rails_safe_tasks 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: efc6f9c7b18b62d7cfd30682dd4b74a7371d76fa
+  data.tar.gz: 893e72b6e20dd467b589ac04ea99494746abbf89
+SHA512:
+  metadata.gz: 36fc019a7aa2201cb9d29cb7bb1b5aa128fe0472006cc5477c0845d8c9ab32409751a63e6b11d42afc950516980611087fac151f3158828ec37657d79fd8783a
+  data.tar.gz: 389fe332aacfa30565de5503c56f083a623d2f60ac127855bfe93780b2bb7031a224e6c81446cae9522b300ba0d0f01b0c4d85d636ead99d27224291f75b92a8

data/lib/rails_safe_tasks.rb

@@ -0,0 +1,53 @@
+require 'rails_safe_tasks/railtie'
+
+module RailsSafeTasks
+  class << self
+
+    #
+    # An array of built-in task names which should be protected.
+    #
+    def dangerous_tasks
+      @dangerous_tasks ||= [
+        'db:drop',
+        'db:reset',
+        'db:schema:load',
+        'db:migrate:reset'
+      ]
+    end
+
+    #
+    # An array of RAILS_ENV values which should not permit dangerous tasks
+    # to be executed.
+    #
+    def restricted_environments
+      @restricted_environments ||= ['production']
+    end
+
+    #
+    # Add a custom check which will be executed whenever we check to see if the
+    # current environment should allow dangerous tasks or not.
+    #
+    def custom_check(&block)
+      @custom_checks ||= []
+      @custom_checks << block
+    end
+
+    #
+    # Should the current environment be protected from running dangerous tasks?
+    #
+    def restrict?
+      # Check the list of restricted environments
+      restricted_environments.include?(Rails.env.to_s) ||
+
+      # Check that it's not deployed with Capistrano
+      File.exist?(Rails.root.join('REVISION')) ||
+
+      # Check the custom checker
+      (@custom_checks && @custom_checks.any? { |c| c.call == true }) ||
+
+      # Nothing else matched, it's OK
+      false
+    end
+
+  end
+end

data/lib/rails_safe_tasks/railtie.rb

@@ -0,0 +1,9 @@
+module RailsSafeTasks
+  class Railtie < ::Rails::Railtie
+
+    rake_tasks do
+      load File.expand_path(File.join('..', '..', 'tasks', 'rails_safe_tasks.rake'), __FILE__)
+    end
+
+  end
+end

data/lib/tasks/rails_safe_tasks.rake

@@ -0,0 +1,18 @@
+namespace :rails_safe_tasks do
+  task :disable do
+    if RailsSafeTasks.restrict?
+      if ENV['I_AM_SURE'] != "1"
+        puts
+        puts "\e[31m** You cannot run this task with the production environment"
+        puts "** If you want to, set the 'I_AM_SURE' environment variable to 1\e[0m"
+        puts "** This has been disabled using the 'rails_safe_tasks' gem."
+        puts
+        exit 1
+      end
+    end
+  end
+end
+
+RailsSafeTasks.dangerous_tasks.each do |task|
+  Rake::Task[task].enhance ['rails_safe_tasks:disable']
+end

metadata

@@ -0,0 +1,47 @@
+--- !ruby/object:Gem::Specification
+name: rails_safe_tasks
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Adam Cooke
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-02-16 00:00:00.000000000 Z
+dependencies: []
+description: Automatically disable dangerous Rake tasks in production
+email:
+- me@adamcooke.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/rails_safe_tasks.rb
+- lib/rails_safe_tasks/railtie.rb
+- lib/tasks/rails_safe_tasks.rake
+homepage: https://github.com/adamcooke/rails_safe_tasks
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Automatically disable dangerous Rake tasks in production
+test_files: []