rack-ip-authorizer 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE.txt +22 -0
  3. data/README.md +50 -0
  4. data/lib/rack-ip-authorizer.rb +21 -0
  5. data/lib/rack/ip_authorizer.rb +39 -0
  6. data/lib/rack/version.rb +3 -0
  7. data/spec/rake_ip_authorizer_spec.rb +52 -0
  8. metadata +107 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 993db83818bbc2e86eea1a34d2e7cc95df985c54
4
+ data.tar.gz: f2fc88991a8a11152171af536ec2ec4c29b35912
5
+ SHA512:
6
+ metadata.gz: 45726c05a235d93659029324833ecac8bbc5fffdf8ee66e9a6c7525e06c28fd724cc1fba81cb61d2e2dde7bb2dfbecff1586752561f6717108160554630b04cb
7
+ data.tar.gz: bcc60a36e4e451cbf53fcaf54f28bad1f27ab47dbe799cc06b5c48df9b3935e6d096568f45b1a7a1a3ec15a97ee32521baee8647226e1197388c6e3a52739a1a
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2014 telzamek
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,50 @@
1
+ # Rack::Ip::Authorizer
2
+
3
+ Basic Rack middleware for checking Rails3 request remote IP
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ gem 'rack-ip-authorizer'
10
+
11
+ And then execute:
12
+
13
+ $ bundle
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install rack-ip-authorizer
18
+
19
+ ## Usage
20
+
21
+ ### Rails 3 apps
22
+
23
+ 1. Create a file named "ip_authorizations.yml" in the config directory
24
+ 2. Fill it with key as path and values as IPs:
25
+
26
+ ```yaml
27
+ admin:
28
+ - 192.168.0.1
29
+ - 192.168.0.2
30
+ - 192.168.0.3
31
+ superadmin:
32
+ - 192.168.0.1
33
+ - 192.168.0.2
34
+ ```
35
+
36
+ Environment filter
37
+
38
+ Create an initializer and fill it with:
39
+
40
+ ```ruby
41
+ Rack::IpAuthorizer.env_to_check = ['staging','development']
42
+ ```
43
+
44
+ ## Contributing
45
+
46
+ 1. Fork it
47
+ 2. Create your feature branch
48
+ 3. Commit your changes
49
+ 4. Push to the branch
50
+ 5. Create new Pull Request
data/lib/rack-ip-authorizer.rb ADDED
@@ -0,0 +1,21 @@
1
+ require File.join(File.expand_path(File.dirname(__FILE__)), 'rack/ip_authorizer')
2
+ require 'yaml'
3
+
4
+ if defined? Rails
5
+ case Rails::VERSION::MAJOR
6
+ when 3
7
+ path = File.join(File.expand_path('config'), '/ip_authorizations.yml')
8
+
9
+ if File.exists?(path)
10
+ ip_authorizations_by_path = YAML.load_file(path)
11
+ else
12
+ raise "config/ip_authorizations.yml is missing"
13
+ end
14
+
15
+ class Rack::IpAuthorizer::Railtie < Rails::Railtie
16
+ initializer('rack-ip-authorizer.append') { |app|
17
+ app.config.middleware.insert_after(ActionDispatch::RemoteIp, Rack::IpAuthorizer, ip_authorizations_by_path)
18
+ }
19
+ end
20
+ end
21
+ end
data/lib/rack/ip_authorizer.rb ADDED
@@ -0,0 +1,39 @@
1
+ require "rack/version"
2
+
3
+ module Rack
4
+ class IpAuthorizer
5
+ @env_to_check = ["production"]
6
+ class << self
7
+ attr_accessor :env_to_check
8
+ end
9
+
10
+ def initialize(app, ip_authorizations_by_path)
11
+ @app, @ip_authorizations_by_path = app, ip_authorizations_by_path
12
+ end
13
+
14
+ def call(env)
15
+ if Rack::IpAuthorizer.env_to_check.include? Rails.env
16
+ req = Rack::Request.new(env)
17
+
18
+ @ip_authorizations_by_path.each do |protected_url, authorized_ips|
19
+ if req.path.start_with?("/#{protected_url}") && !authorized_ips.include?(req.env['REMOTE_ADDR'])
20
+ return forbidden
21
+ end
22
+ end
23
+ end
24
+
25
+ @app.call(env)
26
+ end
27
+
28
+ private
29
+
30
+ def forbidden
31
+ [403,
32
+ {'Content-Type' => 'text/plain',
33
+ 'Content-Length' => '0'},
34
+ []
35
+ ]
36
+ end
37
+
38
+ end
39
+ end
data/lib/rack/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module RackIpAuthorizer
2
+ VERSION = "0.0.1"
3
+ end
data/spec/rake_ip_authorizer_spec.rb ADDED
@@ -0,0 +1,52 @@
1
+ lib = File.expand_path('../../lib', __FILE__)
2
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
+
4
+ require 'rack/test'
5
+ require 'minitest/autorun'
6
+ require 'rack/ip_authorizer'
7
+
8
+ class Rails
9
+ def self.env
10
+ end
11
+ end
12
+
13
+ class IpAuthorizerTest < MiniTest::Unit::TestCase
14
+ include Rack::Test::Methods
15
+
16
+ def app
17
+ inner_app = lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['Hello']] }
18
+ Rack::IpAuthorizer.new(inner_app, {'test' => ['1.1.1.1', '1.1.1.2'], 'admin' => ['2.2.2.2']})
19
+ end
20
+
21
+ def setup
22
+ Rack::IpAuthorizer.env_to_check = ['development']
23
+ end
24
+
25
+ def check_ip_for_path(path, ip, expected_result = 200, env = 'development')
26
+ Rails.stub :env, env do
27
+ get path, {}, {'REMOTE_ADDR' => ip}
28
+ assert last_response.status == expected_result
29
+ end
30
+ end
31
+
32
+ def test_env_checked
33
+ check_ip_for_path('/test', '1.1.1.1')
34
+ end
35
+
36
+ def test_env_ignored
37
+ Rack::IpAuthorizer.env_to_check = ['staging']
38
+ check_ip_for_path('/test', '1.1.1.1', 200, 'staging')
39
+ end
40
+
41
+ def test_ip_allowed
42
+ check_ip_for_path('/test', '1.1.1.1')
43
+ check_ip_for_path('/test', '1.1.1.2')
44
+ check_ip_for_path('/admin', '2.2.2.2')
45
+ end
46
+
47
+ def test_ip_refused
48
+ check_ip_for_path('/test', '2.2.2.2', 403)
49
+ check_ip_for_path('/admin', '1.1.1.1', 403)
50
+ check_ip_for_path('/admin', '1.1.1.2', 403)
51
+ end
52
+ end
metadata ADDED
@@ -0,0 +1,107 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-ip-authorizer
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Thibault El Zamek, Cédric Darné, Lionel Oto
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-05-26 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rack
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ~>
32
+ - !ruby/object:Gem::Version
33
+ version: '1.3'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: '1.3'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - '>='
46
+ - !ruby/object:Gem::Version
47
+ version: '1.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '1.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rack-test
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: 0.6.2
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ~>
67
+ - !ruby/object:Gem::Version
68
+ version: 0.6.2
69
+ description: Basic Rack middleware for checking Rails3 request remote ip
70
+ email:
71
+ - thibault.elzamek@c4mprod.com, cedric.darne@c4mprod.com, lionel.oto@c4mprod.com
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - LICENSE.txt
77
+ - README.md
78
+ - lib/rack/version.rb
79
+ - lib/rack/ip_authorizer.rb
80
+ - lib/rack-ip-authorizer.rb
81
+ - spec/rake_ip_authorizer_spec.rb
82
+ homepage: ''
83
+ licenses:
84
+ - MIT
85
+ metadata: {}
86
+ post_install_message:
87
+ rdoc_options: []
88
+ require_paths:
89
+ - lib
90
+ required_ruby_version: !ruby/object:Gem::Requirement
91
+ requirements:
92
+ - - '>='
93
+ - !ruby/object:Gem::Version
94
+ version: '0'
95
+ required_rubygems_version: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - '>='
98
+ - !ruby/object:Gem::Version
99
+ version: '0'
100
+ requirements: []
101
+ rubyforge_project:
102
+ rubygems_version: 2.1.11
103
+ signing_key:
104
+ specification_version: 4
105
+ summary: Basic Rack middleware for checking Rails3 request remote ip
106
+ test_files:
107
+ - spec/rake_ip_authorizer_spec.rb