params_cleaner 0.4.2 → 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +7 -0
  2. data/lib/params_cleaner/version.rb +1 -1
  3. data/lib/params_cleaner/whitelist.rb +21 -44
  4. metadata +11 -21
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 9fec59b6d039921eab9c77a26f36fa73227173fe
4
+ data.tar.gz: 7b8cb6e72c5d6b0fe9d9d63ea7c9b5d840e629fc
5
+ SHA512:
6
+ metadata.gz: 86796d222afe4f2b8abe94f9f15351ed14c4175af060f8040c679e68bce7e59de6a30409bea8b48c3df2a49dbd6c337a379d15e6b0b700ad48ac0173f3da5341
7
+ data.tar.gz: a93da4692d51e0d0358a642872f153d4152f7c6009e70526a9eabaf71c75d6d82ec48e093fcbb2533ab3a656d98fe2e026945b0d506d683ac89ca67dfaf3595b
data/lib/params_cleaner/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ParamsCleaner
2
- VERSION = "0.4.2"
2
+ VERSION = "0.4.3"
3
3
  end
data/lib/params_cleaner/whitelist.rb CHANGED
@@ -4,60 +4,37 @@ module ParamsCleaner
4
4
  @whitelist = whitelist
5
5
  end
6
6
 
7
- def sanitize(params, top_level = true)
8
- cleaned_params = params.map do |key, value|
9
- if value.kind_of?(Hash)
10
- _clean_hash(key, value)
11
- elsif value.kind_of?(Array)
12
- _clean_array(key, value)
13
- else
14
- _clean_value(key, value, top_level)
15
- end
7
+ def sanitize(item, parent = nil)
8
+ if item.kind_of?(Hash)
9
+ _sanitize_hash(item, parent)
10
+ elsif item.kind_of?(Array)
11
+ item.map { |item| sanitize(item, parent) }
12
+ else
13
+ item
16
14
  end
17
-
18
- cleaned_params_hash = Hash[cleaned_params]
19
- HashWithIndifferentAccess.new(cleaned_params_hash)
20
15
  end
21
16
 
22
- def _allowed_nested
23
- @whitelist.detect { |params_group| params_group.is_a?(Hash) } || {}
24
- end
17
+ def _sanitize_hash(hash, parent)
18
+ valid_keys = _valid_keys_for_parent(parent)
19
+ valid_pairs = hash.select { |key, value| valid_keys.include?(key.to_sym) }
20
+ sanitized_pairs = valid_pairs.map { |key, value| [key, sanitize(value, key.to_sym)] }
25
21
 
26
- def _allowed_top_level
27
- params_groups = []
28
- @whitelist.each do |params_group|
29
- unless params_group.is_a?(Hash)
30
- params_groups << params_group
31
- end
32
- end
33
- params_groups
22
+ HashWithIndifferentAccess.new(Hash[sanitized_pairs])
34
23
  end
35
24
 
36
- def _clean_array(key, value)
37
- cleaned_values = value.map do |sub_value|
38
- if sub_value.is_a?(Hash)
39
- _clean_hash(key, sub_value).last
40
- else
41
- sub_value
42
- end
43
- end
44
- [key, cleaned_values]
25
+ def _top_level_keys
26
+ @top_level_keys ||= @whitelist.reject { |item| item.kind_of?(Hash) }
45
27
  end
46
28
 
47
- def _clean_hash(key, value)
48
- allowed_keys = value.slice(*_allowed_nested[key.to_sym])
49
- clean_values = sanitize(allowed_keys, false)
50
- [key, clean_values]
29
+ def _valid_keys_for_parent(parent)
30
+ _whitelist_hash.keys.tap do |keys|
31
+ keys.concat(_top_level_keys) if parent.nil?
32
+ keys.concat(_whitelist_hash[parent]) if _whitelist_hash.has_key?(parent)
33
+ end
51
34
  end
52
35
 
53
- def _clean_value(key, value, top_level)
54
- return [key, value] unless top_level
55
-
56
- if _allowed_top_level.include?(key.to_sym)
57
- [key, value]
58
- else
59
- []
60
- end
36
+ def _whitelist_hash
37
+ @whitelist_hash ||= @whitelist.last.is_a?(Hash) ? @whitelist.last : {}
61
38
  end
62
39
  end
63
40
  end
metadata CHANGED
@@ -1,32 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: params_cleaner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.2
5
- prerelease:
4
+ version: 0.4.3
6
5
  platform: ruby
7
6
  authors:
8
7
  - Drew Olson
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2012-09-11 00:00:00.000000000 Z
11
+ date: 2013-02-26 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: activesupport
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
- - - ! '>='
17
+ - - ~>
20
18
  - !ruby/object:Gem::Version
21
- version: 3.0.0
19
+ version: '3.0'
22
20
  type: :runtime
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
- - - ! '>='
24
+ - - ~>
28
25
  - !ruby/object:Gem::Version
29
- version: 3.0.0
26
+ version: '3.0'
30
27
  description: Rails mass assignment protection in the controller
31
28
  email:
32
29
  - drew@drewolson.org
@@ -39,32 +36,25 @@ files:
39
36
  - lib/params_cleaner.rb
40
37
  homepage: https://github.com/drewolson/params_cleaner
41
38
  licenses: []
39
+ metadata: {}
42
40
  post_install_message:
43
41
  rdoc_options: []
44
42
  require_paths:
45
43
  - lib
46
44
  required_ruby_version: !ruby/object:Gem::Requirement
47
- none: false
48
45
  requirements:
49
- - - ! '>='
46
+ - - '>='
50
47
  - !ruby/object:Gem::Version
51
48
  version: '0'
52
- segments:
53
- - 0
54
- hash: 2059744410745176612
55
49
  required_rubygems_version: !ruby/object:Gem::Requirement
56
- none: false
57
50
  requirements:
58
- - - ! '>='
51
+ - - '>='
59
52
  - !ruby/object:Gem::Version
60
53
  version: '0'
61
- segments:
62
- - 0
63
- hash: 2059744410745176612
64
54
  requirements: []
65
55
  rubyforge_project:
66
- rubygems_version: 1.8.24
56
+ rubygems_version: 2.0.0
67
57
  signing_key:
68
- specification_version: 3
58
+ specification_version: 4
69
59
  summary: Rails mass assignment protection in the controller
70
60
  test_files: []