params_cleaner 0.4.2 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/params_cleaner/version.rb +1 -1
- data/lib/params_cleaner/whitelist.rb +21 -44
- metadata +11 -21
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 9fec59b6d039921eab9c77a26f36fa73227173fe
|
|
4
|
+
data.tar.gz: 7b8cb6e72c5d6b0fe9d9d63ea7c9b5d840e629fc
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 86796d222afe4f2b8abe94f9f15351ed14c4175af060f8040c679e68bce7e59de6a30409bea8b48c3df2a49dbd6c337a379d15e6b0b700ad48ac0173f3da5341
|
|
7
|
+
data.tar.gz: a93da4692d51e0d0358a642872f153d4152f7c6009e70526a9eabaf71c75d6d82ec48e093fcbb2533ab3a656d98fe2e026945b0d506d683ac89ca67dfaf3595b
|
|
@@ -4,60 +4,37 @@ module ParamsCleaner
|
|
|
4
4
|
@whitelist = whitelist
|
|
5
5
|
end
|
|
6
6
|
|
|
7
|
-
def sanitize(
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
_clean_value(key, value, top_level)
|
|
15
|
-
end
|
|
7
|
+
def sanitize(item, parent = nil)
|
|
8
|
+
if item.kind_of?(Hash)
|
|
9
|
+
_sanitize_hash(item, parent)
|
|
10
|
+
elsif item.kind_of?(Array)
|
|
11
|
+
item.map { |item| sanitize(item, parent) }
|
|
12
|
+
else
|
|
13
|
+
item
|
|
16
14
|
end
|
|
17
|
-
|
|
18
|
-
cleaned_params_hash = Hash[cleaned_params]
|
|
19
|
-
HashWithIndifferentAccess.new(cleaned_params_hash)
|
|
20
15
|
end
|
|
21
16
|
|
|
22
|
-
def
|
|
23
|
-
|
|
24
|
-
|
|
17
|
+
def _sanitize_hash(hash, parent)
|
|
18
|
+
valid_keys = _valid_keys_for_parent(parent)
|
|
19
|
+
valid_pairs = hash.select { |key, value| valid_keys.include?(key.to_sym) }
|
|
20
|
+
sanitized_pairs = valid_pairs.map { |key, value| [key, sanitize(value, key.to_sym)] }
|
|
25
21
|
|
|
26
|
-
|
|
27
|
-
params_groups = []
|
|
28
|
-
@whitelist.each do |params_group|
|
|
29
|
-
unless params_group.is_a?(Hash)
|
|
30
|
-
params_groups << params_group
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
params_groups
|
|
22
|
+
HashWithIndifferentAccess.new(Hash[sanitized_pairs])
|
|
34
23
|
end
|
|
35
24
|
|
|
36
|
-
def
|
|
37
|
-
|
|
38
|
-
if sub_value.is_a?(Hash)
|
|
39
|
-
_clean_hash(key, sub_value).last
|
|
40
|
-
else
|
|
41
|
-
sub_value
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
[key, cleaned_values]
|
|
25
|
+
def _top_level_keys
|
|
26
|
+
@top_level_keys ||= @whitelist.reject { |item| item.kind_of?(Hash) }
|
|
45
27
|
end
|
|
46
28
|
|
|
47
|
-
def
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
29
|
+
def _valid_keys_for_parent(parent)
|
|
30
|
+
_whitelist_hash.keys.tap do |keys|
|
|
31
|
+
keys.concat(_top_level_keys) if parent.nil?
|
|
32
|
+
keys.concat(_whitelist_hash[parent]) if _whitelist_hash.has_key?(parent)
|
|
33
|
+
end
|
|
51
34
|
end
|
|
52
35
|
|
|
53
|
-
def
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
if _allowed_top_level.include?(key.to_sym)
|
|
57
|
-
[key, value]
|
|
58
|
-
else
|
|
59
|
-
[]
|
|
60
|
-
end
|
|
36
|
+
def _whitelist_hash
|
|
37
|
+
@whitelist_hash ||= @whitelist.last.is_a?(Hash) ? @whitelist.last : {}
|
|
61
38
|
end
|
|
62
39
|
end
|
|
63
40
|
end
|
metadata
CHANGED
|
@@ -1,32 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: params_cleaner
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
5
|
-
prerelease:
|
|
4
|
+
version: 0.4.3
|
|
6
5
|
platform: ruby
|
|
7
6
|
authors:
|
|
8
7
|
- Drew Olson
|
|
9
8
|
autorequire:
|
|
10
9
|
bindir: bin
|
|
11
10
|
cert_chain: []
|
|
12
|
-
date:
|
|
11
|
+
date: 2013-02-26 00:00:00.000000000 Z
|
|
13
12
|
dependencies:
|
|
14
13
|
- !ruby/object:Gem::Dependency
|
|
15
14
|
name: activesupport
|
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
|
17
|
-
none: false
|
|
18
16
|
requirements:
|
|
19
|
-
- -
|
|
17
|
+
- - ~>
|
|
20
18
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: 3.0
|
|
19
|
+
version: '3.0'
|
|
22
20
|
type: :runtime
|
|
23
21
|
prerelease: false
|
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
|
-
none: false
|
|
26
23
|
requirements:
|
|
27
|
-
- -
|
|
24
|
+
- - ~>
|
|
28
25
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: 3.0
|
|
26
|
+
version: '3.0'
|
|
30
27
|
description: Rails mass assignment protection in the controller
|
|
31
28
|
email:
|
|
32
29
|
- drew@drewolson.org
|
|
@@ -39,32 +36,25 @@ files:
|
|
|
39
36
|
- lib/params_cleaner.rb
|
|
40
37
|
homepage: https://github.com/drewolson/params_cleaner
|
|
41
38
|
licenses: []
|
|
39
|
+
metadata: {}
|
|
42
40
|
post_install_message:
|
|
43
41
|
rdoc_options: []
|
|
44
42
|
require_paths:
|
|
45
43
|
- lib
|
|
46
44
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
47
|
-
none: false
|
|
48
45
|
requirements:
|
|
49
|
-
- -
|
|
46
|
+
- - '>='
|
|
50
47
|
- !ruby/object:Gem::Version
|
|
51
48
|
version: '0'
|
|
52
|
-
segments:
|
|
53
|
-
- 0
|
|
54
|
-
hash: 2059744410745176612
|
|
55
49
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
56
|
-
none: false
|
|
57
50
|
requirements:
|
|
58
|
-
- -
|
|
51
|
+
- - '>='
|
|
59
52
|
- !ruby/object:Gem::Version
|
|
60
53
|
version: '0'
|
|
61
|
-
segments:
|
|
62
|
-
- 0
|
|
63
|
-
hash: 2059744410745176612
|
|
64
54
|
requirements: []
|
|
65
55
|
rubyforge_project:
|
|
66
|
-
rubygems_version:
|
|
56
|
+
rubygems_version: 2.0.0
|
|
67
57
|
signing_key:
|
|
68
|
-
specification_version:
|
|
58
|
+
specification_version: 4
|
|
69
59
|
summary: Rails mass assignment protection in the controller
|
|
70
60
|
test_files: []
|