mistiq 0.0.2 → 0.0.3

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    ZDBiNTkyZjZmOWYzZThmODc4NGNkMmVmNmQxYmVmMmI0NzU4ODBkYg==
+    N2ViOTRmYTg2NjU3YjRlOTU5ODRkODQwMjBmZjA2NzQ0Yjg5ZmIzZA==
   data.tar.gz: !binary |-
-    ZTI3OTM2MzEzYzI4Mjc2NTQ4ZGNjNWJiN2VkOWI4MTc3MmZlYzI0OQ==
+    NTU1ODUyMGE0MjNjZDJlM2JiZjA5ZGU5MDIxZGRjMDkxZjQyYjljOQ==
 SHA512:
   metadata.gz: !binary |-
-    MTVlM2NhMDk1MzA0MTE3ODA3MTMzZjE5NmI5ODViYTJkMTZiYWM4MjRmZmY0
-    OTZmOWJhOTVkMjMyYjljOWU3YWZhNTkxNjhmMTJmM2Y5N2VlZDc0MmFmMTI3
-    NTRiODYyOWRmNjgzZTNlMDBjNTg2YTEyNWE1Y2VlNTIwNTc0YzA=
+    MmMyZGI4ZjBkNzdlNGVkYmU3ZjI1ZTZhZjMxYzAwMzhiNzg4YjdjY2VhMzNj
+    Y2M4OGFhYjFhZjI1YjRlZTE4YjVlZTE3MzE4ZDBjMTRmNTYxOTJmYjRlOGNh
+    YWI5YjE4MjE4ZTc2MDMwZDg1YzVkYjBlNWQzODFjNDc5MmI1NjM=
   data.tar.gz: !binary |-
-    NGM4YTViMTU0ZGJjZGNjZmNhOTY3M2M2MzE5ODJlNzFiOGM2MjViMDYwMmY3
-    ZTkyMWY5OTA4MWY1NmI0ZWM1OGQwMzk2N2JiMDU2YzlmY2UxODRjMjYzNzlk
-    ZmU4OWIxZWExYTUxYWJlZGI4NTNjOGE2Zjg1YzdiYTkyM2MxZjE=
+    YjJhZDg4NGE4YWY4ZjM1ZDg3Yzc3ZGM1OWY0NGE4NjdjNzkwYTQ2NjAxYTM3
+    NmMzMjNjM2VmMzNmZWI1NDdjMTE4NGRjNGVkNDU0NWM1NGYwMDQ2YjliM2Q0
+    NDkyMDYwMWE1MTcwMDA2OWQ3OWFiZWQ0NzUyYjhhOGU1YjJlNjg=

data/bin/mistiq

@@ -1,4 +1,3 @@
 #!/usr/bin/env ruby
 
-require 'mistiq'
-puts Mistiq.hi(ARGV[0])
+require 'mistiq'

data/lib/mistiq.rb

@@ -1 +1,2 @@
-require 'mistiq/base'
+require 'mistiq/base'
+require 'mistiq/security'

data/lib/mistiq/redactor.rb

@@ -0,0 +1,29 @@
+class LinkRedactor  
+  def initialize(app)  
+    @app = app
+  end  
+
+  def call(env)
+	status, headers, response = @app.call(env)
+	
+	#if the current file is an HTML document
+	if headers != nil && headers["Content-Type"] != nil && (headers["Content-Type"].include? "text/html")		
+		regex = ENV['REGEX'].split("@@@")
+		body = response.body
+		
+		regex.each {
+			|r|			
+			temp = body.gsub(/#{r}/,"Redacted")
+			if temp != nil
+				body = temp
+			end
+		}
+
+		#rebuild response
+		response = Rack::Response.new(body,status,headers)
+		response.finish
+	else
+		[status, headers, response]
+	end
+  end  
+end

data/lib/mistiq/security.rb

@@ -0,0 +1,86 @@
+module Security
+	def self.included(base)
+		#base.send(:before_filter, :set_guard_on)
+		#base.send(:after_filter, :set_guard_on)
+	end
+	
+	def initialize
+		super
+		@mode_class = self.class
+		#create hash of keys and condition/consequence pairs
+		@@rules = Hash.new
+		#keep a counter and use it as a key for the hash
+		@@count = 0
+		
+		#initialize the env variable
+		#that will store the regex for
+		#stripping out links
+		@@redact_hash = Hash.new
+		
+		ENV['REGEX'] = ''
+		
+		puts "Security module has been initialized"
+	end
+	
+	#checks every time the application runs
+	#whether any of the rules is true and applies
+	#the specified action
+	def set_guard_on
+		puts "Guard is on"
+		
+		current_controller = params[:controller]
+		current_action = params[:action]
+		
+		#for each rule check
+		#if the condition is true
+		@@rules.each{
+			|k,pair|
+			if(pair[0])
+				#disable the specified controller's action/view
+				pair_array = pair[1].split('#')
+				
+				#only disable view if the current controller
+				#and view are the ones that need to be disabled
+				if(current_controller == pair_array[0] && current_action == pair_array[1])
+					disable(pair_array[0],pair_array[1],pair[2])
+				else
+					disable_action(pair_array[0],pair_array[1])
+				end
+			end
+		}
+	end
+	
+	#add a new rule to look out for
+	#takes in an optional parameter for the view to
+	#be rendered in place of the current one
+	def set_guard_rule(condition, consequence, alternate_view='denied')	
+		pair = [condition,consequence,alternate_view]
+		@@rules["#{@@count+=1}"] = pair
+		
+		puts "New rule has been added: #{consequence}, render #{alternate_view}"
+	end
+	
+	private
+	
+	#disable both the view and the action (links for the action in other views)
+	def disable(controller,action,alternate_view)
+		disable_view(controller,action,alternate_view)
+		disable_action(controller,action)
+	end
+	
+	#disable the view when url is requested
+	def disable_view(controller,action,alternate_view)
+		render :text => action, :layout => alternate_view
+		puts "Disabled view for action #{action}, controller #{controller}"
+	end
+	
+	#disable the specified action in the controller
+	#by removing the links from the rendered HTML and by
+	#disabling the action in the model
+	def disable_action(controller,action)
+		to_disable = "#{controller}##{action}"
+		ENV['REGEX'] += LINK_REGEX_HASH[to_disable]+"@@@"
+		puts "Removed links for action #{action}, controller #{controller}"
+		#TODO: should also disable ACTUAL action in the model
+	end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mistiq
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Andrei Papancea
@@ -9,8 +9,22 @@ autorequire:
 bindir: bin
 cert_chain: []
 date: 2013-10-03 00:00:00.000000000 Z
-dependencies: []
-description: A simple hello world gem
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: cancan
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Dynamically restrict access to your Rails application
 email: alp2200@columbia.edu
 executables: []
 extensions: []
@@ -19,6 +33,8 @@ files:
 - Rakefile
 - lib/mistiq.rb
 - lib/mistiq/base.rb
+- lib/mistiq/redactor.rb
+- lib/mistiq/security.rb
 - bin/mistiq
 - test/test_mistiq.rb
 homepage: