sanitized_attributes 1.0.0

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,21 @@
+## MAC OS
+.DS_Store
+
+## TEXTMATE
+*.tmproj
+tmtags
+
+## EMACS
+*~
+\#*
+.\#*
+
+## VIM
+*.swp
+
+## PROJECT::GENERAL
+coverage
+rdoc
+pkg
+
+## PROJECT::SPECIFIC

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2010 CrowdCompass, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,17 @@
+= sanitized_attributes
+
+A wrapper for the sanitize gem which provides automatic sanitization of attributes.
+
+== Note on Patches/Pull Requests
+ 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+== Copyright
+
+Copyright (c) 2010 CrowdCompass, Inc.. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,46 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "sanitized_attributes"
+    gem.summary = %Q{HTML-sanitizing attribute accessors for Ruby and Rails}
+    gem.description = %Q{A wrapper to make automatic sanitization of incoming data easier. Uses the sanitize gem and works in both plain Ruby and Rails projects.}
+    gem.email = "engineering@crowdcompass.com"
+    gem.homepage = "http://github.com/mboeh/sanitized_attributes"
+    gem.authors = ["CrowdCompass, Inc."]
+    gem.add_development_dependency "rspec", ">= 1.2.9"
+    gem.add_dependency "sanitize", "> 0"
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+require 'spec/rake/spectask'
+Spec::Rake::SpecTask.new(:spec) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.spec_files = FileList['spec/**/*_spec.rb']
+end
+
+Spec::Rake::SpecTask.new(:rcov) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rcov = true
+  spec.rcov_opts = ['--exclude', File.expand_path("~/.rvm"), "--exclude", "spec"]
+end
+
+task :spec => :check_dependencies
+
+task :default => :spec
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "sanitized_attributes #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+1.0.0

data/lib/sanitized_attributes/sanitized_attribute.rb

@@ -0,0 +1,40 @@
+module SanitizedAttributes; class SanitizedAttribute
+
+  def initialize(attr_name, options = {})
+    @attr_name = attr_name
+    @options = options
+  end
+
+  def sanitize(content)
+    Sanitize.clean(content, sanitize_config)
+  end
+
+  def define_writer_method(klass)
+    this = self
+    attr_name = @attr_name
+    klass.send(:define_method, "#{@attr_name}_with_sanitization=") {|value|
+      send("#{attr_name}_without_sanitization=", this.sanitize(value))
+    }
+  end
+
+  protected
+
+    def sanitize_config
+      SanitizedAttributes.sanitize_options(@options)
+    end
+
+  class << self
+
+    def add(klass, attr_name, options = {})
+      attrib = new(attr_name, options)
+      attrib.define_writer_method(klass)
+      if klass.respond_to?(:alias_method_chain) 
+        klass.send(:alias_method_chain, "#{attr_name}=", :sanitization)
+      else
+        klass.send(:alias_method, "#{attr_name}_without_sanitization=", "#{attr_name}=")
+        klass.send(:alias_method, "#{attr_name}=", "#{attr_name}_with_sanitization=")
+      end
+    end
+
+  end
+end; end

data/lib/sanitized_attributes.rb

@@ -0,0 +1,86 @@
+require 'rubygems'
+require 'sanitize'
+require 'sanitized_attributes/sanitized_attribute'
+
+module SanitizedAttributes
+
+  def self.included(into)
+    into.extend(ClassMethods)
+  end
+
+  class << self
+    
+    def add_option(name, &blk)
+      @option_transforms = nil
+      @options ||= {}
+      @options[name] = blk
+    end
+
+    def add_profile(name, options = {})
+      @profiles ||= {}
+      @profiles[name] = options
+    end
+
+    def profile(name)
+      @profiles ||= {}
+      @profiles[name] || {}
+    end
+
+    def sanitize_options(options)
+      pr = 
+        if options.kind_of?(Symbol)
+          profile(options)
+        else
+          options
+        end
+      o = merge_options(default_profile, pr)
+      o 
+    end
+
+    protected
+
+      def default_profile
+        merge_options(profile(:default), obligatory_options)
+      end
+
+      def merge_options(ops, new_ops)
+        final_ops = ops.dup
+        new_ops.each do |key,val|
+          old = final_ops[key]
+          if key == :transformers
+            final_ops[key] ||= []
+            final_ops[key] = ([old] + [val]).flatten.uniq.compact
+          else
+            final_ops[key] = val
+          end
+          final_ops.delete(key) if final_ops[key].nil?
+        end
+        return final_ops
+      end
+
+      def obligatory_options
+        { :transformers => option_transforms }
+      end
+
+      def option_transforms
+        @option_transforms ||= 
+          begin
+            @options.map do |name, tproc|
+              lambda do |env|
+                tproc.call(env, env[:config][name]) if env[:config][name]
+              end
+            end
+          end
+      end
+  end
+
+
+  module ClassMethods
+
+    def sanitize_attribute(attr_name, options = {})
+      SanitizedAttribute.add(self, attr_name, options)
+    end
+
+  end
+
+end

data/spec/sanitized_attributes_spec.rb

@@ -0,0 +1,32 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe "SanitizedAttributes" do
+
+  before do
+    @klass = Class.new do
+      include SanitizedAttributes
+      attr_accessor :orz
+      attr_accessor :vux
+    end
+    SanitizedAttributes.add_option(:no_empties) do |env, forbidden_empties|
+      if env[:node].content.empty?
+        if forbidden_empties.include?(env[:node_name])
+          {:node => Nokogiri::XML::Text.new("", env[:node].document)}
+        end
+      end
+    end
+    SanitizedAttributes.add_profile(:quotes_only, :elements => %w[blockquote])
+  end
+
+  it "does stuff" do
+    @klass.module_eval do
+      sanitize_attribute :orz, :elements => %w[p], :no_empties => %w[p]
+      sanitize_attribute :vux, :quotes_only
+    end
+    obj = @klass.new
+    obj.vux = "<blockquote>Our special today is <b>particle fragmentation!</b></blockquote> - VUX"
+    obj.vux.should == "<blockquote>Our special today is particle fragmentation!</blockquote> - VUX"
+    obj.orz = "Orz are not *many bubbles* like <p/>*campers*. <p></p>Orz <b>are just</b> Orz. <p>- Orz</p>"
+    obj.orz.should == "Orz are not *many bubbles* like *campers*. Orz are just Orz. <p>- Orz</p>"
+  end
+end

data/spec/spec.opts

@@ -0,0 +1 @@
+--color

data/spec/spec_helper.rb

@@ -0,0 +1,9 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'sanitized_attributes'
+require 'spec'
+require 'spec/autorun'
+
+Spec::Runner.configure do |config|
+  
+end

metadata

@@ -0,0 +1,108 @@
+--- !ruby/object:Gem::Specification 
+name: sanitized_attributes
+version: !ruby/object:Gem::Version 
+  hash: 23
+  prerelease: false
+  segments: 
+  - 1
+  - 0
+  - 0
+  version: 1.0.0
+platform: ruby
+authors: 
+- CrowdCompass, Inc.
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-10-11 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 13
+        segments: 
+        - 1
+        - 2
+        - 9
+        version: 1.2.9
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: sanitize
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">"
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id002
+description: A wrapper to make automatic sanitization of incoming data easier. Uses the sanitize gem and works in both plain Ruby and Rails projects.
+email: engineering@crowdcompass.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- .document
+- .gitignore
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- lib/sanitized_attributes.rb
+- lib/sanitized_attributes/sanitized_attribute.rb
+- spec/sanitized_attributes_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/mboeh/sanitized_attributes
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: HTML-sanitizing attribute accessors for Ruby and Rails
+test_files: 
+- spec/spec_helper.rb
+- spec/sanitized_attributes_spec.rb