mistiq 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/bin/mistiq +1 -2
- data/lib/mistiq.rb +2 -1
- data/lib/mistiq/redactor.rb +29 -0
- data/lib/mistiq/security.rb +86 -0
- metadata +19 -3
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
N2ViOTRmYTg2NjU3YjRlOTU5ODRkODQwMjBmZjA2NzQ0Yjg5ZmIzZA==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
NTU1ODUyMGE0MjNjZDJlM2JiZjA5ZGU5MDIxZGRjMDkxZjQyYjljOQ==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
MmMyZGI4ZjBkNzdlNGVkYmU3ZjI1ZTZhZjMxYzAwMzhiNzg4YjdjY2VhMzNj
|
10
|
+
Y2M4OGFhYjFhZjI1YjRlZTE4YjVlZTE3MzE4ZDBjMTRmNTYxOTJmYjRlOGNh
|
11
|
+
YWI5YjE4MjE4ZTc2MDMwZDg1YzVkYjBlNWQzODFjNDc5MmI1NjM=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
YjJhZDg4NGE4YWY4ZjM1ZDg3Yzc3ZGM1OWY0NGE4NjdjNzkwYTQ2NjAxYTM3
|
14
|
+
NmMzMjNjM2VmMzNmZWI1NDdjMTE4NGRjNGVkNDU0NWM1NGYwMDQ2YjliM2Q0
|
15
|
+
NDkyMDYwMWE1MTcwMDA2OWQ3OWFiZWQ0NzUyYjhhOGU1YjJlNjg=
|
data/bin/mistiq
CHANGED
data/lib/mistiq.rb
CHANGED
@@ -1 +1,2 @@
|
|
1
|
-
require 'mistiq/base'
|
1
|
+
require 'mistiq/base'
|
2
|
+
require 'mistiq/security'
|
@@ -0,0 +1,29 @@
|
|
1
|
+
class LinkRedactor
|
2
|
+
def initialize(app)
|
3
|
+
@app = app
|
4
|
+
end
|
5
|
+
|
6
|
+
def call(env)
|
7
|
+
status, headers, response = @app.call(env)
|
8
|
+
|
9
|
+
#if the current file is an HTML document
|
10
|
+
if headers != nil && headers["Content-Type"] != nil && (headers["Content-Type"].include? "text/html")
|
11
|
+
regex = ENV['REGEX'].split("@@@")
|
12
|
+
body = response.body
|
13
|
+
|
14
|
+
regex.each {
|
15
|
+
|r|
|
16
|
+
temp = body.gsub(/#{r}/,"Redacted")
|
17
|
+
if temp != nil
|
18
|
+
body = temp
|
19
|
+
end
|
20
|
+
}
|
21
|
+
|
22
|
+
#rebuild response
|
23
|
+
response = Rack::Response.new(body,status,headers)
|
24
|
+
response.finish
|
25
|
+
else
|
26
|
+
[status, headers, response]
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
module Security
|
2
|
+
def self.included(base)
|
3
|
+
#base.send(:before_filter, :set_guard_on)
|
4
|
+
#base.send(:after_filter, :set_guard_on)
|
5
|
+
end
|
6
|
+
|
7
|
+
def initialize
|
8
|
+
super
|
9
|
+
@mode_class = self.class
|
10
|
+
#create hash of keys and condition/consequence pairs
|
11
|
+
@@rules = Hash.new
|
12
|
+
#keep a counter and use it as a key for the hash
|
13
|
+
@@count = 0
|
14
|
+
|
15
|
+
#initialize the env variable
|
16
|
+
#that will store the regex for
|
17
|
+
#stripping out links
|
18
|
+
@@redact_hash = Hash.new
|
19
|
+
|
20
|
+
ENV['REGEX'] = ''
|
21
|
+
|
22
|
+
puts "Security module has been initialized"
|
23
|
+
end
|
24
|
+
|
25
|
+
#checks every time the application runs
|
26
|
+
#whether any of the rules is true and applies
|
27
|
+
#the specified action
|
28
|
+
def set_guard_on
|
29
|
+
puts "Guard is on"
|
30
|
+
|
31
|
+
current_controller = params[:controller]
|
32
|
+
current_action = params[:action]
|
33
|
+
|
34
|
+
#for each rule check
|
35
|
+
#if the condition is true
|
36
|
+
@@rules.each{
|
37
|
+
|k,pair|
|
38
|
+
if(pair[0])
|
39
|
+
#disable the specified controller's action/view
|
40
|
+
pair_array = pair[1].split('#')
|
41
|
+
|
42
|
+
#only disable view if the current controller
|
43
|
+
#and view are the ones that need to be disabled
|
44
|
+
if(current_controller == pair_array[0] && current_action == pair_array[1])
|
45
|
+
disable(pair_array[0],pair_array[1],pair[2])
|
46
|
+
else
|
47
|
+
disable_action(pair_array[0],pair_array[1])
|
48
|
+
end
|
49
|
+
end
|
50
|
+
}
|
51
|
+
end
|
52
|
+
|
53
|
+
#add a new rule to look out for
|
54
|
+
#takes in an optional parameter for the view to
|
55
|
+
#be rendered in place of the current one
|
56
|
+
def set_guard_rule(condition, consequence, alternate_view='denied')
|
57
|
+
pair = [condition,consequence,alternate_view]
|
58
|
+
@@rules["#{@@count+=1}"] = pair
|
59
|
+
|
60
|
+
puts "New rule has been added: #{consequence}, render #{alternate_view}"
|
61
|
+
end
|
62
|
+
|
63
|
+
private
|
64
|
+
|
65
|
+
#disable both the view and the action (links for the action in other views)
|
66
|
+
def disable(controller,action,alternate_view)
|
67
|
+
disable_view(controller,action,alternate_view)
|
68
|
+
disable_action(controller,action)
|
69
|
+
end
|
70
|
+
|
71
|
+
#disable the view when url is requested
|
72
|
+
def disable_view(controller,action,alternate_view)
|
73
|
+
render :text => action, :layout => alternate_view
|
74
|
+
puts "Disabled view for action #{action}, controller #{controller}"
|
75
|
+
end
|
76
|
+
|
77
|
+
#disable the specified action in the controller
|
78
|
+
#by removing the links from the rendered HTML and by
|
79
|
+
#disabling the action in the model
|
80
|
+
def disable_action(controller,action)
|
81
|
+
to_disable = "#{controller}##{action}"
|
82
|
+
ENV['REGEX'] += LINK_REGEX_HASH[to_disable]+"@@@"
|
83
|
+
puts "Removed links for action #{action}, controller #{controller}"
|
84
|
+
#TODO: should also disable ACTUAL action in the model
|
85
|
+
end
|
86
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mistiq
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrei Papancea
|
@@ -9,8 +9,22 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
date: 2013-10-03 00:00:00.000000000 Z
|
12
|
-
dependencies:
|
13
|
-
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: cancan
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ! '>='
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ! '>='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
description: Dynamically restrict access to your Rails application
|
14
28
|
email: alp2200@columbia.edu
|
15
29
|
executables: []
|
16
30
|
extensions: []
|
@@ -19,6 +33,8 @@ files:
|
|
19
33
|
- Rakefile
|
20
34
|
- lib/mistiq.rb
|
21
35
|
- lib/mistiq/base.rb
|
36
|
+
- lib/mistiq/redactor.rb
|
37
|
+
- lib/mistiq/security.rb
|
22
38
|
- bin/mistiq
|
23
39
|
- test/test_mistiq.rb
|
24
40
|
homepage:
|