params_sanitizer 0.0.1

data/lib/params_sanitizer/sanitizers/exist_value.rb

@@ -0,0 +1,36 @@
+module ParamsSanitizer::Sanitizers
+  module ExistValue
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of exist_value.
+    def sanitize_exist_value!(params, rules)
+      rules.each do |key, rule|
+        params[key] = params[key] || rule[:default_value]
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of exist_value
+      #
+      # @example
+      #   exist_value(:keyword, '')
+      #
+      # @param key           [String] key of parameter.
+      # @param default_value [Object] default values when input not exist value or nil.
+      def exist_value(key, default_value, min = nil, max = nil)
+        check_duplicated_definition!(key)
+        definitions[:exist_value] ||= Hash.new
+        definitions[:exist_value][key.to_s] = { default_value: default_value }
+      end
+    end
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end

data/lib/params_sanitizer/sanitizers/reject_range.rb

@@ -0,0 +1,60 @@
+module ParamsSanitizer::Sanitizers
+  module RejectRange
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of reject_range.
+    def sanitize_reject_range!(params, rules)
+      rules.each do |key, rule|
+        if params.has_key?(key)
+          params[key] = check_reject_range(params[key].to_i, rule[:default_value], rule[:min], rule[:max])
+        else
+          params[key] = rule[:default_value]
+        end
+      end
+    end
+
+    # Check whether a value is admitted range.
+    # @note return a default value when value is not admitted range.
+    #
+    # @param value          [Object]  value
+    # @param default_value  [Object]  default_value
+    # @param min            [Integer] range of min.(when do not set a limit, nil)
+    # @param max            [Integer] range of max.(when do not set a limit, nil)
+    # @return [Object] value or default_value.
+    def check_reject_range(value, default_value, min, max)
+      if min and value < min
+        value
+      elsif max and value > max
+        value
+      else
+        default_value
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of reject range.
+      #
+      # @example
+      #   reject_range(:age, 100, 100, nil)  # max 100.
+      #
+      # @param key           [String]        key of parameter.
+      # @param default_value [Object]        default values when input not addmitted value.
+      # @param min            [Integer] range of min.(when do not set a limit, nil)
+      # @param max            [Integer] range of max.(when do not set a limit, nil)
+      def reject_range(key, default_value, min = nil, max = nil)
+        check_duplicated_definition!(key)
+        definitions[:reject_range] ||= Hash.new
+        definitions[:reject_range][key.to_s] = { default_value: default_value, min: min, max: max }
+      end
+    end
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end

data/lib/params_sanitizer/sanitizers/reject_regex.rb

@@ -0,0 +1,56 @@
+module ParamsSanitizer::Sanitizers
+  module RejectRegex
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of reject_regex.
+    def sanitize_reject_regex!(params, rules)
+      rules.each do |key, rule|
+        if params.has_key?(key)
+          params[key] = check_reject_regex(params[key], rule[:default_value], rule[:regex])
+        else
+          params[key] = rule[:default_value]
+        end
+      end
+    end
+
+    # Check whether a value is admitted regex.
+    # @note return a default value when value is not admitted regex.
+    #
+    # @param value         [Object] value
+    # @param default_value [Object] default_value
+    # @param regex         [Regexp] reject when regex match.
+    # @return [Object] value or default_value.
+    def check_reject_regex(value, default_value, regex)
+      if regex.match(value)
+        default_value
+      else
+        value
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of reject regex.
+      #
+      # @example
+      #   reject_regex(:number, 0, /^\w$/)
+      #
+      # @param key           [String] key of parameter.
+      # @param default_value [Object] default values when input not addmitted value.
+      # @param regex         [Regexp] reject when regex match.
+      def reject_regex(key, default_value, regex)
+        check_duplicated_definition!(key)
+        definitions[:reject_regex] ||= Hash.new
+        definitions[:reject_regex][key.to_s] = { default_value: default_value, regex: regex }
+      end
+    end
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end

data/lib/params_sanitizer/sanitizers/reject_value.rb

@@ -0,0 +1,57 @@
+module ParamsSanitizer::Sanitizers
+  module RejectValue
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of reject_value.
+    def sanitize_reject_value!(params, rules)
+      rules.each do |key, rule|
+        if params.has_key?(key)
+          params[key] = check_reject_value(params[key], rule[:default_value], rule[:reject_values])
+        else
+          params[key] = rule[:default_value]
+        end
+      end
+    end
+
+    # Check whether a value is admitted.
+    # @note return a default value when value is not admitted.
+    #
+    # @param value          [Object] value
+    # @param default_value  [Object] default_value
+    # @param reject_values  [Array]  admitted values.
+    # @return [Object] value or default_value.
+    def check_reject_value(value, default_value, reject_values)
+      if reject_values.include?(value)
+        default_value
+      else
+        value
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of reject value.
+      #
+      # @example
+      #   reject_value(:user_name, nil, ['admin','root'])
+      #
+      # @param key           [String]        key of parameter.
+      # @param default_value [Object]        default values when input not addmitted value.
+      # @param reject_values [Array<Object>] reject values.
+      def reject_value(key, default_value, reject_values)
+        check_duplicated_definition!(key)
+        definitions[:reject_value] ||= Hash.new
+        definitions[:reject_value][key.to_s] = { default_value: default_value, reject_values: reject_values }
+      end
+    end
+
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end

data/lib/params_sanitizer/version.rb

@@ -0,0 +1,3 @@
+module ParamsSanitizer
+  VERSION = "0.0.1"
+end

data/params_sanitizer.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'params_sanitizer/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "params_sanitizer"
+  spec.version       = ParamsSanitizer::VERSION
+  spec.authors       = ["alfa-jpn"]
+  spec.email         = ["a.nkmr.ja@gmail.com"]
+  spec.description   = "params_sanitizer sanitize parameter.It is really easy and useful."
+  spec.summary       = "params_sanitizer sanitize parameter.It is really easy and useful."
+  spec.homepage      = "https://github.com/alfa-jpn/params_sanitizer"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "yard"
+
+  spec.add_dependency "actionpack", "~> 4.0"
+end

data/spec/params_sanitizer/base_spec.rb

@@ -0,0 +1,81 @@
+require 'rspec'
+require 'spec_helper'
+
+describe ParamsSanitizer::Base do
+
+  it 'Definitions instance was defined each class.' do
+    sanitizer1 = Class.new(ParamsSanitizer::Base)
+    sanitizer2 = Class.new(ParamsSanitizer::Base)
+
+    expect(sanitizer1.definitions.equal?(sanitizer2.definitions)).to be_false
+  end
+
+  it 'included sanitizers methods.' do
+    expect(ParamsSanitizer::Base.methods.include?(:accept_value)).to be_true
+    expect(ParamsSanitizer::Base.methods.include?(:reject_value)).to be_true
+    expect(ParamsSanitizer::Base.methods.include?(:accept_range)).to be_true
+    expect(ParamsSanitizer::Base.methods.include?(:reject_range)).to be_true
+    expect(ParamsSanitizer::Base.methods.include?(:accept_regex)).to be_true
+    expect(ParamsSanitizer::Base.methods.include?(:reject_regex)).to be_true
+    expect(ParamsSanitizer::Base.methods.include?(:exist_value)).to be_true
+  end
+
+  it 'check_duplicated_definition! method can check duplicated.' do
+    ParamsSanitizer::Base.stub(:definitions).and_return(
+        {
+            accept_value:{
+                'name'  =>  nil,
+                'email' => nil,
+            }
+        }
+    )
+
+    expect {
+      ParamsSanitizer::Base.check_duplicated_definition!('safe')
+    }.not_to raise_error
+
+    expect {
+      ParamsSanitizer::Base.check_duplicated_definition!('email')
+    }.to raise_error
+  end
+
+  it 'permit_filter called after call sanitize.' do
+    sanitizer = Class.new(ParamsSanitizer::Base)
+    params    = ActionController::Parameters.new({nyaruko: 'kawaii', suiginto: 'kaminoryouiki'})
+
+    ParamsSanitizer::Base.should_receive(:permit_filter).and_return([:nyaruko])
+    params.should_receive(:permit).with([:nyaruko]).and_return(params)
+
+    sanitizer.sanitize(params)
+  end
+
+  it 'permit_filter enable.' do
+    ParamsSanitizer::Base.stub(:permit_filter).and_return([:nyaruko])
+    ParamsSanitizer::Base.stub(:definitions).and_return({})
+
+    sanitizer = Class.new(ParamsSanitizer::Base)
+    params    = ActionController::Parameters.new({nyaruko: 'kawaii', suiginto: 'kaminoryouiki'})
+    sanitized = sanitizer.sanitize(params)
+
+    expect(sanitized.eql?({nyaruko: 'kawaii'})).to be_true
+  end
+
+  it 'sanitize_params call sanitizer.' do
+    params = {'nyarukosan' => 'w'}
+
+    ParamsSanitizer::Base.stub(:definitions).and_return(
+        {
+            anime_value: 'rules'
+        }
+    )
+
+    sanitizer_inst = ParamsSanitizer::Base.new
+    sanitizer_inst.should_receive(:sanitize_anime_value!).with(params, 'rules')
+
+    sanitized = sanitizer_inst.sanitize_params(params)
+
+    # return symbol key.
+    expect(sanitized.eql?({nyarukosan: 'w'})).to be_true
+  end
+
+end

data/spec/params_sanitizer/sanitizers/accept_range_spec.rb

@@ -0,0 +1,116 @@
+require 'rspec'
+
+describe ParamsSanitizer::Sanitizers::AcceptRange do
+
+  context 'after include' do
+    before(:each) do
+      class Sanitizer
+        include ParamsSanitizer::Sanitizers::AcceptRange
+      end
+      Sanitizer.stub(:check_duplicated_definition!)
+    end
+
+    it 'have accept_range methods.' do
+      expect(Sanitizer.private_method_defined?(:sanitize_accept_range!)).to be_true
+      expect(Sanitizer.methods.include?(:accept_range)).to                  be_true
+    end
+
+    it 'accept_range method call check_duplicated_definition!' do
+      Sanitizer.stub(:definitions).and_return(Hash.new)
+      Sanitizer.should_receive(:check_duplicated_definition!).with(:anime)
+      Sanitizer.accept_range(:anime, 50, 0, 100)
+    end
+
+    it 'accept_range method add rule.' do
+      definition = Hash.new
+      Sanitizer.stub(:definitions).and_return(definition)
+
+      expect {
+        Sanitizer.accept_range(:anime, 50, 0, 100)
+      }.to change{definition.count}.by(1)
+
+      expect(definition.eql?(
+        {
+          accept_range: { 'anime' => { default_value: 50, min: 0, max: 100 } }
+        })).to be_true
+    end
+
+    context 'after define rule' do
+      before(:each) do
+        definitions = Hash.new
+        Sanitizer.stub(:definitions).and_return(definitions)
+
+        Sanitizer.accept_range(:anime, 50, 0, 100)
+        @rule = definitions[:accept_range]
+      end
+
+      it 'sanitize_accept_range! method sanitizes missing params.' do
+        params = {'anime' => '-50'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 50})).to be_true
+
+        params = {'anime' => '-1'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 50})).to be_true
+
+        params = {'anime' => '101'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 50})).to be_true
+
+        params = {'anime' => '150'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 50})).to be_true
+      end
+
+      it 'sanitize_accept_range! method does not sanitize params.' do
+        params = {'anime' => '0'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 0})).to be_true
+
+        params = {'anime' => '40'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 40})).to be_true
+
+        params = {'anime' => '80'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 80})).to be_true
+
+        params = {'anime' => '100'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'anime' => 100})).to be_true
+      end
+    end
+
+    context 'after define rule of one limit free.' do
+      before(:each) do
+        definitions = Hash.new
+        Sanitizer.stub(:definitions).and_return(definitions)
+
+        Sanitizer.accept_range(:minnil, 50, nil, 100)
+        Sanitizer.accept_range(:maxnil, 50, 0, nil)
+        @rule = definitions[:accept_range]
+      end
+
+      it 'sanitize_accept_range! method sanitizes missing params.' do
+        params = {'minnil' => '150'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'minnil' => 50, 'maxnil' => 50})).to be_true
+
+        params = {'maxnil' => '-50'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'minnil' => 50, 'maxnil' => 50})).to be_true
+      end
+
+      it 'sanitize_accept_range! method does not sanitize params.' do
+        params = {'minnil' => '-999'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'minnil' => -999, 'maxnil' => 50})).to be_true
+
+        params = {'maxnil' => '999'}
+        Sanitizer.new.send(:sanitize_accept_range!, params, @rule)
+        expect(params.eql?({'minnil' => 50, 'maxnil' => 999})).to be_true
+      end
+    end
+
+  end
+end