protected_attributes_continued 1.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8e96d58f3d48f4636a8a6552633a10f24eb3f00e
+  data.tar.gz: f77843a13cf8ccd6ef72c8ed6213d84a04dc8e6a
+SHA512:
+  metadata.gz: 04672d08b075017ca9ceaa97f1be4c409ddbd17eb818fdddd748cf72ff8f0ce9de23a1a03653675a75a6afd64c7ee965e6868a6ee5be3bb3f983e962cfc4dafc
+  data.tar.gz: c134172ee6b46acf19117fa6e854197d6e3833a0f7338dd56d87aa52d2f2eff773be616fdc9aacc219a8d26b228917222acc8505441477b888a06276961234ce

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2012-2016 Guillermo Iguaran
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,104 @@
+# Protected Attributes Continued
+
+[![Build Status](https://api.travis-ci.org/westonganger/protected_attributes.svg?branch=master)](https://travis-ci.org/westonganger/protected_attributes)
+
+This is the community continued version of `protected_attributes`. I have created this new repo because the Rails team refuses to support the `protected_attributes` gem for Rails 5. It already works perfectly fine with Rails 5 it just needed the dependencies relaxed. For people who would like to continue using this feature in their Rails 5 apps lets continue the development here. This plugin was officially supported by the Rails team until the release of Rails 5.0.
+
+Protect attributes from mass-assignment in Active Record models.
+
+This plugin adds the class methods `attr_accessible` and `attr_protected` to your models to be able to declare white or black lists of attributes.
+
+
+
+
+## Installation
+
+Add this line to your application's `Gemfile`:
+
+    gem 'protected_attributes_continued'
+
+And then execute:
+
+    bundle install
+
+## Usage
+
+Mass assignment security provides an interface for protecting attributes from end-user injection. This plugin provides two class methods in Active Record classes to control access to their attributes. The `attr_protected` method takes a list of attributes that will be ignored in mass-assignment. 
+
+For example:
+```ruby
+attr_protected :admin
+```
+`attr_protected` also optionally takes a role option using `:as` which allows you to define multiple mass-assignment groupings. If no role is defined then attributes will be added to the `:default` role.
+
+```ruby
+attr_protected :last_login, :as => :admin
+```
+A much better way, because it follows the whitelist-principle, is the `attr_accessible` method. It is the exact opposite of `attr_protected`, because it takes a list of attributes that will be mass-assigned if present. Any other attributes will be ignored. This way you won’t forget to protect attributes when adding new ones in the course of development. Here is an example:
+
+```ruby
+attr_accessible :name
+attr_accessible :name, :is_admin, :as => :admin
+```
+
+If you want to set a protected attribute, you will have to assign it individually:
+
+```ruby
+params[:user] # => {:name => "owned", :is_admin => true}
+@user = User.new(params[:user])
+@user.is_admin # => false, not mass-assigned
+@user.is_admin = true
+@user.is_admin # => true
+```
+
+When assigning attributes in Active Record using `attributes=` the `:default` role will be used. To assign attributes using different roles you should use `assign_attributes` which accepts an optional `:as` options parameter. If no `:as` option is provided then the `:default` role will be used. 
+
+You can also bypass mass-assignment security by using the `:without_protection` option. Here is an example:
+
+```ruby
+@user = User.new
+
+@user.assign_attributes(:name => 'Josh', :is_admin => true)
+@user.name # => Josh
+@user.is_admin # => false
+
+@user.assign_attributes({ :name => 'Josh', :is_admin => true }, :as => :admin)
+@user.name # => Josh
+@user.is_admin # => true
+
+@user.assign_attributes({ :name => 'Josh', :is_admin => true }, :without_protection => true)
+@user.name # => Josh
+@user.is_admin # => true
+```
+
+In a similar way, `new`, `create`, `create!`, `update_attributes` and `update_attributes!` methods all respect mass-assignment security and accept either `:as` or `:without_protection` options. For example:
+
+```ruby
+@user = User.new({ :name => 'Sebastian', :is_admin => true }, :as => :admin)
+@user.name # => Sebastian
+@user.is_admin # => true
+
+@user = User.create({ :name => 'Sebastian', :is_admin => true }, :without_protection => true)
+@user.name # => Sebastian
+@user.is_admin # => true
+```
+
+By default the gem will use the strong parameters protection when assigning attribute, unless your model has `attr_accessible` or `attr_protected` calls.
+
+### Errors
+
+By default, attributes in the params hash which are not allowed to be updated are just ignored. If you prefer an exception to be raised configure:
+
+```ruby
+config.active_record.mass_assignment_sanitizer = :strict
+```
+
+Any protected attributes violation raises `ActiveModel::MassAssignmentSecurity::Error` then.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/lib/action_controller/accessible_params_wrapper.rb

@@ -0,0 +1,31 @@
+require 'active_support/concern'
+require 'action_controller'
+require 'action_controller/metal/params_wrapper'
+
+module ActionController
+  module ParamsWrapper
+    class Options # :nodoc:
+      undef :include
+
+      def include
+        return super if @include_set
+
+        m = model
+        synchronize do
+          return super if @include_set
+
+          @include_set = true
+
+          unless super || exclude
+
+            if m.respond_to?(:accessible_attributes) && m.accessible_attributes(:default).present?
+              self.include = m.accessible_attributes(:default).to_a
+            elsif m.respond_to?(:attribute_names) && m.attribute_names.any?
+              self.include = m.attribute_names
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_model/mass_assignment_security.rb

@@ -0,0 +1,362 @@
+require 'active_support/concern'
+require 'active_support/core_ext/class/attribute'
+require 'active_support/core_ext/string/inflections'
+require 'active_model'
+require 'active_model/mass_assignment_security/permission_set'
+require 'active_model/mass_assignment_security/sanitizer'
+
+module ActiveModel
+  # == Active Model Mass-Assignment Security
+  #
+  # Mass assignment security provides an interface for protecting attributes
+  # from end-user assignment. For more complex permissions, mass assignment
+  # security may be handled outside the model by extending a non-ActiveRecord
+  # class, such as a controller, with this behavior.
+  #
+  # For example, a logged in user may need to assign additional attributes
+  # depending on their role:
+  #
+  #   class AccountsController < ApplicationController
+  #     include ActiveModel::MassAssignmentSecurity
+  #
+  #     attr_accessible :first_name, :last_name
+  #     attr_accessible :first_name, :last_name, :plan_id, as: :admin
+  #
+  #     def update
+  #       ...
+  #       @account.update_attributes(account_params)
+  #       ...
+  #     end
+  #
+  #     protected
+  #
+  #     def account_params
+  #       role = admin ? :admin : :default
+  #       sanitize_for_mass_assignment(params[:account], role)
+  #     end
+  #
+  #   end
+  #
+  # === Configuration options
+  #
+  # * <tt>mass_assignment_sanitizer</tt> - Defines sanitize method. Possible
+  #   values are:
+  #   * <tt>:logger</tt> (default) - writes filtered attributes to logger
+  #   * <tt>:strict</tt> - raise <tt>ActiveModel::MassAssignmentSecurity::Error</tt>
+  #     on any protected attribute update.
+  #
+  # You can specify your own sanitizer object eg. <tt>MySanitizer.new</tt>.
+  # See <tt>ActiveModel::MassAssignmentSecurity::LoggerSanitizer</tt> for
+  # example implementation.
+  module MassAssignmentSecurity
+    extend ActiveSupport::Concern
+    include ActiveModel::ForbiddenAttributesProtection
+
+    included do
+      class_attribute :_accessible_attributes, instance_writer: false
+      class_attribute :_protected_attributes,  instance_writer: false
+      class_attribute :_active_authorizer,     instance_writer: false
+      class_attribute :_uses_mass_assignment_security, instance_writer: false
+      self._uses_mass_assignment_security = false
+
+      class_attribute :_mass_assignment_sanitizer, instance_writer: false
+      self.mass_assignment_sanitizer = :logger
+    end
+
+    module ClassMethods
+      # Attributes named in this macro are protected from mass-assignment
+      # whenever attributes are sanitized before assignment. A role for the
+      # attributes is optional, if no role is provided then <tt>:default</tt>
+      # is used. A role can be defined by using the <tt>:as</tt> option with a
+      # symbol or an array of symbols as the value.
+      #
+      # Mass-assignment to these attributes will simply be ignored, to assign
+      # to them you can use direct writer methods. This is meant to protect
+      # sensitive attributes from being overwritten by malicious users
+      # tampering with URLs or forms.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     attr_accessor :name, :email, :logins_count
+      #
+      #     attr_protected :logins_count
+      #     # Suppose that admin can not change email for customer
+      #     attr_protected :logins_count, :email, as: :admin
+      #
+      #     def assign_attributes(values, options = {})
+      #       sanitize_for_mass_assignment(values, options[:as]).each do |k, v|
+      #         send("#{k}=", v)
+      #       end
+      #     end
+      #   end
+      #
+      # When using the <tt>:default</tt> role:
+      #
+      #   customer = Customer.new
+      #   customer.assign_attributes({ name: 'David', email: 'a@b.com', logins_count: 5 }, as: :default)
+      #   customer.name         # => "David"
+      #   customer.email        # => "a@b.com"
+      #   customer.logins_count # => nil
+      #
+      # And using the <tt>:admin</tt> role:
+      #
+      #   customer = Customer.new
+      #   customer.assign_attributes({ name: 'David', email: 'a@b.com', logins_count: 5}, as: :admin)
+      #   customer.name         # => "David"
+      #   customer.email        # => nil
+      #   customer.logins_count # => nil
+      #
+      #   customer.email = 'c@d.com'
+      #   customer.email # => "c@d.com"
+      #
+      # To start from an all-closed default and enable attributes as needed,
+      # have a look at +attr_accessible+.
+      #
+      # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of
+      # +attr_protected+ to sanitize attributes provides basically the same
+      # functionality, but it makes a bit tricky to deal with nested attributes.
+      def attr_protected(*args)
+        options = args.extract_options!
+        role = options[:as] || :default
+
+        self._protected_attributes = protected_attributes_configs.dup
+
+        Array(role).each do |name|
+          self._protected_attributes[name] = self.protected_attributes(name) + args
+        end
+
+        self._uses_mass_assignment_security = true
+        self._active_authorizer = self._protected_attributes
+      end
+
+      # Specifies a white list of model attributes that can be set via
+      # mass-assignment.
+      #
+      # Like +attr_protected+, a role for the attributes is optional,
+      # if no role is provided then <tt>:default</tt> is used. A role can be
+      # defined by using the <tt>:as</tt> option with a symbol or an array of
+      # symbols as the value.
+      #
+      # This is the opposite of the +attr_protected+ macro: Mass-assignment
+      # will only set attributes in this list, to assign to the rest of
+      # attributes you can use direct writer methods. This is meant to protect
+      # sensitive attributes from being overwritten by malicious users
+      # tampering with URLs or forms. If you'd rather start from an all-open
+      # default and restrict attributes as needed, have a look at
+      # +attr_protected+.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     attr_accessor :name, :credit_rating
+      #
+      #     # Both admin and default user can change name of a customer
+      #     attr_accessible :name, as: [:admin, :default]
+      #     # Only admin can change credit rating of a customer
+      #     attr_accessible :credit_rating, as: :admin
+      #
+      #     def assign_attributes(values, options = {})
+      #       sanitize_for_mass_assignment(values, options[:as]).each do |k, v|
+      #         send("#{k}=", v)
+      #       end
+      #     end
+      #   end
+      #
+      # When using the <tt>:default</tt> role:
+      #
+      #   customer = Customer.new
+      #   customer.assign_attributes({ name: 'David', credit_rating: 'Excellent', last_login: 1.day.ago }, as: :default)
+      #   customer.name          # => "David"
+      #   customer.credit_rating # => nil
+      #
+      #   customer.credit_rating = 'Average'
+      #   customer.credit_rating # => "Average"
+      #
+      # And using the <tt>:admin</tt> role:
+      #
+      #   customer = Customer.new
+      #   customer.assign_attributes({ name: 'David', credit_rating: 'Excellent', last_login: 1.day.ago }, as: :admin)
+      #   customer.name          # => "David"
+      #   customer.credit_rating # => "Excellent"
+      #
+      # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of
+      # +attr_accessible+ to sanitize attributes provides basically the same
+      # functionality, but it makes a bit tricky to deal with nested attributes.
+      def attr_accessible(*args)
+        options = args.extract_options!
+        role = options[:as] || :default
+
+        self._accessible_attributes = accessible_attributes_configs.dup
+
+        Array(role).each do |name|
+          self._accessible_attributes[name] = self.accessible_attributes(name) + args
+        end
+
+        self._uses_mass_assignment_security = true
+        self._active_authorizer = self._accessible_attributes
+      end
+
+      # Returns an instance of <tt>ActiveModel::MassAssignmentSecurity::BlackList</tt>
+      # with the attributes protected by #attr_protected method. If no +role+
+      # is provided, then <tt>:default</tt> is used.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     attr_accessor :name, :email, :logins_count
+      #
+      #     attr_protected :logins_count
+      #     attr_protected :logins_count, :email, as: :admin
+      #   end
+      #
+      #   Customer.protected_attributes
+      #   # => #<ActiveModel::MassAssignmentSecurity::BlackList: {"logins_count"}>
+      #
+      #   Customer.protected_attributes(:default)
+      #   # => #<ActiveModel::MassAssignmentSecurity::BlackList: {"logins_count"}>
+      #
+      #   Customer.protected_attributes(:admin)
+      #   # => #<ActiveModel::MassAssignmentSecurity::BlackList: {"logins_count", "email"}>
+      def protected_attributes(role = :default)
+        protected_attributes_configs[role]
+      end
+
+      # Returns an instance of <tt>ActiveModel::MassAssignmentSecurity::WhiteList</tt>
+      # with the attributes protected by #attr_accessible method. If no +role+
+      # is provided, then <tt>:default</tt> is used.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     attr_accessor :name, :credit_rating
+      #
+      #     attr_accessible :name, as: [:admin, :default]
+      #     attr_accessible :credit_rating, as: :admin
+      #   end
+      #
+      #   Customer.accessible_attributes
+      #   # => #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name"}>
+      #
+      #   Customer.accessible_attributes(:default)
+      #   # => #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name"}>
+      #
+      #   Customer.accessible_attributes(:admin)
+      #   # => #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name", "credit_rating"}>
+      def accessible_attributes(role = :default)
+        accessible_attributes_configs[role]
+      end
+
+      # Returns a hash with the protected attributes (by #attr_accessible or
+      # #attr_protected) per role.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     attr_accessor :name, :credit_rating
+      #
+      #     attr_accessible :name, as: [:admin, :default]
+      #     attr_accessible :credit_rating, as: :admin
+      #   end
+      #
+      #   Customer.active_authorizers
+      #   # => {
+      #   #       :admin=> #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name", "credit_rating"}>,
+      #   #       :default=>#<ActiveModel::MassAssignmentSecurity::WhiteList: {"name"}>
+      #   #    }
+      def active_authorizers
+        self._active_authorizer ||= protected_attributes_configs
+      end
+      alias active_authorizer active_authorizers
+
+      # Returns an empty array by default. You can still override this to define
+      # the default attributes protected by #attr_protected method.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     def self.attributes_protected_by_default
+      #       [:name]
+      #     end
+      #   end
+      #
+      #   Customer.protected_attributes
+      #   # => #<ActiveModel::MassAssignmentSecurity::BlackList: {:name}>
+      def attributes_protected_by_default
+        []
+      end
+
+      # Defines sanitize method.
+      #
+      #   class Customer
+      #     include ActiveModel::MassAssignmentSecurity
+      #
+      #     attr_accessor :name
+      #
+      #     attr_protected :name
+      #
+      #     def assign_attributes(values)
+      #       sanitize_for_mass_assignment(values).each do |k, v|
+      #         send("#{k}=", v)
+      #       end
+      #     end
+      #   end
+      #
+      #   # See ActiveModel::MassAssignmentSecurity::StrictSanitizer for more information.
+      #   Customer.mass_assignment_sanitizer = :strict
+      #
+      #   customer = Customer.new
+      #   customer.assign_attributes(name: 'David')
+      #   # => ActiveModel::MassAssignmentSecurity::Error: Can't mass-assign protected attributes for Customer: name
+      #
+      # Also, you can specify your own sanitizer object.
+      #
+      #   class CustomSanitizer < ActiveModel::MassAssignmentSecurity::Sanitizer
+      #     def process_removed_attributes(klass, attrs)
+      #       raise StandardError
+      #     end
+      #   end
+      #
+      #   Customer.mass_assignment_sanitizer = CustomSanitizer.new
+      #
+      #   customer = Customer.new
+      #   customer.assign_attributes(name: 'David')
+      #   # => StandardError: StandardError
+      def mass_assignment_sanitizer=(value)
+        self._mass_assignment_sanitizer = if value.is_a?(Symbol)
+          const_get(:"#{value.to_s.camelize}Sanitizer").new(self)
+        else
+          value
+        end
+      end
+
+      private
+
+      def protected_attributes_configs
+        self._protected_attributes ||= begin
+          Hash.new { |h,k| h[k] = BlackList.new(attributes_protected_by_default) }
+        end
+      end
+
+      def accessible_attributes_configs
+        self._accessible_attributes ||= begin
+          Hash.new { |h,k| h[k] = WhiteList.new }
+        end
+      end
+    end
+
+  protected
+
+    def sanitize_for_mass_assignment(attributes, role = nil) #:nodoc:
+      if _uses_mass_assignment_security
+        _mass_assignment_sanitizer.sanitize(self.class, attributes, mass_assignment_authorizer(role))
+      else
+        sanitize_forbidden_attributes(attributes)
+      end
+    end
+
+    def mass_assignment_authorizer(role) #:nodoc:
+      self.class.active_authorizer[role || :default]
+    end
+  end
+end