safer_rails_console 0.8.0 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +8 -0
- data/.gitignore +2 -0
- data/CHANGELOG.md +3 -0
- data/README.md +1 -1
- data/lib/safer_rails_console/patches/sandbox/auto_rollback.rb +17 -3
- data/lib/safer_rails_console/patches/sandbox/transaction_read_only.rb +14 -0
- data/lib/safer_rails_console/version.rb +1 -1
- data/safer_rails_console.gemspec +1 -0
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6caeae2629c2967125e660f9982a42cdcb8be7bfeda001ef4d749c48163327fe
|
|
4
|
+
data.tar.gz: 479df9dd872a07f3af1e743e787acc6689587ff686badcd8de9da40592b545d4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 689bfbb1b371f75543b4d724fc211c3da712f5c624df301446c83b327863ab9b24edfe50f824fbf4d287b645db334714c098c0643b62a5c8ae171992afc4da65
|
|
7
|
+
data.tar.gz: f24a500572bb7fec95dca9c875566da11eb77d3e4ba11070ff561eb8b6dedcbeff4254fef29f97a2f9d9637d1bf16b6e04f2558cda04213332a9d223afd52ee2
|
data/.circleci/config.yml
CHANGED
|
@@ -41,6 +41,11 @@ jobs:
|
|
|
41
41
|
POSTGRES_USER: "circleci"
|
|
42
42
|
POSTGRES_DB: "safer_rails_console_test"
|
|
43
43
|
POSTGRES_HOST_AUTH_METHOD: "trust"
|
|
44
|
+
- image: cimg/mysql:8.0
|
|
45
|
+
environment:
|
|
46
|
+
MYSQL_DATABASE: "safer_rails_console_test"
|
|
47
|
+
MYSQL_ROOT_HOST: "%"
|
|
48
|
+
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
|
|
44
49
|
working_directory: ~/safer_rails_console
|
|
45
50
|
steps:
|
|
46
51
|
- checkout
|
|
@@ -60,6 +65,9 @@ jobs:
|
|
|
60
65
|
paths:
|
|
61
66
|
- "vendor/bundle"
|
|
62
67
|
- "gemfiles/vendor/bundle"
|
|
68
|
+
- run:
|
|
69
|
+
name: Wait for Mysql
|
|
70
|
+
command: dockerize -wait tcp://localhost:3306 -timeout 1m
|
|
63
71
|
- run:
|
|
64
72
|
name: Run Tests
|
|
65
73
|
command: |
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
[](https://circleci.com/gh/salsify/safer_rails_console)
|
|
4
4
|
[](https://badge.fury.io/rb/safer_rails_console)
|
|
5
5
|
|
|
6
|
-
This gem makes Rails console sessions less dangerous in specified environments by warning, color-coding, and auto-sandboxing PostgreSQL connections. In the future we'd like to extend this to make other external connections read-only too (e.g. disable job queueing, non-GET HTTP requests, etc.)
|
|
6
|
+
This gem makes Rails console sessions less dangerous in specified environments by warning, color-coding, and auto-sandboxing PostgreSQL and MySQL connections. In the future we'd like to extend this to make other external connections read-only too (e.g. disable job queueing, non-GET HTTP requests, etc.)
|
|
7
7
|
|
|
8
8
|
## Installation
|
|
9
9
|
|
|
@@ -11,8 +11,8 @@ module SaferRailsConsole
|
|
|
11
11
|
connection.begin_db_transaction
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
def self.handle_and_reraise_exception(error)
|
|
15
|
-
if error.message.include?(
|
|
14
|
+
def self.handle_and_reraise_exception(error, message = 'PG::ReadOnlySqlTransaction')
|
|
15
|
+
if error.message.include?(message)
|
|
16
16
|
puts SaferRailsConsole::Colors.color_text( # rubocop:disable Rails/Output
|
|
17
17
|
'An operation could not be completed due to read-only mode.',
|
|
18
18
|
SaferRailsConsole::Colors::RED
|
|
@@ -28,13 +28,27 @@ module SaferRailsConsole
|
|
|
28
28
|
def execute_and_clear(...)
|
|
29
29
|
super
|
|
30
30
|
rescue StandardError => e
|
|
31
|
-
|
|
31
|
+
# rubocop:disable Layout/LineLength
|
|
32
|
+
SaferRailsConsole::Patches::Sandbox::AutoRollback.handle_and_reraise_exception(e, 'PG::ReadOnlySqlTransaction')
|
|
33
|
+
# rubocop:enable Layout/LineLength
|
|
32
34
|
end
|
|
33
35
|
end
|
|
34
36
|
|
|
35
37
|
if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
|
36
38
|
::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(PostgreSQLAdapterPatch)
|
|
37
39
|
end
|
|
40
|
+
|
|
41
|
+
module MySQLPatch
|
|
42
|
+
def execute_and_free(...)
|
|
43
|
+
super
|
|
44
|
+
rescue StandardError => e
|
|
45
|
+
SaferRailsConsole::Patches::Sandbox::AutoRollback.handle_and_reraise_exception(e, 'READ ONLY transaction')
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
if defined?(::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter)
|
|
50
|
+
::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter.prepend(MySQLPatch)
|
|
51
|
+
end
|
|
38
52
|
end
|
|
39
53
|
end
|
|
40
54
|
end
|
|
@@ -11,6 +11,13 @@ module SaferRailsConsole
|
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
+
module MySQLPatch
|
|
15
|
+
def begin_db_transaction
|
|
16
|
+
execute 'SET TRANSACTION READ ONLY'
|
|
17
|
+
super
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
14
21
|
if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
|
|
15
22
|
::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(PostgreSQLAdapterPatch)
|
|
16
23
|
|
|
@@ -18,6 +25,13 @@ module SaferRailsConsole
|
|
|
18
25
|
connection = ::ActiveRecord::Base.connection
|
|
19
26
|
connection.execute 'SET TRANSACTION READ ONLY' if connection.open_transactions > 0
|
|
20
27
|
end
|
|
28
|
+
|
|
29
|
+
if defined?(::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter)
|
|
30
|
+
::ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter.prepend(MySQLPatch)
|
|
31
|
+
|
|
32
|
+
# Not possible to change a running transaction to read-only in MySQL
|
|
33
|
+
# https://dev.mysql.com/doc/refman/8.4/en/set-transaction.html
|
|
34
|
+
end
|
|
21
35
|
end
|
|
22
36
|
end
|
|
23
37
|
end
|
data/safer_rails_console.gemspec
CHANGED
|
@@ -39,6 +39,7 @@ Gem::Specification.new do |spec|
|
|
|
39
39
|
spec.add_development_dependency 'bundler', '~> 2.0'
|
|
40
40
|
spec.add_development_dependency 'climate_control', '~> 0.2.0'
|
|
41
41
|
spec.add_development_dependency 'mixlib-shellout', '~> 2.2'
|
|
42
|
+
spec.add_development_dependency 'mysql2', '~> 0.5'
|
|
42
43
|
spec.add_development_dependency 'overcommit', '~> 0.39.0'
|
|
43
44
|
spec.add_development_dependency 'pg', '~> 1.1'
|
|
44
45
|
spec.add_development_dependency 'rake', '~> 12.0'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: safer_rails_console
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Salsify, Inc
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: appraisal
|
|
@@ -66,6 +66,20 @@ dependencies:
|
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '2.2'
|
|
69
|
+
- !ruby/object:Gem::Dependency
|
|
70
|
+
name: mysql2
|
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
|
72
|
+
requirements:
|
|
73
|
+
- - "~>"
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: '0.5'
|
|
76
|
+
type: :development
|
|
77
|
+
prerelease: false
|
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - "~>"
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '0.5'
|
|
69
83
|
- !ruby/object:Gem::Dependency
|
|
70
84
|
name: overcommit
|
|
71
85
|
requirement: !ruby/object:Gem::Requirement
|