mini_defender 0.1.0

data/lib/mini_defender/rules/not_in.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::NotIn < MiniDefender::Rule
+  def initialize(values)
+    raise ArgumentError, 'Expected an array of values.' unless values.is_a?(Array)
+
+    @values = values
+  end
+
+  def self.signature
+    'not_in'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected at least one argument.' unless args.length > 0
+
+    new(args)
+  end
+
+  def passes?(attribute, value, validator)
+    @values.include?(value)
+  end
+
+  def message(attribute, value, validator)
+    "The value should not be any of the following #{@values.to_sentence}."
+  end
+end

data/lib/mini_defender/rules/not_regex.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::NotRegex < MiniDefender::Rule
+  def initialize(pattern)
+    raise ArgumentError, 'Expected a Regexp instance.' unless pattern.is_a?(Regexp)
+
+    @pattern = pattern
+  end
+
+  def self.signature
+    'not_regex'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected a pattern as input.' unless args.length == 1
+
+    new(Regexp.compile(args[0]))
+  end
+
+  def passes?(attribute, value, validator)
+    !value.to_s.match?(@pattern)
+  end
+
+  def message(attribute, value, validator)
+    "The value must not match #{@pattern.to_s}."
+  end
+end

data/lib/mini_defender/rules/not_starting_with.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::NotStartingWith < MiniDefender::Rule
+  def initialize(fragments)
+    unless fragments.is_a?(Array) && !fragments.empty? && fragments.all? { |f| f.is_a?(String) }
+      raise ArgumentError, 'Expected an array of strings.'
+    end
+
+    @fragments = fragments
+  end
+
+  def self.signature
+    'not_starting_with'
+  end
+
+  def self.make(args)
+    new(args)
+  end
+
+  def passes?(attribute, value, validator)
+    @fragments.any? { |f| !value.to_s.start_with?(f) }
+  end
+
+  def message(attribute, value, validator)
+    if @fragments.length == 1
+      "The value should not start with #{@fragments[0]}."
+    else
+      "The value should not start with one of the following #{@fragments.join(', ')}."
+    end
+  end
+end

data/lib/mini_defender/rules/numeric.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::Numeric < MiniDefender::Rule
+  def self.signature
+    'numeric'
+  end
+
+  def coerce(value)
+    value.is_a?(Numeric) ? value : Float(value.to_s)
+  end
+
+  def passes?(attribute, value, validator)
+    value.is_a?(Numeric) || Float(value.to_s) rescue false
+  end
+
+  def message(attribute, value, validator)
+    "The field must contain a numeric value."
+  end
+end

data/lib/mini_defender/rules/present.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::Present < MiniDefender::Rule
+  def self.signature
+    'present'
+  end
+
+  def implicit?(validator)
+    true
+  end
+
+  def passes?(attribute, value, validator)
+    true
+  end
+
+  def message(attribute, value, validator)
+    "The field should be present."
+  end
+end

data/lib/mini_defender/rules/prohibited.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::Prohibited < MiniDefender::Rule
+  def self.signature
+    'prohibited'
+  end
+
+  def passes?(attribute, value, validator)
+    value.blank?
+  end
+
+  def message(attribute, value, validator)
+    "This field is prohibited."
+  end
+end

data/lib/mini_defender/rules/prohibited_if.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::ProhibitedIf < MiniDefender::Rule
+  def initialize(target, value)
+    raise ArgumentError, 'Target must be a string' unless target.is_a?(String)
+
+    @target = target
+    @value = value
+  end
+
+  def self.signature
+    'prohibited_if'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Target and expected value are required.' unless args.length == 2
+
+    self.new(args[0], args[1])
+  end
+
+  def active?(validator)
+    validator.data.key?(@target) && validator.data[@target] == @value
+  end
+
+  def passes?(attribute, value, validator)
+    value.blank?
+  end
+
+  def message(attribute, value, validator)
+    "This field is prohibited."
+  end
+end

data/lib/mini_defender/rules/prohibited_unless.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::ProhibitedUnless < MiniDefender::Rule
+  def initialize(target, value)
+    raise ArgumentError, 'Target must be a string' unless target.is_a?(String)
+
+    @target = target
+    @value = value
+  end
+
+  def self.signature
+    'prohibited_unless'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Target and expected value are required.' unless args.length == 2
+
+    self.new(args[0], args[1])
+  end
+
+  def active?(validator)
+    validator.data.key?(@target) && validator.data[@target] != @value
+  end
+
+  def passes?(attribute, value, validator)
+    value.blank?
+  end
+
+  def message(attribute, value, validator)
+    "This field is prohibited."
+  end
+end

data/lib/mini_defender/rules/regex.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::Regex < MiniDefender::Rule
+  def initialize(pattern)
+    raise ArgumentError, 'Expected a Regexp instance.' unless pattern.is_a?(Regexp)
+
+    @pattern = pattern
+  end
+
+  def self.signature
+    'regex'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected a pattern as input.' unless args.length == 1
+
+    new(Regexp.compile(args[0]))
+  end
+
+  def passes?(attribute, value, validator)
+    value.to_s.match?(@pattern)
+  end
+
+  def message(attribute, value, validator)
+    "The value must match #{@pattern.to_s}."
+  end
+end

data/lib/mini_defender/rules/required.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require 'action_dispatch'
+
+class MiniDefender::Rules::Required < MiniDefender::Rule
+  def self.signature
+    'required'
+  end
+
+  def implicit?(validator)
+    true
+  end
+
+  def passes?(attribute, value, validator)
+    case value
+    when nil
+      false
+    when String
+      value.strip.length > 0
+    when Enumerable
+      value.length > 0
+    when ActionDispatch::Http::UploadedFile
+      value.path && value.path.length > 0 && value.size > 0
+    else
+      true
+    end
+  end
+
+  def message(attribute, value, validator)
+    "This field is required."
+  end
+end

data/lib/mini_defender/rules/required_if.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require_relative 'required'
+
+class MiniDefender::Rules::RequiredIf < MiniDefender::Rules::Required
+  def initialize(target, value)
+    raise ArgumentError, 'Target must be a string' unless target.is_a?(String)
+
+    @target = target
+    @value = value
+  end
+
+  def self.signature
+    'required_if'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Target and expected value are required.' unless args.length == 2
+
+    self.new(args[0], args[1])
+  end
+
+  def implicit?(validator)
+    validator.data.key?(@target) && validator.data[@target] == @value
+  end
+end

data/lib/mini_defender/rules/required_unless.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require_relative 'required'
+
+class MiniDefender::Rules::RequiredUnless < MiniDefender::Rules::Required
+  def initialize(target, value)
+    raise ArgumentError, 'Target must be a string' unless target.is_a?(String)
+
+    @target = target
+    @value = value
+  end
+
+  def self.signature
+    'required_unless'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Target and expected value are required.' unless args.length == 2
+
+    self.new(args[0], args[1])
+  end
+
+  def implicit?(validator)
+    validator.data.key?(@target) && validator.data[@target] != @value
+  end
+end

data/lib/mini_defender/rules/required_with.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require_relative 'required'
+
+class MiniDefender::Rules::RequiredWith < MiniDefender::Rules::Required
+  def initialize(targets)
+    unless targets.is_a?(Array) && targets.all?{ |t| t.is_a?(String) }
+      raise ArgumentError, 'Expected an array of strings.'
+    end
+
+    @targets = targets
+  end
+
+  def self.signature
+    'required_with'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected at least one argument.' unless args.length >= 1
+
+    self.new(args)
+  end
+
+  def implicit?(validator)
+    @targets.any? { |t| validator.data.key?(t) }
+  end
+end

data/lib/mini_defender/rules/required_with_all.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require_relative 'required'
+
+class MiniDefender::Rules::RequiredWithAll < MiniDefender::Rules::Required
+  def initialize(targets)
+    unless targets.is_a?(Array) && targets.all?{ |t| t.is_a?(String) }
+      raise ArgumentError, 'Expected an array of strings.'
+    end
+
+    @targets = targets
+  end
+
+  def self.signature
+    'required_with_all'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected at least one argument.' unless args.length >= 1
+
+    self.new(args)
+  end
+
+  def implicit?(validator)
+    @targets.all? { |t| validator.data.key?(t) }
+  end
+end

data/lib/mini_defender/rules/required_without.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require_relative 'required'
+
+class MiniDefender::Rules::RequiredWithout < MiniDefender::Rules::Required
+  def initialize(targets)
+    unless targets.is_a?(Array) && targets.all?{ |t| t.is_a?(String) }
+      raise ArgumentError, 'Expected an array of strings.'
+    end
+
+    @targets = targets
+  end
+
+  def self.signature
+    'required_without'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected at least one argument.' unless args.length >= 1
+
+    self.new(args)
+  end
+
+  def implicit?(validator)
+    !@targets.any? { |t| validator.data.key?(t) }
+  end
+end

data/lib/mini_defender/rules/required_without_all.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require_relative 'required'
+
+class MiniDefender::Rules::RequiredWithoutAll < MiniDefender::Rules::Required
+  def initialize(targets)
+    unless targets.is_a?(Array) && targets.all?{ |t| t.is_a?(String) }
+      raise ArgumentError, 'Expected an array of strings.'
+    end
+
+    @targets = targets
+  end
+
+  def self.signature
+    'required_without_all'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected at least one argument.' unless args.length >= 1
+
+    self.new(args)
+  end
+
+  def implicit?(validator)
+    @targets.none? { |t| validator.data.key?(t) }
+  end
+end

data/lib/mini_defender/rules/size.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require 'action_dispatch'
+
+class MiniDefender::Rules::Size < MiniDefender::Rule
+  def initialize(size)
+    raise ArgumentError, 'Size must be an integer.' unless size.is_a?(Integer)
+
+    @size = size
+  end
+
+  def self.signature
+    'size'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected exactly one argument.' unless args.length == 1
+
+    self.new(args[0].to_i)
+  end
+
+  def passes?(attribute, value, validator)
+    case value
+    when String, Array, Hash
+      value.length == @size
+    when ActionDispatch::Http::UploadedFile
+      value.size == @size
+    when Numeric
+      value == @size
+    else
+      false
+    end
+  end
+
+  def message(attribute, value, validator)
+    case value
+    when ActionDispatch::Http::UploadedFile
+      "The file size must be equal to #{@size} bytes."
+    when Numeric
+      "The value must be equal to #{@size}."
+    else
+      "The value length must be equal to #{@size}."
+    end
+  end
+end

data/lib/mini_defender/rules/starting_with.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::StartingWith < MiniDefender::Rule
+  def initialize(fragments)
+    unless fragments.is_a?(Array) && !fragments.empty? && fragments.all? { |f| f.is_a?(String) }
+      raise ArgumentError, 'Expected an array of strings.'
+    end
+
+    @fragments = fragments
+  end
+
+  def self.signature
+    'starting_with'
+  end
+
+  def self.make(args)
+    new(args)
+  end
+
+  def passes?(attribute, value, validator)
+    @fragments.any? { |f| value.to_s.start_with?(f) }
+  end
+
+  def message(attribute, value, validator)
+    if @fragments.length == 1
+      "The value should start with #{@fragments[0]}."
+    else
+      "The value should start with one of the following #{@fragments.join(', ')}."
+    end
+  end
+end

data/lib/mini_defender/rules/string.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::String < MiniDefender::Rule
+  def self.signature
+    'string'
+  end
+
+  def passes?(attribute, value, validator)
+    value.is_a?(String)
+  end
+
+  def message(attribute, value, validator)
+    "The value must be a string."
+  end
+end

data/lib/mini_defender/rules/timezone.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'tzinfo'
+
+class MiniDefender::Rules::Timezone < MiniDefender::Rule
+  def self.signature
+    'timezone'
+  end
+
+  def passes?(attribute, value, validator)
+    value.is_a?(String) && !!TZInfo::Timezone.get(value)
+  rescue TZInfo::InvalidTimezoneIdentifier
+    false
+  end
+
+  def message(attribute, value, validator)
+    'The field should contain a valid time zone value.'
+  end
+end

data/lib/mini_defender/rules/unique.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::Unique < MiniDefender::Rule
+  def initialize(model, column)
+    raise ArgumentError, 'model name must be a string or ActiveRecord::Base' unless model.is_a?(String)
+    raise ArgumentError, 'Column name must be a string' unless column.is_a?(String)
+
+    @model = model.camelcase.constantize
+    @column = column
+    @ignore = nil
+  end
+
+  def self.signature
+    'unique'
+  end
+
+  def should_ignore(value)
+    @ignore = value
+    self
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Model and column are required.' unless args.length == 2
+
+    self.new(args[0], args[1])
+  end
+
+  def passes?(attribute, value, validator)
+    query = @model.where(@column => value)
+    query = query.where.not(@column, @ignore) unless @ignore.nil?
+    query.exists?
+  end
+
+  def message(attribute, value, validator)
+    "The value already exists."
+  end
+end

data/lib/mini_defender/rules/url.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'uri'
+
+class MiniDefender::Rules::Url < MiniDefender::Rule
+  def self.signature
+    'url'
+  end
+
+  def passes?(attribute, value, validator)
+    value.is_a?(String) && URI.regexp(%w[http https]).match?(value)
+  end
+
+  def message(attribute, value, validator)
+    'The field must contain a valid URL.'
+  end
+end

data/lib/mini_defender/rules/uuid.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+class MiniDefender::Rules::Uuid < MiniDefender::Rule
+  def initialize(version = nil)
+    raise ArgumentError, 'Expected version to be an integer or nil' unless version.nil? || version.is_a?(Integer)
+
+    @version = version
+  end
+
+  def self.signature
+    'uuid'
+  end
+
+  def self.make(args)
+    raise ArgumentError, 'Expected exactly one or zero argument' unless args.length <= 1
+
+    new(args[0]&.to_i)
+  end
+
+  def coerce(value)
+    value.downcase
+  end
+
+  def passes?(attribute, value, validator)
+    value.is_a?(String) &&
+      /^\h{8}-(\h{4}-){3}\h{12}$/i.match?(value) &&
+      (@version.nil? || value[14].to_i(16) == @version)
+  end
+
+  def message(attribute, value, validator)
+    if @version
+      "The value should be a valid UUID v#{@version}."
+    else
+      'The value should be a valid UUID.'
+    end
+  end
+end

data/lib/mini_defender/rules.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module MiniDefender::Rules
+end
+
+Dir["#{__dir__}/rules/*.rb"].each do |path|
+    require_relative path
+end

data/lib/mini_defender/rules_expander.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal
+
+module MiniDefender
+  class RulesExpander
+    # @param [Hash] rules
+    # @param [Hash] flat_data
+    # @return [Hash]
+    def expand(rules, flat_data)
+      rules
+        .map { |k, v| [Regexp.compile('\A' + k.gsub(/\*/, '\d+') + '\Z'), v] }.to_h
+        .map { |p, set|
+          data_rules = flat_data.filter { |k, _| p.match? k }.map { |k, _| [k, set] }
+          data_rules.length > 0 ? data_rules : [[p.source.gsub(/\\[AZ]/, '').gsub('\d+', '0'), set]]
+        }
+        .flatten(1)
+        .to_h
+    end
+  end
+end