obscurify_attribute 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.rspec +2 -0
- data/.rvmrc +1 -0
- data/CHANGELOG.md +3 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +38 -0
- data/README.md +34 -0
- data/Rakefile +4 -0
- data/db/.gitkeep +0 -0
- data/lib/obscurify_attribute.rb +2 -0
- data/lib/obscurify_attribute/validations.rb +46 -0
- data/lib/obscurify_attribute/version.rb +3 -0
- data/obscurify_attribute.gemspec +24 -0
- data/spec/obscurify_attribute/validations_spec.rb +79 -0
- data/spec/spec_helper.rb +35 -0
- metadata +94 -0
data/.rspec
ADDED
data/.rvmrc
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
rvm use ruby-1.9.2-p290@obscurify_attribute
|
data/CHANGELOG.md
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
obscurify_attribute (0.1.0)
|
5
|
+
activemodel (~> 3.1)
|
6
|
+
|
7
|
+
GEM
|
8
|
+
remote: http://rubygems.org/
|
9
|
+
specs:
|
10
|
+
activemodel (3.1.1)
|
11
|
+
activesupport (= 3.1.1)
|
12
|
+
builder (~> 3.0.0)
|
13
|
+
i18n (~> 0.6)
|
14
|
+
activesupport (3.1.1)
|
15
|
+
multi_json (~> 1.0)
|
16
|
+
builder (3.0.0)
|
17
|
+
diff-lcs (1.1.3)
|
18
|
+
i18n (0.6.0)
|
19
|
+
metaclass (0.0.1)
|
20
|
+
mocha (0.10.0)
|
21
|
+
metaclass (~> 0.0.1)
|
22
|
+
multi_json (1.0.3)
|
23
|
+
rspec (2.7.0)
|
24
|
+
rspec-core (~> 2.7.0)
|
25
|
+
rspec-expectations (~> 2.7.0)
|
26
|
+
rspec-mocks (~> 2.7.0)
|
27
|
+
rspec-core (2.7.1)
|
28
|
+
rspec-expectations (2.7.0)
|
29
|
+
diff-lcs (~> 1.1.2)
|
30
|
+
rspec-mocks (2.7.0)
|
31
|
+
|
32
|
+
PLATFORMS
|
33
|
+
ruby
|
34
|
+
|
35
|
+
DEPENDENCIES
|
36
|
+
mocha
|
37
|
+
obscurify_attribute!
|
38
|
+
rspec (~> 2.6)
|
data/README.md
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
# Obscurify Attribute
|
2
|
+
|
3
|
+
Obscures all sensitive attributes from showing up in the errors object for Active Records/Resources
|
4
|
+
|
5
|
+
## Install
|
6
|
+
|
7
|
+
Add the following line to your Gemfile
|
8
|
+
|
9
|
+
gem 'obscurify_attribute'
|
10
|
+
|
11
|
+
## Usage
|
12
|
+
|
13
|
+
Add the following line into your ActiveRecord (or ActiveResource) model:
|
14
|
+
|
15
|
+
class Payment < ActiveRecord::Base
|
16
|
+
include ObscurifyAttribute::Validations
|
17
|
+
|
18
|
+
# if credit_card is one of the sensitive attributes, but it should not be shown to the user...
|
19
|
+
obscurify :credit_card, :payment_information, :message => "foo bar"
|
20
|
+
end
|
21
|
+
|
22
|
+
:message is optional. It defaults to the same messages that were reported for the original attribute.
|
23
|
+
If specified, the new message will overwrite the reported array. All messages are uniqued to avoid duplicates
|
24
|
+
(since you can specify the same target attribute name for multiple source attributes)!
|
25
|
+
|
26
|
+
|
27
|
+
ObscurifyAttribute will iterate over the errors object and mask sensitive fields with a different
|
28
|
+
(user-specified) name so that they dont show up in the UI.
|
29
|
+
|
30
|
+
## Known issues
|
31
|
+
|
32
|
+
## Contribute & Dev environment
|
33
|
+
|
34
|
+
Usual fork & pull request.
|
data/Rakefile
ADDED
data/db/.gitkeep
ADDED
File without changes
|
@@ -0,0 +1,46 @@
|
|
1
|
+
module ObscurifyAttribute
|
2
|
+
module Validations
|
3
|
+
def self.included(base)
|
4
|
+
base.__send__(:extend, ::ObscurifyAttribute::Validations::ClassMethods)
|
5
|
+
base.__send__(:include, ::ObscurifyAttribute::Validations::InstanceMethods)
|
6
|
+
base.alias_method_chain(:errors, :obscured)
|
7
|
+
end
|
8
|
+
|
9
|
+
module ClassMethods
|
10
|
+
attr_reader :sensitive_attrs
|
11
|
+
|
12
|
+
def obscurify(*args)
|
13
|
+
options = args.extract_options!
|
14
|
+
args.reject!(&:blank?)
|
15
|
+
options.symbolize_keys!
|
16
|
+
options.assert_valid_keys(:message)
|
17
|
+
to_name = args.pop
|
18
|
+
raise(ArgumentError, "Should specify a second (target) attribute name") if args.empty?
|
19
|
+
args.inject(sensitive_attrs) do |h, attr|
|
20
|
+
h[attr] = {:to => to_name}.merge(options)
|
21
|
+
h
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def sensitive_attrs
|
26
|
+
@sensitive_attrs ||= {}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
module InstanceMethods
|
31
|
+
def errors_with_obscured
|
32
|
+
errors_without_obscured.tap do |result|
|
33
|
+
if !self.class.sensitive_attrs.empty? && !(result.keys & self.class.sensitive_attrs.keys).empty?
|
34
|
+
self.class.sensitive_attrs.each do |old_name, options|
|
35
|
+
new_name = options[:to]
|
36
|
+
messages = options.has_key?(:message) ? Array.wrap(options[:message]) : result[old_name]
|
37
|
+
messages.each { |error| result.add(new_name, error) }
|
38
|
+
result[old_name].clear
|
39
|
+
result[new_name].uniq!
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "obscurify_attribute/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "obscurify_attribute"
|
7
|
+
s.version = ObscurifyAttribute::VERSION
|
8
|
+
s.platform = Gem::Platform::RUBY
|
9
|
+
s.authors = ["Vijay R Aravamudhan"]
|
10
|
+
s.email = ["avijayr@gmail.com"]
|
11
|
+
s.homepage = ""
|
12
|
+
s.summary = %q{Obscures all sensitive attributes from showing up in the errors objects for Active Records/Resources}
|
13
|
+
s.description = %q{Obscures all sensitive attributes from showing up in the errors objects for Active Records/Resources}
|
14
|
+
s.homepage = "https://github.com/vraravam/obscurify_attribute"
|
15
|
+
|
16
|
+
s.add_dependency "activemodel", "~> 3.1"
|
17
|
+
|
18
|
+
s.add_development_dependency "rspec", "~> 2.6"
|
19
|
+
s.add_development_dependency "mocha"
|
20
|
+
|
21
|
+
s.files = `git ls-files`.split("\n")
|
22
|
+
s.test_files = `git ls-files -- {spec}/*`.split("\n")
|
23
|
+
s.require_paths = ["lib"]
|
24
|
+
end
|
@@ -0,0 +1,79 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe "ObscurifyAttribute::Validations" do
|
4
|
+
it "should respond to obscurify" do
|
5
|
+
ObscurifyAttributeItem.respond_to?(:obscurify).should be_true
|
6
|
+
end
|
7
|
+
|
8
|
+
it "should only allow :message as a valid key for the options hash" do
|
9
|
+
lambda {
|
10
|
+
ObscurifyAttributeItem.obscurify :first_name, :name, :messages => "blah"
|
11
|
+
}.should raise_error(ArgumentError, "Unknown key: messages")
|
12
|
+
end
|
13
|
+
|
14
|
+
it "should not allow only a single attribute name (leaving the target name blank)" do
|
15
|
+
lambda {
|
16
|
+
ObscurifyAttributeItem.obscurify :first_name
|
17
|
+
}.should raise_error(ArgumentError, "Should specify a second (target) attribute name")
|
18
|
+
end
|
19
|
+
|
20
|
+
it "should discard blank attribute names" do
|
21
|
+
lambda {
|
22
|
+
ObscurifyAttributeItem.obscurify :first_name, "", " "
|
23
|
+
}.should raise_error(ArgumentError, "Should specify a second (target) attribute name")
|
24
|
+
end
|
25
|
+
|
26
|
+
it "should allow a single attribute to be obscured" do
|
27
|
+
ObscurifyAttributeItem.obscurify :first_name, :name
|
28
|
+
|
29
|
+
obs = ObscurifyAttributeItem.new
|
30
|
+
obs.should_not be_valid
|
31
|
+
obs.errors[:first_name].should == []
|
32
|
+
obs.errors[:name].should == ["can't be blank"]
|
33
|
+
end
|
34
|
+
|
35
|
+
it "should allow multiple attributes to be obscured to different targets" do
|
36
|
+
ObscurifyAttributeItem.obscurify :first_name, :fName
|
37
|
+
ObscurifyAttributeItem.obscurify :last_name, :lName
|
38
|
+
|
39
|
+
obs = ObscurifyAttributeItem.new
|
40
|
+
obs.should_not be_valid
|
41
|
+
obs.errors[:first_name].should == []
|
42
|
+
obs.errors[:fName].should == ["can't be blank"]
|
43
|
+
obs.errors[:last_name].should == []
|
44
|
+
obs.errors[:lName].should == ["can't be blank"]
|
45
|
+
end
|
46
|
+
|
47
|
+
it "should allow multiple attributes to be obscured to the same target" do
|
48
|
+
ObscurifyAttributeItem.obscurify :first_name, :name
|
49
|
+
ObscurifyAttributeItem.obscurify :last_name, :name
|
50
|
+
|
51
|
+
obs = ObscurifyAttributeItem.new
|
52
|
+
obs.should_not be_valid
|
53
|
+
obs.errors[:first_name].should == []
|
54
|
+
obs.errors[:last_name].should == []
|
55
|
+
obs.errors[:name].should == ["can't be blank"]
|
56
|
+
end
|
57
|
+
|
58
|
+
it "should uniq the errors on the target attribute" do
|
59
|
+
ObscurifyAttributeItem.obscurify :first_name, :last_name, :name
|
60
|
+
|
61
|
+
obs = ObscurifyAttributeItem.new
|
62
|
+
obs.should_not be_valid
|
63
|
+
obs.errors[:first_name].should == []
|
64
|
+
obs.errors[:last_name].should == []
|
65
|
+
obs.errors[:name].should == ["can't be blank"]
|
66
|
+
end
|
67
|
+
|
68
|
+
it "should handle a custom message" do
|
69
|
+
ObscurifyAttributeItem.obscurify :first_name, :fName, :message => "foo"
|
70
|
+
ObscurifyAttributeItem.obscurify :last_name, :lName, :message => "bar"
|
71
|
+
|
72
|
+
obs = ObscurifyAttributeItem.new
|
73
|
+
obs.should_not be_valid
|
74
|
+
obs.errors[:first_name].should == []
|
75
|
+
obs.errors[:fName].should == ["foo"]
|
76
|
+
obs.errors[:last_name].should == []
|
77
|
+
obs.errors[:lName].should == ["bar"]
|
78
|
+
end
|
79
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
ENV["RAILS_ENV"] = "test"
|
2
|
+
|
3
|
+
require 'rubygems'
|
4
|
+
require 'bundler/setup'
|
5
|
+
require 'active_model'
|
6
|
+
require 'active_model/validations'
|
7
|
+
require 'obscurify_attribute'
|
8
|
+
|
9
|
+
RSpec.configure do |config|
|
10
|
+
config.mock_with :mocha
|
11
|
+
|
12
|
+
config.before(:each) do
|
13
|
+
class ObscurifyAttributeItem
|
14
|
+
include ::ActiveModel::Validations
|
15
|
+
include ::ObscurifyAttribute::Validations
|
16
|
+
|
17
|
+
attr_accessor :first_name, :last_name
|
18
|
+
|
19
|
+
validates_presence_of :first_name
|
20
|
+
validates_presence_of :last_name
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
config.after(:each) do
|
25
|
+
Object.send(:remove_const, :ObscurifyAttributeItem)
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def putsh(stuff)
|
30
|
+
puts "#{ERB::Util.h(stuff)}<br/>"
|
31
|
+
end
|
32
|
+
|
33
|
+
def ph(stuff)
|
34
|
+
putsh stuff.inspect
|
35
|
+
end
|
metadata
ADDED
@@ -0,0 +1,94 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: obscurify_attribute
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.2.0
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Vijay R Aravamudhan
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2011-11-20 00:00:00.000000000Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: activemodel
|
16
|
+
requirement: &2169890940 !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ~>
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '3.1'
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: *2169890940
|
25
|
+
- !ruby/object:Gem::Dependency
|
26
|
+
name: rspec
|
27
|
+
requirement: &2169890180 !ruby/object:Gem::Requirement
|
28
|
+
none: false
|
29
|
+
requirements:
|
30
|
+
- - ~>
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: '2.6'
|
33
|
+
type: :development
|
34
|
+
prerelease: false
|
35
|
+
version_requirements: *2169890180
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: mocha
|
38
|
+
requirement: &2169889640 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ! '>='
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '0'
|
44
|
+
type: :development
|
45
|
+
prerelease: false
|
46
|
+
version_requirements: *2169889640
|
47
|
+
description: Obscures all sensitive attributes from showing up in the errors objects
|
48
|
+
for Active Records/Resources
|
49
|
+
email:
|
50
|
+
- avijayr@gmail.com
|
51
|
+
executables: []
|
52
|
+
extensions: []
|
53
|
+
extra_rdoc_files: []
|
54
|
+
files:
|
55
|
+
- .rspec
|
56
|
+
- .rvmrc
|
57
|
+
- CHANGELOG.md
|
58
|
+
- Gemfile
|
59
|
+
- Gemfile.lock
|
60
|
+
- README.md
|
61
|
+
- Rakefile
|
62
|
+
- db/.gitkeep
|
63
|
+
- lib/obscurify_attribute.rb
|
64
|
+
- lib/obscurify_attribute/validations.rb
|
65
|
+
- lib/obscurify_attribute/version.rb
|
66
|
+
- obscurify_attribute.gemspec
|
67
|
+
- spec/obscurify_attribute/validations_spec.rb
|
68
|
+
- spec/spec_helper.rb
|
69
|
+
homepage: https://github.com/vraravam/obscurify_attribute
|
70
|
+
licenses: []
|
71
|
+
post_install_message:
|
72
|
+
rdoc_options: []
|
73
|
+
require_paths:
|
74
|
+
- lib
|
75
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
76
|
+
none: false
|
77
|
+
requirements:
|
78
|
+
- - ! '>='
|
79
|
+
- !ruby/object:Gem::Version
|
80
|
+
version: '0'
|
81
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
82
|
+
none: false
|
83
|
+
requirements:
|
84
|
+
- - ! '>='
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
version: '0'
|
87
|
+
requirements: []
|
88
|
+
rubyforge_project:
|
89
|
+
rubygems_version: 1.8.11
|
90
|
+
signing_key:
|
91
|
+
specification_version: 3
|
92
|
+
summary: Obscures all sensitive attributes from showing up in the errors objects for
|
93
|
+
Active Records/Resources
|
94
|
+
test_files: []
|