptions" do
+          custom = Module.new do
+            def exemption_one(variable)
+              variable.name == "one"
+            end
+            def exemption_two(variable)
+              variable.name == "two"
+            end
+          end
+          from_module = ExemptionList.from_module(custom)
+          expect(from_module).to be_an_instance_of(ExemptionList)
+          expect(from_module.size).to eq(2)
+        end
+      end
+      describe "#add" do
+        it "adds a filter function as an exemption" do
+          expect(exemptions.size).to eq(0)
+          exemptions.add { |variable| variable.name == "variable" }
+          expect(exemptions.size).to eq(1)
+        end
+        it "is chainable" do
+          first = lambda { |variable| variable.name == "one" }
+          second = lambda { |variable| variable.name == "two" }
+          expect(exemptions.size).to eq(0)
+          exemptions.add(&first).add(&second)
+          expect(exemptions.size).to eq(2)
+        end
+      end
+      describe "#import" do
+        it "adds all instance methods from a module as exemptions" do
+          custom = Module.new do
+            def exemption(variable)
+              variable.name == "variable"
+            end
+          end
+          expect(exemptions.size).to eq(0)
+          exemptions.import(custom)
+          expect(exemptions.size).to eq(1)
+        end
+        it "adds methods with identical names from different modules" do
+          module_one = Module.new do
+            def exemption(variable)
+              variable.name == "one"
+            end
+          end
+          module_two = Module.new do
+            def exemption(variable)
+              variable.name == "two"
+            end
+          end
+          expect(exemptions.size).to eq(0)
+          exemptions.import(module_one)
+          exemptions.import(module_two)
+          expect(exemptions.size).to eq(2)
+        end
+        it "is chainable" do
+          custom = Module.new do
+            def exemption(variable)
+              variable.name == "one"
+            end
+          end
+          expect(exemptions.size).to eq(0)
+          exemptions.import(custom).import(custom)
+          expect(exemptions.size).to eq(2)
+        end
+      end
+      describe "#apply?" do
+        let(:var_one) { TemplateVariable.new(:name => "one") }
+        let(:var_two) { TemplateVariable.new(:name => "two") }
+        it "returns true when a filter function applies to a variable" do
+          expect(exemptions.apply?(var_one)).to be(false)
+          expect(exemptions.apply?(var_two)).to be(false)
+          exemptions.add { |variable| variable.name == "one" }
+          expect(exemptions.apply?(var_one)).to be(true)
+          expect(exemptions.apply?(var_two)).to be(false)
+        end
+        it "returns true when a module function applies to a variable" do
+          custom = Module.new do
+            def exemption(variable)
+              variable.name == "one"
+            end
+          end
+          expect(exemptions.apply?(var_one)).to be(false)
+          expect(exemptions.apply?(var_two)).to be(false)
+          exemptions.import(custom)
+          expect(exemptions.apply?(var_one)).to be(true)
+          expect(exemptions.apply?(var_two)).to be(false)
+        end
+        it "has an #applies? alias" do
+          exemption_list = ExemptionList.new
+          exemption_list.add { |variable| variable.name == "one" }
+          expect(exemption_list.applies?(var_one)).to be(true)
+          expect(exemption_list.applies?(var_two)).to be(false)
+        end
+      end
+      describe "#populated?" do
+        it "is false when there are no exemptions" do
+          expect(exemptions.populated?).to be(false)
+        end
+        it "is true when there are exemptions" do
+          exemptions.add { true }
+          expect(exemptions.populated?).to be(true)
+        end
+      end
+      describe "#size" do
+        it "is zero when there are no exemptions" do
+          expect(exemptions.size).to eq(0)
+        end
+        it "is true when there are exemptions" do
+          exemptions.add { true }
+          expect(exemptions.size).to eq(1)
+        end
+      end
+    end
+  end
+end

data/spec/unit/exemption_spec.rb ADDED Viewed

@@ -0,0 +1,29 @@
+require "liquid/autoescape/errors"
+require "liquid/autoescape/exemption"
+require "liquid/autoescape/template_variable"
+module Liquid
+  module Autoescape
+    describe Exemption do
+      it "requires a callable filter block" do
+        expect { Exemption.new }.to raise_error(ExemptionError)
+        expect { Exemption.new { true } }.to_not raise_error
+      end
+      describe "#applies?" do
+        it "evaluates the filter block in the context of variable data" do
+          exemption = Exemption.new { |variable| variable.name == "one" }
+          var_one = TemplateVariable.new(:name => "one")
+          var_two = TemplateVariable.new(:name => "two")
+          expect(exemption.applies?(var_one)).to be(true)
+          expect(exemption.applies?(var_two)).to be(false)
+        end
+      end
+    end
+  end
+end

data/spec/unit/template_variable_spec.rb ADDED Viewed

@@ -0,0 +1,80 @@
+require "liquid"
+require "liquid/autoescape/template_variable"
+module Liquid
+  module Autoescape
+    describe TemplateVariable do
+      it "requires a variable name" do
+        expect { TemplateVariable.new }.to raise_error(KeyError)
+        expect { TemplateVariable.new(:name => "variable") }.to_not raise_error
+      end
+      it "exposes its variable name" do
+        data = TemplateVariable.new(:name => "variable")
+        expect(data.name).to eq("variable")
+      end
+      it "can accept variable names describing a lookup" do
+        data = TemplateVariable.new(:name => "hash.key")
+        expect(data.name).to eq("hash.key")
+      end
+      it "can accept a list of filters applied to the variable" do
+        data = TemplateVariable.new(:name => "variable", :filters => [:downcase])
+        expect(data.filters).to match_array([:downcase])
+      end
+      describe ".from_liquid_variable" do
+        let(:liquid_variable) { Liquid::Variable.new(variable_name) }
+        let(:variable_name) { nil }
+        let(:wrapper) { TemplateVariable.from_liquid_variable(liquid_variable) }
+        context "with an unfiltered Liquid variable" do
+          let(:variable_name) { "from_liquid" }
+          it "resolves the variable name" do
+            expect(wrapper.name).to eq("from_liquid")
+          end
+          it "has an empty list of filters" do
+            expect(wrapper.filters).to be_empty
+          end
+        end
+        context "with a filtered Liquid variable" do
+          let(:variable_name) { "from_liquid | downcase | capitalize" }
+          it "resolves the variable name" do
+            expect(wrapper.name).to eq("from_liquid")
+          end
+          it "exposes a list of filters" do
+            expect(wrapper.filters).to eq([:downcase, :capitalize])
+          end
+        end
+        context "with a lookup-style Liquid variable" do
+          let(:variable_name) { "hash.key" }
+          it "exposes the full variable name" do
+            expect(wrapper.name).to eq("hash.key")
+          end
+        end
+        context "with a deep lookup-style Liquid variable" do
+          let(:variable_name) { "trunk.branch.leaf" }
+          it "exposes the full variable name" do
+            expect(wrapper.name).to eq("trunk.branch.leaf")
+          end
+        end
+      end
+    end
+  end
+end

metadata ADDED Viewed

@@ -0,0 +1,148 @@
+--- !ruby/object:Gem::Specification
+name: liquid-autoescape
+version: !ruby/object:Gem::Version
+  version: 0.2.1
+platform: ruby
+authors:
+- Within3
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-05-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: liquid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    - - <
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    - - <
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.30'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.30'
+description: Apply HTML escaping to all variables in a Liquid block
+email:
+- it-operations@within3.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/liquid/autoescape.rb
+- lib/liquid/autoescape/configuration.rb
+- lib/liquid/autoescape/core_exemptions.rb
+- lib/liquid/autoescape/errors.rb
+- lib/liquid/autoescape/exemption.rb
+- lib/liquid/autoescape/exemption_list.rb
+- lib/liquid/autoescape/filters.rb
+- lib/liquid/autoescape/liquid_ext/variable.rb
+- lib/liquid/autoescape/tags/autoescape.rb
+- lib/liquid/autoescape/template_variable.rb
+- lib/liquid/autoescape/version.rb
+- spec/functional/autoescape_tag_spec.rb
+- spec/unit/autoescape_spec.rb
+- spec/unit/configuration_spec.rb
+- spec/unit/core_exemptions_spec.rb
+- spec/unit/exemption_list_spec.rb
+- spec/unit/exemption_spec.rb
+- spec/unit/template_variable_spec.rb
+homepage: https://github.com/Within3/liquid-autoescape
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.5
+signing_key:
+specification_version: 4
+summary: Autoescape support for Liquid
+test_files:
+- spec/functional/autoescape_tag_spec.rb
+- spec/unit/autoescape_spec.rb
+- spec/unit/configuration_spec.rb
+- spec/unit/core_exemptions_spec.rb
+- spec/unit/exemption_list_spec.rb
+- spec/unit/exemption_spec.rb
+- spec/unit/template_variable_spec.rb
+has_rdoc: