mistiq 0.0.4 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/lib/mistiq/base.rb +84 -2
- metadata +2 -3
- data/lib/mistiq/security.rb +0 -86
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
MGNmMDkwNmFjNDA3ZThhYmJhYThkMmMzM2VjOWJkMDdiOTQyMzk0MA==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
N2FlYTQ5OGUwMmIzMjk4MzRkMjNhNzI3Y2M0YzBlNTdkMDkxYTAxZQ==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
NDhiYTkyN2YzNzNiNTQ0NDk2ZjQzNDk5YjdhNzY5MDBlNjZmNDY1OWQ0YWFi
|
10
|
+
MzY0NWFkYTZlMmM0MTVlMGNkZTkxZDMxMjdiNmQ1NzU5NmY3ZWFkNDQ1ZWQ5
|
11
|
+
ZTEzZDIzOGJlNDIzOWY5YWM5Nzk3NjZmNWUyY2RhY2ZiNzc2NWM=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
MzlhYzgzZjM4NDkzZTk4YWIyYWViMjA4NDNmMjhmZDY0MzlkYzAxZGJmNzg2
|
14
|
+
NjI2YzY5OWU2YjhmZGE1YzI2NTI2OTA1NTUxZjMyNWEwZWM1ODQ2NGE2Zjc1
|
15
|
+
MGE5ZTkyOTc1NzUwMmRlYTI3MGM3NWJkMTUwZmUyNTllYzJjMzc=
|
data/lib/mistiq/base.rb
CHANGED
@@ -1,4 +1,86 @@
|
|
1
1
|
module Mistiq
|
2
|
-
|
3
|
-
|
2
|
+
def self.included(base)
|
3
|
+
#base.send(:before_filter, :set_guard_on)
|
4
|
+
#base.send(:after_filter, :set_guard_on)
|
5
|
+
end
|
6
|
+
|
7
|
+
def initialize
|
8
|
+
super
|
9
|
+
@mode_class = self.class
|
10
|
+
#create hash of keys and condition/consequence pairs
|
11
|
+
@@rules = Hash.new
|
12
|
+
#keep a counter and use it as a key for the hash
|
13
|
+
@@count = 0
|
14
|
+
|
15
|
+
#initialize the env variable
|
16
|
+
#that will store the regex for
|
17
|
+
#stripping out links
|
18
|
+
@@redact_hash = Hash.new
|
19
|
+
|
20
|
+
ENV['REGEX'] = ''
|
21
|
+
|
22
|
+
puts "Security module has been initialized"
|
23
|
+
end
|
24
|
+
|
25
|
+
#checks every time the application runs
|
26
|
+
#whether any of the rules is true and applies
|
27
|
+
#the specified action
|
28
|
+
def set_guard_on
|
29
|
+
puts "Guard is on"
|
30
|
+
|
31
|
+
current_controller = params[:controller]
|
32
|
+
current_action = params[:action]
|
33
|
+
|
34
|
+
#for each rule check
|
35
|
+
#if the condition is true
|
36
|
+
@@rules.each{
|
37
|
+
|k,pair|
|
38
|
+
if(pair[0])
|
39
|
+
#disable the specified controller's action/view
|
40
|
+
pair_array = pair[1].split('#')
|
41
|
+
|
42
|
+
#only disable view if the current controller
|
43
|
+
#and view are the ones that need to be disabled
|
44
|
+
if(current_controller == pair_array[0] && current_action == pair_array[1])
|
45
|
+
disable(pair_array[0],pair_array[1],pair[2])
|
46
|
+
else
|
47
|
+
disable_action(pair_array[0],pair_array[1])
|
48
|
+
end
|
49
|
+
end
|
50
|
+
}
|
51
|
+
end
|
52
|
+
|
53
|
+
#add a new rule to look out for
|
54
|
+
#takes in an optional parameter for the view to
|
55
|
+
#be rendered in place of the current one
|
56
|
+
def set_guard_rule(condition, consequence, alternate_view='denied')
|
57
|
+
pair = [condition,consequence,alternate_view]
|
58
|
+
@@rules["#{@@count+=1}"] = pair
|
59
|
+
|
60
|
+
puts "New rule has been added: #{consequence}, render #{alternate_view}"
|
61
|
+
end
|
62
|
+
|
63
|
+
private
|
64
|
+
|
65
|
+
#disable both the view and the action (links for the action in other views)
|
66
|
+
def disable(controller,action,alternate_view)
|
67
|
+
disable_view(controller,action,alternate_view)
|
68
|
+
disable_action(controller,action)
|
69
|
+
end
|
70
|
+
|
71
|
+
#disable the view when url is requested
|
72
|
+
def disable_view(controller,action,alternate_view)
|
73
|
+
render :text => action, :layout => alternate_view
|
74
|
+
puts "Disabled view for action #{action}, controller #{controller}"
|
75
|
+
end
|
76
|
+
|
77
|
+
#disable the specified action in the controller
|
78
|
+
#by removing the links from the rendered HTML and by
|
79
|
+
#disabling the action in the model
|
80
|
+
def disable_action(controller,action)
|
81
|
+
to_disable = "#{controller}##{action}"
|
82
|
+
ENV['REGEX'] += LINK_REGEX_HASH[to_disable]+"@@@"
|
83
|
+
puts "Removed links for action #{action}, controller #{controller}"
|
84
|
+
#TODO: should also disable ACTUAL action in the model
|
85
|
+
end
|
4
86
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mistiq
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrei Papancea
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-
|
11
|
+
date: 2013-11-05 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Dynamically restrict access to your Rails application
|
14
14
|
email: alp2200@columbia.edu
|
@@ -20,7 +20,6 @@ files:
|
|
20
20
|
- lib/mistiq.rb
|
21
21
|
- lib/mistiq/base.rb
|
22
22
|
- lib/mistiq/redactor.rb
|
23
|
-
- lib/mistiq/security.rb
|
24
23
|
- bin/mistiq
|
25
24
|
- bin/rails/init.rb
|
26
25
|
- test/test_mistiq.rb
|
data/lib/mistiq/security.rb
DELETED
@@ -1,86 +0,0 @@
|
|
1
|
-
module Security
|
2
|
-
def self.included(base)
|
3
|
-
#base.send(:before_filter, :set_guard_on)
|
4
|
-
#base.send(:after_filter, :set_guard_on)
|
5
|
-
end
|
6
|
-
|
7
|
-
def initialize
|
8
|
-
super
|
9
|
-
@mode_class = self.class
|
10
|
-
#create hash of keys and condition/consequence pairs
|
11
|
-
@@rules = Hash.new
|
12
|
-
#keep a counter and use it as a key for the hash
|
13
|
-
@@count = 0
|
14
|
-
|
15
|
-
#initialize the env variable
|
16
|
-
#that will store the regex for
|
17
|
-
#stripping out links
|
18
|
-
@@redact_hash = Hash.new
|
19
|
-
|
20
|
-
ENV['REGEX'] = ''
|
21
|
-
|
22
|
-
puts "Security module has been initialized"
|
23
|
-
end
|
24
|
-
|
25
|
-
#checks every time the application runs
|
26
|
-
#whether any of the rules is true and applies
|
27
|
-
#the specified action
|
28
|
-
def set_guard_on
|
29
|
-
puts "Guard is on"
|
30
|
-
|
31
|
-
current_controller = params[:controller]
|
32
|
-
current_action = params[:action]
|
33
|
-
|
34
|
-
#for each rule check
|
35
|
-
#if the condition is true
|
36
|
-
@@rules.each{
|
37
|
-
|k,pair|
|
38
|
-
if(pair[0])
|
39
|
-
#disable the specified controller's action/view
|
40
|
-
pair_array = pair[1].split('#')
|
41
|
-
|
42
|
-
#only disable view if the current controller
|
43
|
-
#and view are the ones that need to be disabled
|
44
|
-
if(current_controller == pair_array[0] && current_action == pair_array[1])
|
45
|
-
disable(pair_array[0],pair_array[1],pair[2])
|
46
|
-
else
|
47
|
-
disable_action(pair_array[0],pair_array[1])
|
48
|
-
end
|
49
|
-
end
|
50
|
-
}
|
51
|
-
end
|
52
|
-
|
53
|
-
#add a new rule to look out for
|
54
|
-
#takes in an optional parameter for the view to
|
55
|
-
#be rendered in place of the current one
|
56
|
-
def set_guard_rule(condition, consequence, alternate_view='denied')
|
57
|
-
pair = [condition,consequence,alternate_view]
|
58
|
-
@@rules["#{@@count+=1}"] = pair
|
59
|
-
|
60
|
-
puts "New rule has been added: #{consequence}, render #{alternate_view}"
|
61
|
-
end
|
62
|
-
|
63
|
-
private
|
64
|
-
|
65
|
-
#disable both the view and the action (links for the action in other views)
|
66
|
-
def disable(controller,action,alternate_view)
|
67
|
-
disable_view(controller,action,alternate_view)
|
68
|
-
disable_action(controller,action)
|
69
|
-
end
|
70
|
-
|
71
|
-
#disable the view when url is requested
|
72
|
-
def disable_view(controller,action,alternate_view)
|
73
|
-
render :text => action, :layout => alternate_view
|
74
|
-
puts "Disabled view for action #{action}, controller #{controller}"
|
75
|
-
end
|
76
|
-
|
77
|
-
#disable the specified action in the controller
|
78
|
-
#by removing the links from the rendered HTML and by
|
79
|
-
#disabling the action in the model
|
80
|
-
def disable_action(controller,action)
|
81
|
-
to_disable = "#{controller}##{action}"
|
82
|
-
ENV['REGEX'] += LINK_REGEX_HASH[to_disable]+"@@@"
|
83
|
-
puts "Removed links for action #{action}, controller #{controller}"
|
84
|
-
#TODO: should also disable ACTUAL action in the model
|
85
|
-
end
|
86
|
-
end
|