oxy 0.1.7 → 0.1.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/oxy/middleware/rsvp.rb +23 -1
- data/lib/oxy/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 133482c185d5c3b0b85ba9df02736fc0dc7b4f3f
|
4
|
+
data.tar.gz: 4bc927cbc1af9815462035935d5bb1987fe0399b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1d22d73afebae6a67d779e3805b3e2aa6d606db60ce1ebaec3bfbcf52c581d6f1c26aa6881449059ad278798a1f845c70c554e4fd8716c049be33f92e04ac86f
|
7
|
+
data.tar.gz: 54f3fd0904bd39e1a674700593c153802a0f2cdd81119d5edf20cc74ff6c86ea5ad95032304841e37dedfffcd971d5d03647e286f417cb31c71e79729190b636
|
data/lib/oxy/middleware/rsvp.rb
CHANGED
@@ -6,6 +6,10 @@ class Oxy::RSVP
|
|
6
6
|
# The set of allowed fields. Requests that do not have fields
|
7
7
|
# present in this list will not be eligible to be enqueued.
|
8
8
|
ELIGIBLE_FORMS_FIELDS = ['email_address', 'first_name', 'last_name']
|
9
|
+
# Email validation regex
|
10
|
+
EMAIL_REGEX_VALIDATOR = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
|
11
|
+
# First and last name allowed string length
|
12
|
+
ALLOWED_STRING_LENGTH = 60
|
9
13
|
|
10
14
|
# ctor.
|
11
15
|
def initialize(app, logger = $stderr)
|
@@ -23,6 +27,8 @@ class Oxy::RSVP
|
|
23
27
|
# first ask deflect layer for permission to process the request
|
24
28
|
resp = @deflect.call(env)
|
25
29
|
return resp if forbidden(resp)
|
30
|
+
# next ask validation layer for permission to process the request
|
31
|
+
# ...
|
26
32
|
# enqueue background processing for valid submissions only
|
27
33
|
Threaded.enqueue(Subscribe, req.POST, @logger) if valid_form(req.POST)
|
28
34
|
# redirect anyways
|
@@ -38,12 +44,28 @@ private
|
|
38
44
|
resp[0] == 403
|
39
45
|
end
|
40
46
|
|
41
|
-
|
47
|
+
def validate_email(value)
|
48
|
+
# match or no match?
|
49
|
+
EMAIL_REGEX_VALIDATOR.match?(value)
|
50
|
+
end
|
51
|
+
|
52
|
+
def validate_length(value)
|
53
|
+
value.nil? || value.empty? || value.length <= ALLOWED_STRING_LENGTH
|
54
|
+
end
|
55
|
+
|
56
|
+
# only request with eligible and valid form fields are allowed
|
42
57
|
def valid_form(form)
|
43
58
|
unless form.all? { |key, _| ELIGIBLE_FORMS_FIELDS.include?(key) }
|
44
59
|
@logger.write("[RSVP]: Received an invalid form ~> #{form.inspect}\n")
|
45
60
|
return false
|
46
61
|
end
|
62
|
+
# validate email address
|
63
|
+
return false unless validate_email(form["email_address"])
|
64
|
+
# validate first name
|
65
|
+
return false unless validate_length(form["first_name"])
|
66
|
+
# validate last name
|
67
|
+
return false unless validate_length(form["last_name"])
|
68
|
+
# form is allowed
|
47
69
|
return true
|
48
70
|
end
|
49
71
|
end
|
data/lib/oxy/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oxy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pavel Tsurbeleu
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-12-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|