obfuscate_id 0.0.1 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -1,10 +1,12 @@
1
- # ObfuscateId
1
+ # obfuscate_id
2
+ [![Build Status](https://secure.travis-ci.org/namick/obfuscate_id.png)](http://travis-ci.org/namick/obfuscate_id) [![Dependency Status](https://gemnasium.com/namick/obfuscate_id.png)](https://gemnasium.com/namick/obfuscate_id) [![Code Climate](https://codeclimate.com/github/namick/obfuscate_id.png)](https://codeclimate.com/github/namick/obfuscate_id)
2
3
 
3
- ObfuscateId is a simple Ruby on Rails plugin that hides your seqential Active Record ids. Although having nothing to do with security, it can be used to make database record id information non-obvious.
4
+ **Make your ActiveRecord ids non-obvious**
4
5
 
5
- For new websites, you may not want to give away information about how many people are signed up. Every website has a third user, but that third user doesn't have to know he is the third user.
6
+ ![cat with sunglasses](http://i.imgur.com/kYOtUll.jpg)
6
7
 
7
- ObfuscateId turns a URL like this:
8
+
9
+ obfuscate_id turns a URL like this:
8
10
 
9
11
  http://example.com/users/3
10
12
 
@@ -12,11 +14,7 @@ into something like:
12
14
 
13
15
  http://example.com/users/2356513904
14
16
 
15
- ObfuscateId mixes up the ids in a simple, reversable hashing algorithm so that it can then automatically revert the hashed number back to 3 for record lookup without having to store a hash or tag in the database. No migrations needed.
16
-
17
- If you have the opposite problem, and your site is scaling well, you might not want to leak that you are getting 50 new posts a minute.
18
-
19
- ObfuscateId turns your sequential Active Record ids into non-sequential, random looking, numeric ids.
17
+ Sequential ActiveRecord ids become non-sequential, random looking, numeric ids.
20
18
 
21
19
  # post 7000
22
20
  http://example.com/posts/5270192353
@@ -24,13 +22,21 @@ ObfuscateId turns your sequential Active Record ids into non-sequential, random
24
22
  http://example.com/posts/7107163820
25
23
  # post 7002
26
24
  http://example.com/posts/3296163828
25
+
26
+ ## Why would you want this?
27
+
28
+ If your site is scaling well, you might not want to leak that you are getting 50 new posts a minute.
29
+
30
+ Or, for new websites, you may not want to give away how few people are signed up.
31
+
32
+ Every website has a third user, but that third user doesn't have to know he is the third user.
27
33
 
28
34
  ## Features
29
35
 
30
36
  * Extreemly simple. A single line of code in the model turns it on.
31
37
  * Transforms normal seqential ids into random-looking ten digit numerical strings.
32
38
  * Gently masks resource ids while retaining a cleaner look than using an encrypted hash.
33
- * No migrations or database changes are needed. The record is still stored in the database with its original id.
39
+ * No database changes or migrations are needed. The record is still stored in the database with its original id.
34
40
  * Fast, no heavy calculation.
35
41
 
36
42
 
@@ -44,7 +50,9 @@ Run bundler.
44
50
 
45
51
  bundle install
46
52
 
47
- Then, in your model, add a single line.
53
+ ## Usage
54
+
55
+ In your model, add a single line.
48
56
 
49
57
  class Post < ActiveRecord::Base
50
58
  obfuscate_id
@@ -58,20 +66,18 @@ If you want your obfuscated ids to be different than some other website using th
58
66
  obfuscate_id :spin => 89238723
59
67
  end
60
68
 
61
- This is also useful for making different models in the same app have different obfuscated ids.
62
-
63
69
  ## How it works
64
70
 
65
- ObfuscateId pairs each number, from 0 to 9999999999, with one and only one number in that same range. That other number is paired back to the first. This is an example of a minimal perfect hash function. Within a set of ten billion numbers, it simply maps every number to a different 10 digit number, and back again.
71
+ obfuscate_id mixes up the ids in a simple, reversable hashing algorithm so that it can then automatically revert the hashed number back to the original id for record lookup without having to store a hash or tag in the database.
72
+
73
+ Each number from 0 to 9,999,999,999 is paired with one and only one number in that same range. That other number is paired back to the first. This is an example of a minimal perfect hash function. Within a set of ten billion numbers, it simply maps every number to a different 10 digit number, and back again.
66
74
 
67
- ObfuscateId switches the plain record id to the obfuscated id in the models `to_param` method.
75
+ Plain record ids are switched to the obfuscated id in the model's `to_param` method.
68
76
 
69
- It then augments Active Record's `find` method on models that have have been initiated with the `obfuscate_id` method to quickly reverse this obfuscated id back to the plain id before building the database query. This means no migrations or changes to the database.
77
+ ActiveRecord reverses this obfuscated id back to the plain id before building the database query. This means no migrations or changes to the database. Yay!
70
78
 
71
79
  ## Limitations
72
80
 
73
- * This is not security. ObfuscateId was created to lightly mask record id numbers for the casual user. If you need to really secure your database ids (hint, you probably don't), you need to use real encryption like AES.
74
- * Works for up to ten billion database records. ObfuscateId simply maps every integer below ten billion to some other number below ten billion.
81
+ * This is not security. obfuscate_id was created to lightly mask record id numbers for the casual user. If you need to really secure your database ids (hint, you probably don't), you need to use real encryption like AES.
75
82
  * To properly generate obfuscated urls, make sure you trigger the model's `to_param` method by passing in the whole object rather than just the id; do this: `post_path(@post)` not this: `post_path(@post.id)`.
76
- * Rails uses the real id rather than `to_param` in some places. A simple view-source on a form will often show the real id. This can be avoided by taking certain precautions.
77
83
 
data/Rakefile CHANGED
@@ -20,8 +20,10 @@ RDoc::Task.new(:rdoc) do |rdoc|
20
20
  rdoc.rdoc_files.include('lib/**/*.rb')
21
21
  end
22
22
 
23
+ Bundler::GemHelper.install_tasks
23
24
 
25
+ require 'rspec/core/rake_task'
24
26
 
27
+ RSpec::Core::RakeTask.new(:spec)
25
28
 
26
- Bundler::GemHelper.install_tasks
27
-
29
+ task :default => :spec
@@ -8,19 +8,19 @@ module ObfuscateId
8
8
  self.obfuscate_id_spin = (options[:spin] || obfuscate_id_default_spin)
9
9
  end
10
10
 
11
- def self.hide(id)
12
- ScatterSwap.hash(id)
11
+ def self.hide(id, spin)
12
+ ScatterSwap.hash(id, spin)
13
13
  end
14
14
 
15
- def self.show(id)
16
- ScatterSwap.reverse_hash(id)
15
+ def self.show(id, spin)
16
+ ScatterSwap.reverse_hash(id, spin)
17
17
  end
18
18
 
19
19
 
20
20
  module ClassMethods
21
21
  def find(*args)
22
22
  if has_obfuscated_id?
23
- args[0] = ObfuscateId.show(args[0])
23
+ args[0] = ObfuscateId.show(args[0], self.obfuscate_id_spin)
24
24
  end
25
25
  super(*args)
26
26
  end
@@ -44,9 +44,18 @@ module ObfuscateId
44
44
 
45
45
  module InstanceMethods
46
46
  def to_param
47
- ObfuscateId.hide(self.id)
47
+ ObfuscateId.hide(self.id, self.class.obfuscate_id_spin)
48
48
  end
49
49
 
50
+ # Temporarily set the id to the parameterized version,
51
+ # as ActiveRecord::Persistence#reload uses self.id.
52
+ def reload(options=nil)
53
+ actual_id = self.id
54
+ self.id = to_param
55
+ super(options).tap do
56
+ self.id = actual_id
57
+ end
58
+ end
50
59
  end
51
60
  end
52
61
 
@@ -1,3 +1,3 @@
1
1
  module ObfuscateId
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.3"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: obfuscate_id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,11 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-02-12 00:00:00.000000000Z
12
+ date: 2013-03-04 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
16
- requirement: &9066640 !ruby/object:Gem::Requirement
16
+ requirement: !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ~>
@@ -21,10 +21,15 @@ dependencies:
21
21
  version: 3.2.1
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *9066640
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ~>
28
+ - !ruby/object:Gem::Version
29
+ version: 3.2.1
25
30
  - !ruby/object:Gem::Dependency
26
31
  name: sqlite3
27
- requirement: &9063100 !ruby/object:Gem::Requirement
32
+ requirement: !ruby/object:Gem::Requirement
28
33
  none: false
29
34
  requirements:
30
35
  - - ! '>='
@@ -32,10 +37,15 @@ dependencies:
32
37
  version: '0'
33
38
  type: :development
34
39
  prerelease: false
35
- version_requirements: *9063100
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ! '>='
44
+ - !ruby/object:Gem::Version
45
+ version: '0'
36
46
  - !ruby/object:Gem::Dependency
37
47
  name: rspec-rails
38
- requirement: &9061600 !ruby/object:Gem::Requirement
48
+ requirement: !ruby/object:Gem::Requirement
39
49
  none: false
40
50
  requirements:
41
51
  - - ! '>='
@@ -43,10 +53,15 @@ dependencies:
43
53
  version: '0'
44
54
  type: :development
45
55
  prerelease: false
46
- version_requirements: *9061600
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
47
62
  - !ruby/object:Gem::Dependency
48
63
  name: capybara
49
- requirement: &9058580 !ruby/object:Gem::Requirement
64
+ requirement: !ruby/object:Gem::Requirement
50
65
  none: false
51
66
  requirements:
52
67
  - - ! '>='
@@ -54,10 +69,15 @@ dependencies:
54
69
  version: '0'
55
70
  type: :development
56
71
  prerelease: false
57
- version_requirements: *9058580
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ! '>='
76
+ - !ruby/object:Gem::Version
77
+ version: '0'
58
78
  - !ruby/object:Gem::Dependency
59
79
  name: guard-rspec
60
- requirement: &9057040 !ruby/object:Gem::Requirement
80
+ requirement: !ruby/object:Gem::Requirement
61
81
  none: false
62
82
  requirements:
63
83
  - - ! '>='
@@ -65,10 +85,15 @@ dependencies:
65
85
  version: '0'
66
86
  type: :development
67
87
  prerelease: false
68
- version_requirements: *9057040
88
+ version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
90
+ requirements:
91
+ - - ! '>='
92
+ - !ruby/object:Gem::Version
93
+ version: '0'
69
94
  - !ruby/object:Gem::Dependency
70
95
  name: guard-spork
71
- requirement: &9055460 !ruby/object:Gem::Requirement
96
+ requirement: !ruby/object:Gem::Requirement
72
97
  none: false
73
98
  requirements:
74
99
  - - ! '>='
@@ -76,10 +101,29 @@ dependencies:
76
101
  version: '0'
77
102
  type: :development
78
103
  prerelease: false
79
- version_requirements: *9055460
80
- description: ObfuscateId is a simple Ruby on Rails plugin that hides your seqential
81
- Active Record ids. Although having nothing to do with security, it can be used
82
- to make database record id information non-obvious.
104
+ version_requirements: !ruby/object:Gem::Requirement
105
+ none: false
106
+ requirements:
107
+ - - ! '>='
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
110
+ - !ruby/object:Gem::Dependency
111
+ name: rb-inotify
112
+ requirement: !ruby/object:Gem::Requirement
113
+ none: false
114
+ requirements:
115
+ - - ! '>='
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ none: false
122
+ requirements:
123
+ - - ! '>='
124
+ - !ruby/object:Gem::Version
125
+ version: '0'
126
+ description: Make your ActiveRecord IDs non-obvious
83
127
  email:
84
128
  - github@nathanamick.com
85
129
  executables: []
@@ -87,14 +131,14 @@ extensions: []
87
131
  extra_rdoc_files: []
88
132
  files:
89
133
  - lib/tasks/obfuscate_id_tasks.rake
134
+ - lib/obfuscate_id.rb
135
+ - lib/obfuscate_id/version.rb
90
136
  - lib/obfuscate_id/scatter_swap.rb
91
137
  - lib/obfuscate_id/run_scatter_swap.rb
92
- - lib/obfuscate_id/version.rb
93
- - lib/obfuscate_id.rb
94
138
  - MIT-LICENSE
95
139
  - Rakefile
96
140
  - README.md
97
- homepage: ''
141
+ homepage:
98
142
  licenses: []
99
143
  post_install_message:
100
144
  rdoc_options: []
@@ -106,22 +150,16 @@ required_ruby_version: !ruby/object:Gem::Requirement
106
150
  - - ! '>='
107
151
  - !ruby/object:Gem::Version
108
152
  version: '0'
109
- segments:
110
- - 0
111
- hash: -372583255443185690
112
153
  required_rubygems_version: !ruby/object:Gem::Requirement
113
154
  none: false
114
155
  requirements:
115
156
  - - ! '>='
116
157
  - !ruby/object:Gem::Version
117
158
  version: '0'
118
- segments:
119
- - 0
120
- hash: -372583255443185690
121
159
  requirements: []
122
160
  rubyforge_project:
123
- rubygems_version: 1.8.6
161
+ rubygems_version: 1.8.23
124
162
  signing_key:
125
163
  specification_version: 3
126
- summary: A simple Rails plugin that lightly masks seqential ActiveRecord ids
164
+ summary: Mask ActiveRecord IDs
127
165
  test_files: []