oxy 0.1.7 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/oxy/middleware/rsvp.rb +23 -1
- data/lib/oxy/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 133482c185d5c3b0b85ba9df02736fc0dc7b4f3f
|
4
|
+
data.tar.gz: 4bc927cbc1af9815462035935d5bb1987fe0399b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1d22d73afebae6a67d779e3805b3e2aa6d606db60ce1ebaec3bfbcf52c581d6f1c26aa6881449059ad278798a1f845c70c554e4fd8716c049be33f92e04ac86f
|
7
|
+
data.tar.gz: 54f3fd0904bd39e1a674700593c153802a0f2cdd81119d5edf20cc74ff6c86ea5ad95032304841e37dedfffcd971d5d03647e286f417cb31c71e79729190b636
|
data/lib/oxy/middleware/rsvp.rb
CHANGED
@@ -6,6 +6,10 @@ class Oxy::RSVP
|
|
6
6
|
# The set of allowed fields. Requests that do not have fields
|
7
7
|
# present in this list will not be eligible to be enqueued.
|
8
8
|
ELIGIBLE_FORMS_FIELDS = ['email_address', 'first_name', 'last_name']
|
9
|
+
# Email validation regex
|
10
|
+
EMAIL_REGEX_VALIDATOR = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
|
11
|
+
# First and last name allowed string length
|
12
|
+
ALLOWED_STRING_LENGTH = 60
|
9
13
|
|
10
14
|
# ctor.
|
11
15
|
def initialize(app, logger = $stderr)
|
@@ -23,6 +27,8 @@ class Oxy::RSVP
|
|
23
27
|
# first ask deflect layer for permission to process the request
|
24
28
|
resp = @deflect.call(env)
|
25
29
|
return resp if forbidden(resp)
|
30
|
+
# next ask validation layer for permission to process the request
|
31
|
+
# ...
|
26
32
|
# enqueue background processing for valid submissions only
|
27
33
|
Threaded.enqueue(Subscribe, req.POST, @logger) if valid_form(req.POST)
|
28
34
|
# redirect anyways
|
@@ -38,12 +44,28 @@ private
|
|
38
44
|
resp[0] == 403
|
39
45
|
end
|
40
46
|
|
41
|
-
|
47
|
+
def validate_email(value)
|
48
|
+
# match or no match?
|
49
|
+
EMAIL_REGEX_VALIDATOR.match?(value)
|
50
|
+
end
|
51
|
+
|
52
|
+
def validate_length(value)
|
53
|
+
value.nil? || value.empty? || value.length <= ALLOWED_STRING_LENGTH
|
54
|
+
end
|
55
|
+
|
56
|
+
# only request with eligible and valid form fields are allowed
|
42
57
|
def valid_form(form)
|
43
58
|
unless form.all? { |key, _| ELIGIBLE_FORMS_FIELDS.include?(key) }
|
44
59
|
@logger.write("[RSVP]: Received an invalid form ~> #{form.inspect}\n")
|
45
60
|
return false
|
46
61
|
end
|
62
|
+
# validate email address
|
63
|
+
return false unless validate_email(form["email_address"])
|
64
|
+
# validate first name
|
65
|
+
return false unless validate_length(form["first_name"])
|
66
|
+
# validate last name
|
67
|
+
return false unless validate_length(form["last_name"])
|
68
|
+
# form is allowed
|
47
69
|
return true
|
48
70
|
end
|
49
71
|
end
|
data/lib/oxy/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oxy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pavel Tsurbeleu
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-12-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|