params_sanitizer 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b5523481cd701304b03081c47b320316489e57f0
+  data.tar.gz: 7c3268be3df43696c0feb443cdbd6910e4ea9bdb
+SHA512:
+  metadata.gz: e2168ada5f27ce931224fa9a110fcf434fa997b43d209a1f942934bdafd9a2cb6e5fc19efa0aaf5201d3df8fe73ec2e31e8aecf8261975e44ad07cdda1bd90d3
+  data.tar.gz: f242e2ad1879adabda9094c3f75ca9c6e94f5cfa0ac039d5023501d3b479301f0252d0569251e342a40ab26069140ca252c315debc5f98120c975a9dd7d038ca

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+vendor/bundle

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in params_sanitizer.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Atsushi Nakamura
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,105 @@
+# ParamsSanitizer
+
+params_sanitizer sanitize parameter.It is really easy and useful.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'params_sanitizer'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install params_sanitizer
+
+## Usage
+For example. sanitize params for a search query.
+### Define sanitizer.
+
+``` ruby
+class SearchParamsSanitizer < ParamsSanitizer::Base
+  def self.permit_filter
+    [:word, :order]
+  end
+
+  exist_value  :word,  ''               # set default value '', when param[:word] does not exist.
+  accept_value :order, 1 , ['0','1']    # set default value 1, when param[:order] is not 0 or 1.
+end
+```
+
+other sanitizer look this.
+[ParamsSanitizer::Sanitizers](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers)
+
+
+and in controller
+
+``` ruby
+def search_params
+  SearchParamsSanitizer.sanitize(params)  # can get sanitized params.
+end
+```
+
+result.
+
+``` ruby
+{
+  word: 'japanese anime',
+  unknown_params: 'hogehogehoge',
+}
+
+after sanitize
+
+{
+  word: 'japanese anime',
+  order: 1
+}
+```
+
+when params nest.
+
+``` ruby
+{
+  search: { word: 'japanese anime' }
+}
+```
+
+``` ruby
+def search_params
+  SearchParamsSanitizer.sanitize(params, :search)  # can get sanitized params.
+end
+``
+
+result.
+
+``` ruby
+{
+  word: 'japanese anime',
+  order: 1
+}
+```
+
+## Sanitizers
+
+- [accept_range](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/AcceptRange/SanitizerMethods)
+- [accept_regex](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/AcceptRegex/SanitizerMethods)
+- [accept_value](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/AcceptValue/SanitizerMethods)
+- [reject_range](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/RejectRange/SanitizerMethods)
+- [reject_regex](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/RejectRegex/SanitizerMethods)
+- [reject_value](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/RejectValue/SanitizerMethods)
+- [exist_value](http://rubydoc.info/github/alfa-jpn/params_sanitizer/ParamsSanitizer/Sanitizers/ExistValue/SanitizerMethods)
+
+## API DOCUMENT
+
+- [ParamsSanitizer](http://rubydoc.info/github/alfa-jpn/params_sanitizer/frames)
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/params_sanitizer.rb

@@ -0,0 +1,2 @@
+require 'params_sanitizer/version'
+require 'params_sanitizer/base'

data/lib/params_sanitizer/base.rb

@@ -0,0 +1,97 @@
+module ParamsSanitizer
+  require 'params_sanitizer/sanitizers/accept_value'
+  require 'params_sanitizer/sanitizers/reject_value'
+  require 'params_sanitizer/sanitizers/accept_range'
+  require 'params_sanitizer/sanitizers/reject_range'
+  require 'params_sanitizer/sanitizers/accept_regex'
+  require 'params_sanitizer/sanitizers/reject_regex'
+  require 'params_sanitizer/sanitizers/exist_value'
+
+  class Base
+    include ParamsSanitizer::Sanitizers::AcceptValue
+    include ParamsSanitizer::Sanitizers::RejectValue
+    include ParamsSanitizer::Sanitizers::AcceptRange
+    include ParamsSanitizer::Sanitizers::RejectRange
+    include ParamsSanitizer::Sanitizers::AcceptRegex
+    include ParamsSanitizer::Sanitizers::RejectRegex
+    include ParamsSanitizer::Sanitizers::ExistValue
+
+    # Check a duplicated definition rule of parameter.
+    #
+    # @api for sanitizers exclusive use.
+    # @param key [String] key of parameter.
+    # @raise [ArgumentError] if duplicate the rule.
+    def self.check_duplicated_definition!(key)
+      string_key = key.to_s
+      definitions.each_value do |rules|
+        rules.each_key do |definition_key|
+          if definition_key == string_key
+            raise ArgumentError, 'already define the ruel for #{key}!!'
+          end
+        end
+      end
+    end
+
+    # callback after inherited.
+    #
+    # @api
+    def self.inherited(child)
+      child.instance_variable_set(:@definitions, Hash.new)
+    end
+
+    # Get a list of permit keys.
+    # @note Keys passed strong parameter.(ActionController::Parameters.permit method.)
+    #
+    # @example
+    #   def self.permit_filter
+    #     [:user_name, :user_email, :user_age]
+    #   end
+    #
+    # @return [Array or Hash] a list of keys.
+    # @abstract Define after inheritance.
+    # @raise [ArgumentError] if not abstract.
+    def self.permit_filter
+      raise NoMethodError, 'Not define `self.permit_filter`. '
+    end
+
+    # Sanitize parameters.
+    #
+    # @example
+    #   # if sent next params.
+    #   # {
+    #   #   user: { name: 'hoge', email: 'fuga'  }
+    #   # }
+    #   SanitizerClass.sanitize(params, :user)
+    #
+    #   # if sent next params.
+    #   # { name: 'hoge', email: 'fuga' }
+    #   SanitizerClass.sanitize(params)
+    #
+    # @param params [ActiveController::Parameters] parameter of Action.
+    # @param key    [String] key of parameter. (if params `{user:{name:'hoge', email:'fuga'}}` then :user)
+    # @raise [ActionController::ParameterMissing] if nothing key.
+    def self.sanitize(params, key = nil)
+      new.sanitize_params (key ? params.require(key) : params).permit(permit_filter)
+    end
+
+    # Sanitize params bu definition rules.
+    #
+    # @api mustn't call from out this class.
+    # @param parmas[ActionController::Parameter] parameter,
+    # @return [Hash] sanitizer hash of params.(Hash keys are symbol)
+    def sanitize_params(params)
+      sanitized = params.to_hash
+
+      self.class.definitions.each do |key, rules|
+        send("sanitize_#{key}!", sanitized, rules)
+      end
+
+      sanitized.symbolize_keys
+    end
+
+    # define class method accessor.
+    class << self
+      attr_reader :definitions
+    end
+  end
+end

data/lib/params_sanitizer/sanitizers/accept_range.rb

@@ -0,0 +1,60 @@
+module ParamsSanitizer::Sanitizers
+  module AcceptRange
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of accept_range.
+    def sanitize_accept_range!(params, rules)
+      rules.each do |key, rule|
+        if params.has_key?(key)
+          params[key] = check_accept_range(params[key].to_i, rule[:default_value], rule[:min], rule[:max])
+        else
+          params[key] = rule[:default_value]
+        end
+      end
+    end
+
+    # Check whether a value is admitted range.
+    # @note return a default value when value is not admitted range.
+    #
+    # @param value          [Object]  value
+    # @param default_value  [Object]  default_value
+    # @param min            [Integer] range of min.(when do not set a limit, nil)
+    # @param max            [Integer] range of max.(when do not set a limit, nil)
+    # @return [Object] value or default_value.
+    def check_accept_range(value, default_value, min, max)
+      if min and value < min
+        default_value
+      elsif max and value > max
+        default_value
+      else
+        value
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of accept range.
+      #
+      # @example
+      #   accept_range :month, 1, 1, 12
+      #
+      # @param key           [String]        key of parameter.
+      # @param default_value [Object]        default values when input not addmitted value.
+      # @param min            [Integer] range of min.(when do not set a limit, nil)
+      # @param max            [Integer] range of max.(when do not set a limit, nil)
+      def accept_range(key, default_value, min = nil, max = nil)
+        check_duplicated_definition!(key)
+        definitions[:accept_range] ||= Hash.new
+        definitions[:accept_range][key.to_s] = { default_value: default_value, min: min, max: max }
+      end
+    end
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end

data/lib/params_sanitizer/sanitizers/accept_regex.rb

@@ -0,0 +1,56 @@
+module ParamsSanitizer::Sanitizers
+  module AcceptRegex
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of accept_regex.
+    def sanitize_accept_regex!(params, rules)
+      rules.each do |key, rule|
+        if params.has_key?(key)
+          params[key] = check_accept_regex(params[key], rule[:default_value], rule[:regex])
+        else
+          params[key] = rule[:default_value]
+        end
+      end
+    end
+
+    # Check whether a value is admitted regex.
+    # @note return a default value when value is not admitted regex.
+    #
+    # @param value          [Object]  value
+    # @param default_value  [Object]  default_value
+    # @param regex          [Regexp] accept when regex match.
+    # @return [Object] value or default_value.
+    def check_accept_regex(value, default_value, regex)
+      if regex.match(value)
+        value
+      else
+        default_value
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of accept regex.
+      #
+      # @example
+      #   accept_regex(:age, 0, /^\d+$/)
+      #
+      # @param key           [String] key of parameter.
+      # @param default_value [Object] default values when input not addmitted value.
+      # @param regex         [Regexp] accept when regex match.
+      def accept_regex(key, default_value, regex)
+        check_duplicated_definition!(key)
+        definitions[:accept_regex] ||= Hash.new
+        definitions[:accept_regex][key.to_s] = { default_value: default_value, regex: regex }
+      end
+    end
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end

data/lib/params_sanitizer/sanitizers/accept_value.rb

@@ -0,0 +1,57 @@
+module ParamsSanitizer::Sanitizers
+  module AcceptValue
+
+    private
+
+    # Sanitize a destructive params.
+    # @note destructive method for params.
+    #
+    # @param params [Hash] parameters. (will be destructed by this method.)
+    # @param rules  [Hash] rules of accept_value.
+    def sanitize_accept_value!(params, rules)
+      rules.each do |key, rule|
+        if params.has_key?(key)
+          params[key] = check_accept_value(params[key], rule[:default_value], rule[:accept_values])
+        else
+          params[key] = rule[:default_value]
+        end
+      end
+    end
+
+    # Check whether a value is admitted.
+    # @note return a default value when value is not admitted.
+    #
+    # @param value          [Object] value
+    # @param default_value  [Object] default_value
+    # @param accept_values  [Array]  admitted values.
+    # @return [Object] value or default_value.
+    def check_accept_value(value, default_value, accept_values)
+      if accept_values.include?(value)
+        value
+      else
+        default_value
+      end
+    end
+
+    module SanitizerMethods
+      # Define rule of accept value.
+      #
+      # @example
+      #   accept_value(:order, 0, ['0','1'])
+      #
+      # @param key           [String]        key of parameter.
+      # @param default_value [Object]        default values when input not addmitted value.
+      # @param accept_values [Array<Object>] accept values.
+      def accept_value(key, default_value, accept_values)
+        check_duplicated_definition!(key)
+        definitions[:accept_value] ||= Hash.new
+        definitions[:accept_value][key.to_s] = { default_value: default_value, accept_values: accept_values }
+      end
+    end
+
+
+    def self.included(mixin)
+      mixin.extend SanitizerMethods
+    end
+  end
+end