safer_rails_console 0.4.1 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +86 -0
- data/.github/CODEOWNERS +1 -0
- data/.gitignore +1 -0
- data/.rubocop.yml +7 -0
- data/Appraisals +7 -9
- data/CHANGELOG.md +48 -6
- data/Gemfile +2 -0
- data/README.md +4 -1
- data/Rakefile +2 -0
- data/bin/console +4 -3
- data/gemfiles/{5.0.gemfile → 6.1.gemfile} +1 -1
- data/gemfiles/{5.1.gemfile → 7.0.gemfile} +1 -1
- data/lib/safer_rails_console/colors.rb +4 -0
- data/lib/safer_rails_console/console.rb +9 -3
- data/lib/safer_rails_console/consoles/irb.rb +7 -11
- data/lib/safer_rails_console/patches/boot/sandbox_flag.rb +8 -51
- data/lib/safer_rails_console/patches/boot.rb +3 -1
- data/lib/safer_rails_console/patches/railtie/sandbox.rb +9 -8
- data/lib/safer_rails_console/patches/railtie.rb +3 -1
- data/lib/safer_rails_console/patches/sandbox/auto_rollback.rb +18 -18
- data/lib/safer_rails_console/patches/sandbox/transaction_read_only.rb +14 -16
- data/lib/safer_rails_console/patches/sandbox.rb +3 -1
- data/lib/safer_rails_console/rails_version.rb +6 -28
- data/lib/safer_rails_console/railtie.rb +3 -1
- data/lib/safer_rails_console/version.rb +3 -1
- data/lib/safer_rails_console.rb +10 -4
- data/safer_rails_console.gemspec +12 -6
- metadata +24 -23
- data/.travis.yml +0 -31
- data/gemfiles/5.2.gemfile +0 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec564183ae00b04c696c1a114ca102cf21e939a64efa9877658b3928e33c164b
|
4
|
+
data.tar.gz: 726b923163ba0ee2319609533565a7011e8067653a84194141c7306ecc95dc5f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 06417d2590224e02b198e4602e7e88662a43dfadd88df1c6e62a75a02e0f933ab08ee5d6ca064fc4532ce052a84ab13d22108a5668e577cd1e96a92313e8b58d
|
7
|
+
data.tar.gz: 21e40876d56b75c4fb91491e62c1fda88933621983ce6a78e21e925adbe5ee28abe3c3b870aaa576d4559a63ad1221d19f84aad7d67d597a2b5c366cf29aa2fe
|
@@ -0,0 +1,86 @@
|
|
1
|
+
version: 2.1
|
2
|
+
jobs:
|
3
|
+
lint:
|
4
|
+
docker:
|
5
|
+
- image: salsify/ruby_ci:2.7.6
|
6
|
+
working_directory: ~/safer_rails_console
|
7
|
+
steps:
|
8
|
+
- checkout
|
9
|
+
- restore_cache:
|
10
|
+
keys:
|
11
|
+
- v2-gems-ruby-2.7.6-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "Gemfile" }}
|
12
|
+
- v2-gems-ruby-2.7.6-
|
13
|
+
- run:
|
14
|
+
name: Install Gems
|
15
|
+
command: |
|
16
|
+
if ! bundle check --path=vendor/bundle; then
|
17
|
+
bundle install --path=vendor/bundle --jobs=4 --retry=3
|
18
|
+
bundle clean
|
19
|
+
fi
|
20
|
+
- save_cache:
|
21
|
+
key: v2-gems-ruby-2.7.6-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "Gemfile" }}
|
22
|
+
paths:
|
23
|
+
- "vendor/bundle"
|
24
|
+
- "gemfiles/vendor/bundle"
|
25
|
+
- run:
|
26
|
+
name: Run Rubocop
|
27
|
+
command: bundle exec rubocop
|
28
|
+
test:
|
29
|
+
parameters:
|
30
|
+
ruby_version:
|
31
|
+
type: string
|
32
|
+
gemfile:
|
33
|
+
type: string
|
34
|
+
docker:
|
35
|
+
- image: salsify/ruby_ci:<< parameters.ruby_version >>
|
36
|
+
environment:
|
37
|
+
CIRCLE_TEST_REPORTS: "test-results"
|
38
|
+
BUNDLE_GEMFILE: "/home/circleci/safer_rails_console/<< parameters.gemfile >>"
|
39
|
+
- image: cimg/postgres:12.9
|
40
|
+
environment:
|
41
|
+
POSTGRES_USER: "circleci"
|
42
|
+
POSTGRES_DB: "safer_rails_console_test"
|
43
|
+
POSTGRES_HOST_AUTH_METHOD: "trust"
|
44
|
+
working_directory: ~/safer_rails_console
|
45
|
+
steps:
|
46
|
+
- checkout
|
47
|
+
- restore_cache:
|
48
|
+
keys:
|
49
|
+
- v2-gems-ruby-<< parameters.ruby_version >>-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "<< parameters.gemfile >>" }}
|
50
|
+
- v2-gems-ruby-<< parameters.ruby_version >>-
|
51
|
+
- run:
|
52
|
+
name: Install Gems
|
53
|
+
command: |
|
54
|
+
if ! bundle check --path=vendor/bundle; then
|
55
|
+
bundle install --path=vendor/bundle --jobs=4 --retry=3
|
56
|
+
bundle clean
|
57
|
+
fi
|
58
|
+
- save_cache:
|
59
|
+
key: v2-gems-ruby-<< parameters.ruby_version >>-{{ checksum "safer_rails_console.gemspec" }}-{{ checksum "<< parameters.gemfile >>" }}
|
60
|
+
paths:
|
61
|
+
- "vendor/bundle"
|
62
|
+
- "gemfiles/vendor/bundle"
|
63
|
+
- run:
|
64
|
+
name: Run Tests
|
65
|
+
command: |
|
66
|
+
bundle exec rspec --format RspecJunitFormatter --out $CIRCLE_TEST_REPORTS/rspec/junit.xml --format progress spec
|
67
|
+
- store_test_results:
|
68
|
+
path: "test-results"
|
69
|
+
workflows:
|
70
|
+
build:
|
71
|
+
jobs:
|
72
|
+
- lint
|
73
|
+
- test:
|
74
|
+
matrix:
|
75
|
+
parameters:
|
76
|
+
ruby_version:
|
77
|
+
- "2.7.6"
|
78
|
+
- "3.0.4"
|
79
|
+
- "3.1.2"
|
80
|
+
gemfile:
|
81
|
+
- "gemfiles/6.0.gemfile"
|
82
|
+
- "gemfiles/6.1.gemfile"
|
83
|
+
- "gemfiles/7.0.gemfile"
|
84
|
+
exclude:
|
85
|
+
- ruby_version: "3.1.2"
|
86
|
+
gemfile: "gemfiles/6.0.gemfile"
|
data/.github/CODEOWNERS
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
* @jturkel @will89 @mattsmith0308
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
data/Appraisals
CHANGED
@@ -1,15 +1,13 @@
|
|
1
|
-
|
2
|
-
gem 'rails', '~> 5.0.0'
|
3
|
-
end
|
1
|
+
# frozen_string_literal: true
|
4
2
|
|
5
|
-
appraise '
|
6
|
-
gem 'rails', '~>
|
3
|
+
appraise '6.0' do
|
4
|
+
gem 'rails', '~> 6.0.0'
|
7
5
|
end
|
8
6
|
|
9
|
-
appraise '
|
10
|
-
gem 'rails', '~>
|
7
|
+
appraise '6.1' do
|
8
|
+
gem 'rails', '~> 6.1.0'
|
11
9
|
end
|
12
10
|
|
13
|
-
appraise '
|
14
|
-
gem 'rails', '~>
|
11
|
+
appraise '7.0' do
|
12
|
+
gem 'rails', '~> 7.0.0'
|
15
13
|
end
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,43 @@
|
|
1
|
-
#
|
1
|
+
# Changelog
|
2
|
+
|
3
|
+
## v0.6.0
|
4
|
+
- Drop support for Ruby < 2.7 and Rails < 6.0.
|
5
|
+
- Add support for Ruby 3.1.
|
6
|
+
- Add support for Rails 7.0.
|
7
|
+
|
8
|
+
## [v0.5.1](https://github.com/salsify/safer_rails_console/tree/v0.5.0) (2020-01-29)
|
9
|
+
|
10
|
+
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.5.0...v0.5.1)
|
11
|
+
|
12
|
+
**Merged pull requests:**
|
13
|
+
|
14
|
+
- Ruby 3 Support [\#39](https://github.com/salsify/safer_rails_console/pull/39) ([kphelps](https://github.com/kphelps))
|
15
|
+
|
16
|
+
## [v0.5.0](https://github.com/salsify/safer_rails_console/tree/v0.5.0) (2020-12-15)
|
17
|
+
|
18
|
+
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.4.1...v0.5.0)
|
19
|
+
|
20
|
+
**Merged pull requests:**
|
21
|
+
|
22
|
+
- Enable frozen string literals cop [\#36](https://github.com/salsify/safer_rails_console/pull/36) ([jturkel](https://github.com/jturkel))
|
23
|
+
- Rails 6.1 Support [\#35](https://github.com/salsify/safer_rails_console/pull/35) ([jturkel](https://github.com/jturkel))
|
24
|
+
- Migrate to CircleCI [\#34](https://github.com/salsify/safer_rails_console/pull/34) ([jturkel](https://github.com/jturkel))
|
25
|
+
|
26
|
+
## [v0.4.1](https://github.com/salsify/safer_rails_console/tree/v0.4.1) (2020-10-13)
|
27
|
+
|
28
|
+
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.4.0...v0.4.1)
|
29
|
+
|
30
|
+
**Closed issues:**
|
31
|
+
|
32
|
+
- No default settings for rails 5.1 and 5.2 [\#29](https://github.com/salsify/safer_rails_console/issues/29)
|
33
|
+
|
34
|
+
**Merged pull requests:**
|
35
|
+
|
36
|
+
- Bump version v0.4.1 [\#33](https://github.com/salsify/safer_rails_console/pull/33) ([alexsalsify](https://github.com/alexsalsify))
|
37
|
+
- Add support for config values from ENV variables [\#32](https://github.com/salsify/safer_rails_console/pull/32) ([alexsalsify](https://github.com/alexsalsify))
|
2
38
|
|
3
39
|
## [v0.4.0](https://github.com/salsify/safer_rails_console/tree/v0.4.0) (2019-09-19)
|
40
|
+
|
4
41
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.3.0...v0.4.0)
|
5
42
|
|
6
43
|
**Closed issues:**
|
@@ -10,10 +47,11 @@
|
|
10
47
|
**Merged pull requests:**
|
11
48
|
|
12
49
|
- Use Postgres for local development too [\#28](https://github.com/salsify/safer_rails_console/pull/28) ([jturkel](https://github.com/jturkel))
|
13
|
-
- Rails 6.0 support [\#
|
50
|
+
- Rails 6.0 support [\#27](https://github.com/salsify/safer_rails_console/pull/27) ([jturkel](https://github.com/jturkel))
|
14
51
|
- Drop Rails 4.2 support [\#26](https://github.com/salsify/safer_rails_console/pull/26) ([jturkel](https://github.com/jturkel))
|
15
52
|
|
16
53
|
## [v0.3.0](https://github.com/salsify/safer_rails_console/tree/v0.3.0) (2018-04-16)
|
54
|
+
|
17
55
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.2.0...v0.3.0)
|
18
56
|
|
19
57
|
**Merged pull requests:**
|
@@ -21,6 +59,7 @@
|
|
21
59
|
- Add support for Rails 5.2; remove support for Rails 4.1 [\#24](https://github.com/salsify/safer_rails_console/pull/24) ([timothysu](https://github.com/timothysu))
|
22
60
|
|
23
61
|
## [v0.2.0](https://github.com/salsify/safer_rails_console/tree/v0.2.0) (2017-09-07)
|
62
|
+
|
24
63
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.1.4...v0.2.0)
|
25
64
|
|
26
65
|
**Implemented enhancements:**
|
@@ -35,6 +74,7 @@
|
|
35
74
|
- Change 'sandboxed' and 'unsandboxed' to 'read-only' and 'writable' and add respective flags [\#20](https://github.com/salsify/safer_rails_console/pull/20) ([timothysu](https://github.com/timothysu))
|
36
75
|
|
37
76
|
## [v0.1.4](https://github.com/salsify/safer_rails_console/tree/v0.1.4) (2017-08-15)
|
77
|
+
|
38
78
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.1.3...v0.1.4)
|
39
79
|
|
40
80
|
**Fixed bugs:**
|
@@ -47,6 +87,7 @@
|
|
47
87
|
- Patch PostgreSQLAdapter\#execute\_and\_clear instead of AbstractAdapter\#log for auto-rollback [\#15](https://github.com/salsify/safer_rails_console/pull/15) ([timothysu](https://github.com/timothysu))
|
48
88
|
|
49
89
|
## [v0.1.3](https://github.com/salsify/safer_rails_console/tree/v0.1.3) (2017-08-02)
|
90
|
+
|
50
91
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.1.2...v0.1.3)
|
51
92
|
|
52
93
|
**Fixed bugs:**
|
@@ -59,6 +100,7 @@
|
|
59
100
|
- Resolve sqlite3 dependency warning [\#11](https://github.com/salsify/safer_rails_console/pull/11) ([timothysu](https://github.com/timothysu))
|
60
101
|
|
61
102
|
## [v0.1.2](https://github.com/salsify/safer_rails_console/tree/v0.1.2) (2017-07-21)
|
103
|
+
|
62
104
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.1.1...v0.1.2)
|
63
105
|
|
64
106
|
**Merged pull requests:**
|
@@ -66,6 +108,7 @@
|
|
66
108
|
- Dasherize the app name given CamelCase [\#10](https://github.com/salsify/safer_rails_console/pull/10) ([timothysu](https://github.com/timothysu))
|
67
109
|
|
68
110
|
## [v0.1.1](https://github.com/salsify/safer_rails_console/tree/v0.1.1) (2017-07-07)
|
111
|
+
|
69
112
|
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/v0.1.0...v0.1.1)
|
70
113
|
|
71
114
|
**Fixed bugs:**
|
@@ -77,10 +120,9 @@
|
|
77
120
|
- Add support for Spring [\#8](https://github.com/salsify/safer_rails_console/pull/8) ([timothysu](https://github.com/timothysu))
|
78
121
|
|
79
122
|
## [v0.1.0](https://github.com/salsify/safer_rails_console/tree/v0.1.0) (2017-06-26)
|
80
|
-
**Merged pull requests:**
|
81
|
-
|
82
|
-
- Initial Implementation [\#2](https://github.com/salsify/safer_rails_console/pull/2) ([timothysu](https://github.com/timothysu))
|
83
123
|
|
124
|
+
[Full Changelog](https://github.com/salsify/safer_rails_console/compare/baddba2bc069bc6d72e779d8c157e19d26b30fc1...v0.1.0)
|
84
125
|
|
126
|
+
**Merged pull requests:**
|
85
127
|
|
86
|
-
|
128
|
+
- Initial Implementation [\#2](https://github.com/salsify/safer_rails_console/pull/2) ([timothysu](https://github.com/timothysu))
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -1,4 +1,7 @@
|
|
1
|
-
# SaferRailsConsole
|
1
|
+
# SaferRailsConsole
|
2
|
+
|
3
|
+
[![Build Status](https://circleci.com/gh/salsify/safer_rails_console.svg?style=svg)](https://circleci.com/gh/salsify/safer_rails_console)
|
4
|
+
[![Gem Version](https://badge.fury.io/rb/safer_rails_console.svg)](https://badge.fury.io/rb/safer_rails_console)
|
2
5
|
|
3
6
|
This gem makes Rails console sessions less dangerous in specified environments by warning, color-coding, auto-sandboxing, and allowing read-only external connections (disables job queueing, non-GET requests, etc.)
|
4
7
|
|
data/Rakefile
CHANGED
data/bin/console
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
2
3
|
|
3
|
-
require
|
4
|
-
require
|
4
|
+
require 'bundler/setup'
|
5
|
+
require 'safer_rails_console'
|
5
6
|
|
6
7
|
# You can add fixtures and/or initialization code here to make experimenting
|
7
8
|
# with your gem easier. You can also use a different console, if you like.
|
@@ -10,5 +11,5 @@ require "safer_rails_console"
|
|
10
11
|
# require "pry"
|
11
12
|
# Pry.start
|
12
13
|
|
13
|
-
require
|
14
|
+
require 'irb'
|
14
15
|
IRB.start(__FILE__)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module SaferRailsConsole
|
2
4
|
module Console
|
3
5
|
class << self
|
@@ -12,13 +14,17 @@ module SaferRailsConsole
|
|
12
14
|
end
|
13
15
|
|
14
16
|
def load_config
|
15
|
-
gem = Gem::Specification.find_by_name('safer_rails_console')
|
17
|
+
gem = Gem::Specification.find_by_name('safer_rails_console')
|
16
18
|
gem_root = gem.gem_dir
|
17
|
-
ARGV.push
|
19
|
+
ARGV.push(
|
20
|
+
'-r',
|
21
|
+
File.join(gem_root, 'lib', 'safer_rails_console', 'consoles', "#{SaferRailsConsole.config.console}.rb")
|
22
|
+
)
|
18
23
|
end
|
19
24
|
|
20
25
|
def sandbox_user_prompt
|
21
|
-
puts
|
26
|
+
puts 'Defaulting the console into sandbox mode.' # rubocop:disable Rails/Output
|
27
|
+
puts "Type 'disable' to disable. Anything else will begin a sandboxed session:" # rubocop:disable Rails/Output
|
22
28
|
input = gets.strip
|
23
29
|
input != 'disable'
|
24
30
|
end
|
@@ -1,10 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
-
app_name =
|
4
|
-
::Rails.application.class.module_parent.to_s.underscore.dasherize
|
5
|
-
else
|
6
|
-
::Rails.application.class.parent.to_s.underscore.dasherize
|
7
|
-
end
|
3
|
+
app_name = ::Rails.application.class.module_parent.to_s.underscore.dasherize
|
8
4
|
env_name = SaferRailsConsole.environment_name
|
9
5
|
status = ::Rails.application.sandbox ? 'read-only' : 'writable'
|
10
6
|
color = SaferRailsConsole.prompt_color
|
@@ -12,11 +8,11 @@ color = SaferRailsConsole.prompt_color
|
|
12
8
|
prompt = "#{app_name}(#{env_name})(#{status}):%03n:%i"
|
13
9
|
|
14
10
|
IRB.conf[:PROMPT][:RAILS_ENV] = {
|
15
|
-
PROMPT_I: color_text("#{prompt}> ", color),
|
16
|
-
PROMPT_N: color_text("#{prompt}> ", color),
|
17
|
-
PROMPT_S: color_text("#{prompt}%l ", color),
|
18
|
-
PROMPT_C: color_text("#{prompt}* ", color),
|
19
|
-
RETURN: color_text('=> ', color)
|
11
|
+
PROMPT_I: SaferRailsConsole::Colors.color_text("#{prompt}> ", color),
|
12
|
+
PROMPT_N: SaferRailsConsole::Colors.color_text("#{prompt}> ", color),
|
13
|
+
PROMPT_S: SaferRailsConsole::Colors.color_text("#{prompt}%l ", color),
|
14
|
+
PROMPT_C: SaferRailsConsole::Colors.color_text("#{prompt}* ", color),
|
15
|
+
RETURN: "#{SaferRailsConsole::Colors.color_text('=> ', color)}%s\n"
|
20
16
|
}
|
21
17
|
|
22
18
|
IRB.conf[:PROMPT_MODE] = :RAILS_ENV
|
@@ -1,53 +1,12 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
module SaferRailsConsole
|
4
|
-
module Patches
|
5
|
-
module Boot
|
6
|
-
module SandboxFlag
|
7
|
-
def self.console_options(opt, options = {})
|
8
|
-
opt.banner = 'Usage: rails console [environment] [options]'
|
9
|
-
opt.on('-s', '--[no-]sandbox', 'Explicitly enable/disable sandbox mode.') { |v| options[:sandbox] = v }
|
10
|
-
opt.on('-w', '--writable', 'Alias for --no-sandbox.') { |v| options[:writable] = v }
|
11
|
-
opt.on('-r', '--read-only', 'Alias for --sandbox.') { |v| options[:'read-only'] = v }
|
12
|
-
opt.on('-e', '--environment=name', String,
|
13
|
-
'Specifies the environment to run this console under (test/development/production).',
|
14
|
-
'Default: development') { |v| options[:environment] = v.strip }
|
15
|
-
end
|
16
|
-
|
17
|
-
module Rails
|
18
|
-
module CommandsTasks50
|
19
|
-
def console
|
20
|
-
require_command!('console')
|
21
|
-
::Rails::Console.singleton_class.prepend(::SaferRailsConsole::Patches::Boot::SandboxFlag::Rails::Console50)
|
22
|
-
super
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
module Console50
|
27
|
-
def parse_arguments(arguments)
|
28
|
-
options = {}
|
29
|
-
|
30
|
-
OptionParser.new do |opt|
|
31
|
-
::SaferRailsConsole::Patches::Boot::SandboxFlag.console_options(opt, options)
|
32
|
-
opt.parse!(arguments)
|
33
|
-
end
|
1
|
+
# frozen_string_literal: true
|
34
2
|
|
35
|
-
|
36
|
-
end
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
end
|
3
|
+
require 'safer_rails_console/rails_version'
|
43
4
|
|
44
|
-
if SaferRailsConsole::RailsVersion.
|
45
|
-
require 'rails/commands/commands_tasks'
|
46
|
-
::Rails::CommandsTasks.prepend(SaferRailsConsole::Patches::Boot::SandboxFlag::Rails::CommandsTasks50)
|
47
|
-
elsif SaferRailsConsole::RailsVersion.five_one_or_above?
|
5
|
+
if SaferRailsConsole::RailsVersion.supported?
|
48
6
|
require 'rails/command'
|
49
7
|
require 'rails/commands/console/console_command'
|
50
|
-
# Rails
|
8
|
+
# Rails defaults `sandbox` to `false`, but we need it to NOT have a default value and
|
9
|
+
# be `nil` when it is not user-specified
|
51
10
|
::Rails::Command::ConsoleCommand.class_eval do
|
52
11
|
remove_class_option :sandbox
|
53
12
|
class_option :sandbox, aliases: '-s', type: :boolean, desc: 'Explicitly enable/disable sandbox mode.'
|
@@ -55,9 +14,7 @@ elsif SaferRailsConsole::RailsVersion.five_one_or_above?
|
|
55
14
|
class_option :'read-only', aliases: '-r', type: :boolean, desc: 'Alias for --sandbox.'
|
56
15
|
end
|
57
16
|
else
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
"or remove \"require 'safer_rails_console/patches/boot'\" from your application's 'config/boot.rb'."
|
62
|
-
end
|
17
|
+
raise "No boot/sandbox_flag patch for rails version '#{::Rails.version}' exists. "\
|
18
|
+
'Please disable safer_rails_console, use a supported version of rails, '\
|
19
|
+
"or remove \"require 'safer_rails_console/patches/boot'\" from your application's 'config/boot.rb'."
|
63
20
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module SaferRailsConsole
|
2
4
|
module Patches
|
3
5
|
module Sandbox
|
@@ -11,8 +13,11 @@ module SaferRailsConsole
|
|
11
13
|
true
|
12
14
|
elsif options[:writable]
|
13
15
|
false
|
16
|
+
elsif SaferRailsConsole.sandbox_environment? &&
|
17
|
+
SaferRailsConsole.config.sandbox_prompt
|
18
|
+
SaferRailsConsole::Console.sandbox_user_prompt
|
14
19
|
else
|
15
|
-
SaferRailsConsole.sandbox_environment?
|
20
|
+
SaferRailsConsole.sandbox_environment?
|
16
21
|
end
|
17
22
|
end
|
18
23
|
|
@@ -25,14 +30,10 @@ module SaferRailsConsole
|
|
25
30
|
end
|
26
31
|
|
27
32
|
if SaferRailsConsole::RailsVersion.supported?
|
28
|
-
|
29
|
-
require 'rails/commands/console/console_command'
|
30
|
-
else
|
31
|
-
require 'rails/commands/console'
|
32
|
-
end
|
33
|
+
require 'rails/commands/console/console_command'
|
33
34
|
|
34
35
|
::Rails::Console.singleton_class.prepend(SaferRailsConsole::Patches::Sandbox::Rails::Console)
|
35
36
|
else
|
36
|
-
raise "No sandbox patch for rails version '#{::Rails.version}' exists. "\
|
37
|
-
'
|
37
|
+
raise "No sandbox patch for rails version '#{::Rails.version}' exists. Please disable safer_rails_console, "\
|
38
|
+
'use a supported version of rails, or disable SaferRailsConsole.config.sandbox_environments.'
|
38
39
|
end
|
@@ -1,8 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module SaferRailsConsole
|
2
4
|
module Patches
|
3
5
|
module Sandbox
|
4
6
|
module AutoRollback
|
5
|
-
extend SaferRailsConsole::Colors
|
6
7
|
|
7
8
|
def self.rollback_and_begin_new_transaction
|
8
9
|
connection = ::ActiveRecord::Base.connection
|
@@ -10,32 +11,31 @@ module SaferRailsConsole
|
|
10
11
|
connection.begin_db_transaction
|
11
12
|
end
|
12
13
|
|
13
|
-
def self.handle_and_reraise_exception(
|
14
|
-
if
|
15
|
-
puts color_text(
|
14
|
+
def self.handle_and_reraise_exception(error)
|
15
|
+
if error.message.include?('PG::ReadOnlySqlTransaction')
|
16
|
+
puts SaferRailsConsole::Colors.color_text( # rubocop:disable Rails/Output
|
17
|
+
'An operation could not be completed due to read-only mode.',
|
18
|
+
SaferRailsConsole::Colors::RED
|
19
|
+
)
|
16
20
|
else
|
17
21
|
rollback_and_begin_new_transaction
|
18
22
|
end
|
19
23
|
|
20
|
-
raise
|
24
|
+
raise error
|
21
25
|
end
|
22
26
|
|
23
|
-
module
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
rescue => e
|
29
|
-
SaferRailsConsole::Patches::Sandbox::AutoRollback.handle_and_reraise_exception(e)
|
30
|
-
end
|
31
|
-
end
|
27
|
+
module PostgreSQLAdapterPatch
|
28
|
+
def execute_and_clear(...)
|
29
|
+
super
|
30
|
+
rescue StandardError => e
|
31
|
+
SaferRailsConsole::Patches::Sandbox::AutoRollback.handle_and_reraise_exception(e)
|
32
32
|
end
|
33
33
|
end
|
34
|
+
|
35
|
+
if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
36
|
+
::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(PostgreSQLAdapterPatch)
|
37
|
+
end
|
34
38
|
end
|
35
39
|
end
|
36
40
|
end
|
37
41
|
end
|
38
|
-
|
39
|
-
if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
40
|
-
::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(SaferRailsConsole::Patches::Sandbox::AutoRollback::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter5)
|
41
|
-
end
|
@@ -1,26 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module SaferRailsConsole
|
2
4
|
module Patches
|
3
5
|
module Sandbox
|
4
6
|
module TransactionReadOnly
|
5
|
-
module
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
super
|
10
|
-
execute 'SET TRANSACTION READ ONLY'
|
11
|
-
end
|
12
|
-
end
|
7
|
+
module PostgreSQLAdapterPatch
|
8
|
+
def begin_db_transaction
|
9
|
+
super
|
10
|
+
execute 'SET TRANSACTION READ ONLY'
|
13
11
|
end
|
14
12
|
end
|
13
|
+
|
14
|
+
if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
15
|
+
::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(PostgreSQLAdapterPatch)
|
16
|
+
|
17
|
+
# Ensure transaction is read-only if it was began before this patch was loaded
|
18
|
+
connection = ::ActiveRecord::Base.connection
|
19
|
+
connection.execute 'SET TRANSACTION READ ONLY' if connection.open_transactions > 0
|
20
|
+
end
|
15
21
|
end
|
16
22
|
end
|
17
23
|
end
|
18
24
|
end
|
19
|
-
|
20
|
-
if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
21
|
-
::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(SaferRailsConsole::Patches::Sandbox::TransactionReadOnly::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
22
|
-
|
23
|
-
# Ensure transaction is read-only if it was began before this patch was loaded
|
24
|
-
connection = ::ActiveRecord::Base.connection
|
25
|
-
connection.execute 'SET TRANSACTION READ ONLY' if connection.open_transactions > 0
|
26
|
-
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'rails'
|
2
4
|
|
3
5
|
module SaferRailsConsole
|
@@ -6,37 +8,13 @@ module SaferRailsConsole
|
|
6
8
|
|
7
9
|
class << self
|
8
10
|
def supported?
|
9
|
-
|
10
|
-
end
|
11
|
-
|
12
|
-
def five_zero?
|
13
|
-
@is_five_zero = Gem::Requirement.new('~> 5.0.0').satisfied_by?(SaferRailsConsole::RailsVersion::RAILS_VERSION) if @is_five_zero.nil?
|
14
|
-
@is_five_zero
|
15
|
-
end
|
16
|
-
|
17
|
-
def five_one?
|
18
|
-
@is_five_one = Gem::Requirement.new('~> 5.1.0').satisfied_by?(SaferRailsConsole::RailsVersion::RAILS_VERSION) if @is_five_one.nil?
|
19
|
-
@is_five_one
|
20
|
-
end
|
21
|
-
|
22
|
-
def five_one_or_above?
|
23
|
-
@is_five_one_or_above = SaferRailsConsole::RailsVersion::RAILS_VERSION >= ::Gem::Version.new('5.1.0') if @is_five_one_or_above.nil?
|
24
|
-
@is_five_one_or_above
|
25
|
-
end
|
26
|
-
|
27
|
-
def five_two?
|
28
|
-
@is_five_two = Gem::Requirement.new('~> 5.2.0').satisfied_by?(SaferRailsConsole::RailsVersion::RAILS_VERSION) if @is_five_two.nil?
|
29
|
-
@is_five_two
|
30
|
-
end
|
31
|
-
|
32
|
-
def six_zero?
|
33
|
-
@is_six_zero = Gem::Requirement.new('~> 6.0.0').satisfied_by?(SaferRailsConsole::RailsVersion::RAILS_VERSION) if @is_six_zero.nil?
|
34
|
-
@is_six_zero
|
11
|
+
six_or_above?
|
35
12
|
end
|
36
13
|
|
37
14
|
def six_or_above?
|
38
|
-
@
|
39
|
-
|
15
|
+
return @six_or_above if defined?(@six_or_above)
|
16
|
+
|
17
|
+
@six_or_above = SaferRailsConsole::RailsVersion::RAILS_VERSION >= ::Gem::Version.new('6.0.0')
|
40
18
|
end
|
41
19
|
end
|
42
20
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'rails'
|
2
4
|
require 'safer_rails_console'
|
3
5
|
|
@@ -8,7 +10,7 @@ module SaferRailsConsole
|
|
8
10
|
config.safer_rails_console = ActiveSupport::OrderedOptions.new
|
9
11
|
|
10
12
|
initializer 'safer_rails_console.configure' do |app|
|
11
|
-
SaferRailsConsole.config.set(app.config.safer_rails_console)
|
13
|
+
SaferRailsConsole.config.set(**app.config.safer_rails_console)
|
12
14
|
end
|
13
15
|
|
14
16
|
config.after_initialize do
|
data/lib/safer_rails_console.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'safer_rails_console/version'
|
2
4
|
require 'safer_rails_console/railtie'
|
3
5
|
require 'safer_rails_console/colors'
|
@@ -10,16 +12,20 @@ module SaferRailsConsole
|
|
10
12
|
def environment_name
|
11
13
|
if ENV.key?('SAFER_RAILS_CONSOLE_ENVIRONMENT_NAME')
|
12
14
|
ENV['SAFER_RAILS_CONSOLE_ENVIRONMENT_NAME']
|
15
|
+
elsif config.environment_names.key?(::Rails.env.downcase)
|
16
|
+
config.environment_names[::Rails.env.downcase]
|
13
17
|
else
|
14
|
-
|
18
|
+
'unknown env'
|
15
19
|
end
|
16
20
|
end
|
17
21
|
|
18
22
|
def prompt_color
|
19
23
|
if ENV.key?('SAFER_RAILS_CONSOLE_PROMPT_COLOR')
|
20
24
|
SaferRailsConsole::Colors.const_get(ENV['SAFER_RAILS_CONSOLE_PROMPT_COLOR'].upcase)
|
25
|
+
elsif config.environment_prompt_colors.key?(::Rails.env.downcase)
|
26
|
+
config.environment_prompt_colors[::Rails.env.downcase]
|
21
27
|
else
|
22
|
-
|
28
|
+
SaferRailsConsole::Colors::NONE
|
23
29
|
end
|
24
30
|
end
|
25
31
|
|
@@ -67,9 +73,9 @@ module SaferRailsConsole
|
|
67
73
|
'staging' => SaferRailsConsole::Colors::YELLOW,
|
68
74
|
'production' => SaferRailsConsole::Colors::RED
|
69
75
|
},
|
70
|
-
sandbox_environments:
|
76
|
+
sandbox_environments: ['production'],
|
71
77
|
sandbox_prompt: false,
|
72
|
-
warn_environments:
|
78
|
+
warn_environments: ['production'],
|
73
79
|
warn_text: "WARNING: YOU ARE USING RAILS CONSOLE IN PRODUCTION!\n" \
|
74
80
|
'Changing data can cause serious data loss. ' \
|
75
81
|
'Make sure you know what you\'re doing.'
|
data/safer_rails_console.gemspec
CHANGED
@@ -1,6 +1,6 @@
|
|
1
|
-
#
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
-
lib = File.expand_path('
|
3
|
+
lib = File.expand_path('lib', __dir__)
|
4
4
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
5
|
require 'safer_rails_console/version'
|
6
6
|
|
@@ -11,7 +11,9 @@ Gem::Specification.new do |spec|
|
|
11
11
|
spec.email = ['engineering@salsify.com']
|
12
12
|
|
13
13
|
spec.summary = 'Make rails console less dangerous!'
|
14
|
-
spec.description = 'This gem makes Rails console sessions less dangerous in specified environments by warning,
|
14
|
+
spec.description = 'This gem makes Rails console sessions less dangerous in specified environments by warning, ' \
|
15
|
+
'color-coding, auto-sandboxing, and allowing read-only external connections ' \
|
16
|
+
'(disables job queueing, non-GET requests, etc.)'
|
15
17
|
spec.homepage = 'https://github.com/salsify/safer_rails_console'
|
16
18
|
spec.license = 'MIT'
|
17
19
|
|
@@ -19,6 +21,7 @@ Gem::Specification.new do |spec|
|
|
19
21
|
# to allow pushing to a single host or delete this section to allow pushing to any host.
|
20
22
|
if spec.respond_to?(:metadata)
|
21
23
|
spec.metadata['allowed_push_host'] = 'https://rubygems.org'
|
24
|
+
spec.metadata['rubygems_mfa_required'] = 'true'
|
22
25
|
else
|
23
26
|
raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.'
|
24
27
|
end
|
@@ -30,6 +33,8 @@ Gem::Specification.new do |spec|
|
|
30
33
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
31
34
|
spec.require_paths = ['lib']
|
32
35
|
|
36
|
+
spec.required_ruby_version = '>= 2.7'
|
37
|
+
|
33
38
|
spec.add_development_dependency 'appraisal', '~> 2.2'
|
34
39
|
spec.add_development_dependency 'bundler', '~> 2.0'
|
35
40
|
spec.add_development_dependency 'climate_control', '~> 0.2.0'
|
@@ -38,7 +43,8 @@ Gem::Specification.new do |spec|
|
|
38
43
|
spec.add_development_dependency 'pg', '~> 1.1'
|
39
44
|
spec.add_development_dependency 'rake', '~> 12.0'
|
40
45
|
spec.add_development_dependency 'rspec', '~> 3.6'
|
41
|
-
spec.add_development_dependency '
|
42
|
-
spec.add_development_dependency '
|
43
|
-
|
46
|
+
spec.add_development_dependency 'rspec_junit_formatter'
|
47
|
+
spec.add_development_dependency 'salsify_rubocop', '~> 1.27.0'
|
48
|
+
|
49
|
+
spec.add_runtime_dependency 'rails', '>= 6.0', '< 7.1'
|
44
50
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: safer_rails_console
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Salsify, Inc
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-05-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: appraisal
|
@@ -123,53 +123,53 @@ dependencies:
|
|
123
123
|
- !ruby/object:Gem::Version
|
124
124
|
version: '3.6'
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
|
-
name:
|
126
|
+
name: rspec_junit_formatter
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
128
128
|
requirements:
|
129
|
-
- - "
|
129
|
+
- - ">="
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: 0
|
131
|
+
version: '0'
|
132
132
|
type: :development
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
|
-
- - "
|
136
|
+
- - ">="
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: 0
|
138
|
+
version: '0'
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
|
-
name:
|
140
|
+
name: salsify_rubocop
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
143
|
- - "~>"
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version:
|
145
|
+
version: 1.27.0
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - "~>"
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version:
|
152
|
+
version: 1.27.0
|
153
153
|
- !ruby/object:Gem::Dependency
|
154
154
|
name: rails
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
156
156
|
requirements:
|
157
157
|
- - ">="
|
158
158
|
- !ruby/object:Gem::Version
|
159
|
-
version: '
|
159
|
+
version: '6.0'
|
160
160
|
- - "<"
|
161
161
|
- !ruby/object:Gem::Version
|
162
|
-
version: '
|
162
|
+
version: '7.1'
|
163
163
|
type: :runtime
|
164
164
|
prerelease: false
|
165
165
|
version_requirements: !ruby/object:Gem::Requirement
|
166
166
|
requirements:
|
167
167
|
- - ">="
|
168
168
|
- !ruby/object:Gem::Version
|
169
|
-
version: '
|
169
|
+
version: '6.0'
|
170
170
|
- - "<"
|
171
171
|
- !ruby/object:Gem::Version
|
172
|
-
version: '
|
172
|
+
version: '7.1'
|
173
173
|
description: This gem makes Rails console sessions less dangerous in specified environments
|
174
174
|
by warning, color-coding, auto-sandboxing, and allowing read-only external connections
|
175
175
|
(disables job queueing, non-GET requests, etc.)
|
@@ -179,11 +179,12 @@ executables: []
|
|
179
179
|
extensions: []
|
180
180
|
extra_rdoc_files: []
|
181
181
|
files:
|
182
|
+
- ".circleci/config.yml"
|
183
|
+
- ".github/CODEOWNERS"
|
182
184
|
- ".gitignore"
|
183
185
|
- ".overcommit.yml"
|
184
186
|
- ".rspec"
|
185
187
|
- ".rubocop.yml"
|
186
|
-
- ".travis.yml"
|
187
188
|
- Appraisals
|
188
189
|
- CHANGELOG.md
|
189
190
|
- Gemfile
|
@@ -192,10 +193,9 @@ files:
|
|
192
193
|
- Rakefile
|
193
194
|
- bin/console
|
194
195
|
- bin/setup
|
195
|
-
- gemfiles/5.0.gemfile
|
196
|
-
- gemfiles/5.1.gemfile
|
197
|
-
- gemfiles/5.2.gemfile
|
198
196
|
- gemfiles/6.0.gemfile
|
197
|
+
- gemfiles/6.1.gemfile
|
198
|
+
- gemfiles/7.0.gemfile
|
199
199
|
- lib/safer_rails_console.rb
|
200
200
|
- lib/safer_rails_console/colors.rb
|
201
201
|
- lib/safer_rails_console/console.rb
|
@@ -216,7 +216,8 @@ licenses:
|
|
216
216
|
- MIT
|
217
217
|
metadata:
|
218
218
|
allowed_push_host: https://rubygems.org
|
219
|
-
|
219
|
+
rubygems_mfa_required: 'true'
|
220
|
+
post_install_message:
|
220
221
|
rdoc_options: []
|
221
222
|
require_paths:
|
222
223
|
- lib
|
@@ -224,15 +225,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
224
225
|
requirements:
|
225
226
|
- - ">="
|
226
227
|
- !ruby/object:Gem::Version
|
227
|
-
version: '
|
228
|
+
version: '2.7'
|
228
229
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
229
230
|
requirements:
|
230
231
|
- - ">="
|
231
232
|
- !ruby/object:Gem::Version
|
232
233
|
version: '0'
|
233
234
|
requirements: []
|
234
|
-
rubygems_version: 3.
|
235
|
-
signing_key:
|
235
|
+
rubygems_version: 3.2.33
|
236
|
+
signing_key:
|
236
237
|
specification_version: 4
|
237
238
|
summary: Make rails console less dangerous!
|
238
239
|
test_files: []
|
data/.travis.yml
DELETED
@@ -1,31 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
sudo: false
|
3
|
-
|
4
|
-
services:
|
5
|
-
- postgresql
|
6
|
-
|
7
|
-
bundler_args: --without test --jobs 3 --retry 3
|
8
|
-
before_install:
|
9
|
-
- gem install bundler
|
10
|
-
|
11
|
-
before_script:
|
12
|
-
- cp spec/internal/database.yml.travis spec/internal/rails_5_0/config/database.yml
|
13
|
-
- cp spec/internal/database.yml.travis spec/internal/rails_5_1/config/database.yml
|
14
|
-
- cp spec/internal/database.yml.travis spec/internal/rails_5_2/config/database.yml
|
15
|
-
- cp spec/internal/database.yml.travis spec/internal/rails_6_0/config/database.yml
|
16
|
-
|
17
|
-
script:
|
18
|
-
- bundle exec rubocop
|
19
|
-
- bundle exec rspec
|
20
|
-
|
21
|
-
rvm:
|
22
|
-
- 2.5.6
|
23
|
-
|
24
|
-
gemfile:
|
25
|
-
- gemfiles/5.0.gemfile
|
26
|
-
- gemfiles/5.1.gemfile
|
27
|
-
- gemfiles/5.2.gemfile
|
28
|
-
- gemfiles/6.0.gemfile
|
29
|
-
|
30
|
-
matrix:
|
31
|
-
fast_finish: true
|