rack-ip-authorizer 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE.txt +22 -0
  3. data/README.md +50 -0
  4. data/lib/rack-ip-authorizer.rb +21 -0
  5. data/lib/rack/ip_authorizer.rb +39 -0
  6. data/lib/rack/version.rb +3 -0
  7. data/spec/rake_ip_authorizer_spec.rb +52 -0
  8. metadata +107 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 993db83818bbc2e86eea1a34d2e7cc95df985c54
4
+ data.tar.gz: f2fc88991a8a11152171af536ec2ec4c29b35912
5
+ SHA512:
6
+ metadata.gz: 45726c05a235d93659029324833ecac8bbc5fffdf8ee66e9a6c7525e06c28fd724cc1fba81cb61d2e2dde7bb2dfbecff1586752561f6717108160554630b04cb
7
+ data.tar.gz: bcc60a36e4e451cbf53fcaf54f28bad1f27ab47dbe799cc06b5c48df9b3935e6d096568f45b1a7a1a3ec15a97ee32521baee8647226e1197388c6e3a52739a1a
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2014 telzamek
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,50 @@
1
+ # Rack::Ip::Authorizer
2
+
3
+ Basic Rack middleware for checking Rails3 request remote IP
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'rack-ip-authorizer'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install rack-ip-authorizer
18
+
19
+ ## Usage
20
+
21
+ ### Rails 3 apps
22
+
23
+ 1. Create a file named "ip_authorizations.yml" in the config directory
24
+ 2. Fill it with key as path and values as IPs:
25
+
26
+ ```yaml
27
+ admin:
28
+ - 192.168.0.1
29
+ - 192.168.0.2
30
+ - 192.168.0.3
31
+ superadmin:
32
+ - 192.168.0.1
33
+ - 192.168.0.2
34
+ ```
35
+
36
+ Environment filter
37
+
38
+ Create an initializer and fill it with:
39
+
40
+ ```ruby
41
+ Rack::IpAuthorizer.env_to_check = ['staging','development']
42
+ ```
43
+
44
+ ## Contributing
45
+
46
+ 1. Fork it
47
+ 2. Create your feature branch
48
+ 3. Commit your changes
49
+ 4. Push to the branch
50
+ 5. Create new Pull Request
data/lib/rack-ip-authorizer.rb ADDED
@@ -0,0 +1,21 @@
1
+ require File.join(File.expand_path(File.dirname(__FILE__)), 'rack/ip_authorizer')
2
+ require 'yaml'
3
+
4
+ if defined? Rails
5
+ case Rails::VERSION::MAJOR
6
+ when 3
7
+ path = File.join(File.expand_path('config'), '/ip_authorizations.yml')
8
+
9
+ if File.exists?(path)
10
+ ip_authorizations_by_path = YAML.load_file(path)
11
+ else
12
+ raise "config/ip_authorizations.yml is missing"
13
+ end
14
+
15
+ class Rack::IpAuthorizer::Railtie < Rails::Railtie
16
+ initializer('rack-ip-authorizer.append') { |app|
17
+ app.config.middleware.insert_after(ActionDispatch::RemoteIp, Rack::IpAuthorizer, ip_authorizations_by_path)
18
+ }
19
+ end
20
+ end
21
+ end
data/lib/rack/ip_authorizer.rb ADDED
@@ -0,0 +1,39 @@
1
+ require "rack/version"
2
+
3
+ module Rack
4
+ class IpAuthorizer
5
+ @env_to_check = ["production"]
6
+ class << self
7
+ attr_accessor :env_to_check
8
+ end
9
+
10
+ def initialize(app, ip_authorizations_by_path)
11
+ @app, @ip_authorizations_by_path = app, ip_authorizations_by_path
12
+ end
13
+
14
+ def call(env)
15
+ if Rack::IpAuthorizer.env_to_check.include? Rails.env
16
+ req = Rack::Request.new(env)
17
+
18
+ @ip_authorizations_by_path.each do |protected_url, authorized_ips|
19
+ if req.path.start_with?("/#{protected_url}") && !authorized_ips.include?(req.env['REMOTE_ADDR'])
20
+ return forbidden
21
+ end
22
+ end
23
+ end
24
+
25
+ @app.call(env)
26
+ end
27
+
28
+ private
29
+
30
+ def forbidden
31
+ [403,
32
+ {'Content-Type' => 'text/plain',
33
+ 'Content-Length' => '0'},
34
+ []
35
+ ]
36
+ end
37
+
38
+ end
39
+ end
data/lib/rack/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module RackIpAuthorizer
2
+ VERSION = "0.0.1"
3
+ end
data/spec/rake_ip_authorizer_spec.rb ADDED
@@ -0,0 +1,52 @@
1
+ lib = File.expand_path('../../lib', __FILE__)
2
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
+
4
+ require 'rack/test'
5
+ require 'minitest/autorun'
6
+ require 'rack/ip_authorizer'
7
+
8
+ class Rails
9
+ def self.env
10
+ end
11
+ end
12
+
13
+ class IpAuthorizerTest < MiniTest::Unit::TestCase
14
+ include Rack::Test::Methods
15
+
16
+ def app
17
+ inner_app = lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['Hello']] }
18
+ Rack::IpAuthorizer.new(inner_app, {'test' => ['1.1.1.1', '1.1.1.2'], 'admin' => ['2.2.2.2']})
19
+ end
20
+
21
+ def setup
22
+ Rack::IpAuthorizer.env_to_check = ['development']
23
+ end
24
+
25
+ def check_ip_for_path(path, ip, expected_result = 200, env = 'development')
26
+ Rails.stub :env, env do
27
+ get path, {}, {'REMOTE_ADDR' => ip}
28
+ assert last_response.status == expected_result
29
+ end
30
+ end
31
+
32
+ def test_env_checked
33
+ check_ip_for_path('/test', '1.1.1.1')
34
+ end
35
+
36
+ def test_env_ignored
37
+ Rack::IpAuthorizer.env_to_check = ['staging']
38
+ check_ip_for_path('/test', '1.1.1.1', 200, 'staging')
39
+ end
40
+
41
+ def test_ip_allowed
42
+ check_ip_for_path('/test', '1.1.1.1')
43
+ check_ip_for_path('/test', '1.1.1.2')
44
+ check_ip_for_path('/admin', '2.2.2.2')
45
+ end
46
+
47
+ def test_ip_refused
48
+ check_ip_for_path('/test', '2.2.2.2', 403)
49
+ check_ip_for_path('/admin', '1.1.1.1', 403)
50
+ check_ip_for_path('/admin', '1.1.1.2', 403)
51
+ end
52
+ end
metadata ADDED
@@ -0,0 +1,107 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-ip-authorizer
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Thibault El Zamek, Cédric Darné, Lionel Oto
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-05-26 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rack
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ~>
32
+ - !ruby/object:Gem::Version
33
+ version: '1.3'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: '1.3'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - '>='
46
+ - !ruby/object:Gem::Version
47
+ version: '1.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '1.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rack-test
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: 0.6.2
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ~>
67
+ - !ruby/object:Gem::Version
68
+ version: 0.6.2
69
+ description: Basic Rack middleware for checking Rails3 request remote ip
70
+ email:
71
+ - thibault.elzamek@c4mprod.com, cedric.darne@c4mprod.com, lionel.oto@c4mprod.com
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - LICENSE.txt
77
+ - README.md
78
+ - lib/rack/version.rb
79
+ - lib/rack/ip_authorizer.rb
80
+ - lib/rack-ip-authorizer.rb
81
+ - spec/rake_ip_authorizer_spec.rb
82
+ homepage: ''
83
+ licenses:
84
+ - MIT
85
+ metadata: {}
86
+ post_install_message:
87
+ rdoc_options: []
88
+ require_paths:
89
+ - lib
90
+ required_ruby_version: !ruby/object:Gem::Requirement
91
+ requirements:
92
+ - - '>='
93
+ - !ruby/object:Gem::Version
94
+ version: '0'
95
+ required_rubygems_version: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - '>='
98
+ - !ruby/object:Gem::Version
99
+ version: '0'
100
+ requirements: []
101
+ rubyforge_project:
102
+ rubygems_version: 2.1.11
103
+ signing_key:
104
+ specification_version: 4
105
+ summary: Basic Rack middleware for checking Rails3 request remote ip
106
+ test_files:
107
+ - spec/rake_ip_authorizer_spec.rb