oxy 0.1.7 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9784707b90cf512ed97acba79d0d29d9f0070c69
4
- data.tar.gz: d7d65afac275082ca68af9c34cb4f3f5535aca28
3
+ metadata.gz: 133482c185d5c3b0b85ba9df02736fc0dc7b4f3f
4
+ data.tar.gz: 4bc927cbc1af9815462035935d5bb1987fe0399b
5
5
  SHA512:
6
- metadata.gz: da49d443e355df2bc01a9c08929e7d9d43c07ba576d500c75e75be5fe9a2a44b362260f33442c4c90b6a544ddd72ac7d4e431ed5d1491a75fdfaf1dbbd8bba77
7
- data.tar.gz: 8a853e8723e0c1779b91ad7d1bc8cb97fbea225f023d62ddc1166a4c24107f027d5c1d2cbec189fe8d533e741ff456de18ad8aabe7c8455ccc670ab26610859d
6
+ metadata.gz: 1d22d73afebae6a67d779e3805b3e2aa6d606db60ce1ebaec3bfbcf52c581d6f1c26aa6881449059ad278798a1f845c70c554e4fd8716c049be33f92e04ac86f
7
+ data.tar.gz: 54f3fd0904bd39e1a674700593c153802a0f2cdd81119d5edf20cc74ff6c86ea5ad95032304841e37dedfffcd971d5d03647e286f417cb31c71e79729190b636
@@ -6,6 +6,10 @@ class Oxy::RSVP
6
6
  # The set of allowed fields. Requests that do not have fields
7
7
  # present in this list will not be eligible to be enqueued.
8
8
  ELIGIBLE_FORMS_FIELDS = ['email_address', 'first_name', 'last_name']
9
+ # Email validation regex
10
+ EMAIL_REGEX_VALIDATOR = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
11
+ # First and last name allowed string length
12
+ ALLOWED_STRING_LENGTH = 60
9
13
 
10
14
  # ctor.
11
15
  def initialize(app, logger = $stderr)
@@ -23,6 +27,8 @@ class Oxy::RSVP
23
27
  # first ask deflect layer for permission to process the request
24
28
  resp = @deflect.call(env)
25
29
  return resp if forbidden(resp)
30
+ # next ask validation layer for permission to process the request
31
+ # ...
26
32
  # enqueue background processing for valid submissions only
27
33
  Threaded.enqueue(Subscribe, req.POST, @logger) if valid_form(req.POST)
28
34
  # redirect anyways
@@ -38,12 +44,28 @@ private
38
44
  resp[0] == 403
39
45
  end
40
46
 
41
- # only request with eligible form fields are valid
47
+ def validate_email(value)
48
+ # match or no match?
49
+ EMAIL_REGEX_VALIDATOR.match?(value)
50
+ end
51
+
52
+ def validate_length(value)
53
+ value.nil? || value.empty? || value.length <= ALLOWED_STRING_LENGTH
54
+ end
55
+
56
+ # only request with eligible and valid form fields are allowed
42
57
  def valid_form(form)
43
58
  unless form.all? { |key, _| ELIGIBLE_FORMS_FIELDS.include?(key) }
44
59
  @logger.write("[RSVP]: Received an invalid form ~> #{form.inspect}\n")
45
60
  return false
46
61
  end
62
+ # validate email address
63
+ return false unless validate_email(form["email_address"])
64
+ # validate first name
65
+ return false unless validate_length(form["first_name"])
66
+ # validate last name
67
+ return false unless validate_length(form["last_name"])
68
+ # form is allowed
47
69
  return true
48
70
  end
49
71
  end
@@ -1,3 +1,3 @@
1
1
  module Oxy
2
- VERSION = "0.1.7"
2
+ VERSION = "0.1.8"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oxy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.7
4
+ version: 0.1.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pavel Tsurbeleu
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-22 00:00:00.000000000 Z
11
+ date: 2017-12-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack