sinatra_permitted_params 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0a22fe1bbf20166d7c5b7ebb620e12f986636086
+  data.tar.gz: cb70f46f4041c5103088623d3c0e1727fa17c9bd
+SHA512:
+  metadata.gz: 9514db54292e05bd0a1c7ed1adc3790a5903ef81f9035afb7c75dc257f961e82605e7da7d3679a305f00a705e5f6d4fece7dc6963d3a21fcdef4c98c33ba7230
+  data.tar.gz: 85cd550e530ccef75997dc3276fd8b12360f6570c15fc4826ac8ea0c154a073caf63ca627cff431315f851458dfe12bdb7c6bb5dc2f531fed123ffbaee32f13d

data/.gitignore

@@ -0,0 +1,23 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+vendor/bundle

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/README.md

@@ -0,0 +1,87 @@
+# SinatraPermittedParams
+
+A simple parameter filtering for Sinatra
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'sinatra_permitted_params'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install sinatra_permitted_params
+
+## Usage
+
+This gems allows you to define your permitted params.
+
+Add it as a helper in your sinatra App:
+
+```ruby
+  require 'sinatra/base'
+  require 'sinatra/permitted_params'
+
+  class App < Sinatra::Base
+    helpers Sinatra::PermittedParams
+    #...
+```
+
+And define your permitted params:
+
+```ruby
+  require 'sinatra/base'
+  require 'sinatra/permitted_params'
+
+  class App < Sinatra::Base
+    helpers Sinatra::PermittedParams
+
+    post '/comment' do
+      permitted_params = permitted_params([:title, :body])
+      comment = Comment.create(permitted_params)
+
+      #...
+    end
+  end
+
+  # GET /comment?title=comment&body=new%20params%20gems
+  # GET /comment?title=comment&body=new%20params%20gems&user=new_user  raises <Sinatra::PermittedParams::UnpermittedParamsError: Unpermitted params found: invalid>
+```
+
+If a parameter different than the declared ones is received, then it raises a Sinatra::PermittedParams::UnpermittedParamsError.
+
+Adding keys to the option 'ignore' allows you to define the params you want to filter without raising the error:
+
+```ruby
+  post '/comment' do
+    permitted_params = permitted_params([:title, :body], ignore: [:user])
+    comment = Comment.create(permitted_params)
+
+    #...
+  end
+```
+
+In this case the param 'user' will be ignored, no error will be raised and
+the permitted_params will return a hash with title and body.
+
+You can intercept the error with a Sinatra ```error do...end``` block
+
+```ruby
+error Sinatra::PermittedParams::UnpermittedParamsError do
+  #...
+end
+```
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/sinatra_permitted_params/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/lib/sinatra/permitted_params.rb

@@ -0,0 +1,39 @@
+require 'sinatra_permitted_params/version'
+
+module Sinatra
+  module PermittedParams
+    class UnpermittedParamsError < StandardError; end
+
+    WILDCARD_PARAMS = ['splat', 'captures']
+
+    def permitted_params(permitted_keys, ignore: [])
+      ignored_keys = stringify(ignore)
+      permitted_keys = stringify(permitted_keys)
+
+      filtered_params = reject_ignored_params(ignored_keys)
+
+      check_params(filtered_params, permitted_keys)
+
+      filtered_params
+    end
+
+    private
+
+    def reject_ignored_params(ignored_keys)
+      keys_to_ignore = ignored_keys + WILDCARD_PARAMS
+
+      params.reject { |key, _| keys_to_ignore.include?(key) }
+    end
+
+    def check_params(filtered_params, permitted_keys)
+      forbidden_keys = filtered_params.keys - permitted_keys
+      return if forbidden_keys.empty?
+
+      raise UnpermittedParamsError.new("Unpermitted params found: #{forbidden_keys.join(', ')}")
+    end
+
+    def stringify(values)
+      values.map(&:to_s)
+    end
+  end
+end

data/lib/sinatra_permitted_params/version.rb

@@ -0,0 +1,3 @@
+module SinatraPermittedParams
+  VERSION = '0.1.0'
+end

data/sinatra_permitted_params.gemspec

@@ -0,0 +1,28 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sinatra_permitted_params/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'sinatra_permitted_params'
+  spec.version       = SinatraPermittedParams::VERSION
+  spec.authors       = ['peerTransfer tech']
+  spec.email         = ['tech@peertransfer.com']
+  spec.summary       = %q{A sinatra gem to filter params}
+  spec.description   = %q{A sinatra gem to filter params}
+
+  files = Dir['lib/*.rb'] + Dir['lib/**/*.rb']
+  rootfiles = ['Gemfile', 'sinatra_permitted_params.gemspec', 'README.md']
+  dotfiles = ['.gitignore']
+
+  spec.files         = files + rootfiles + dotfiles
+  spec.test_files    = Dir['spec/*.rb'] + Dir['spec/**/*.rb']
+  spec.require_paths = ['lib']
+
+
+  spec.add_development_dependency 'sinatra', '~> 1.3'
+  spec.add_development_dependency 'bundler', '~> 1.7'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rack-test'
+end

data/spec/lib/sinatra/permitted_params_spec.rb

@@ -0,0 +1,87 @@
+require 'spec_helper'
+
+describe Sinatra::PermittedParams do
+  include Rack::Test::Methods
+
+  class Dummy
+    def self.foo(params); end
+  end
+
+  class DummyController < Sinatra::Base
+    helpers Sinatra::PermittedParams
+
+    post '/test_permitted_params' do
+      Dummy.foo(testing_permitted_params)
+    end
+
+    get '/test_ignored_params' do
+      Dummy.foo(testing_ignored_params)
+    end
+
+    put '/test_wildcard_params/:id' do
+      Dummy.foo(test_wildcard_params)
+    end
+
+    def testing_permitted_params
+      permitted_params([:name, :code])
+    end
+
+    def testing_ignored_params
+      permitted_params([:name, :code], ignore: [:address])
+    end
+
+    def test_wildcard_params
+      permitted_params([:id, :name, :code])
+    end
+  end
+
+
+  context 'when the request contains only permitted params' do
+    it 'does not raise an error' do
+      attributes = { 'name' => 'Joe', 'code' => 'ERF' }
+
+      expect(Dummy).to receive(:foo).with(attributes)
+
+      post '/test_permitted_params', attributes
+    end
+  end
+
+  context 'when the request contains a not permitted param' do
+    it 'raises an error' do
+      expect do
+        post '/test_permitted_params', 'invalid' => 'param'
+      end.to raise_error(
+        Sinatra::PermittedParams::UnpermittedParamsError,
+        'Unpermitted params found: invalid'
+      )
+    end
+  end
+
+  context 'when there are keys to ignore' do
+    it 'filters the declared params to ignore' do
+      attributes = { 'name' => 'Joe', 'code' => 'ERF', 'address' => 'Av. Aragon' }
+      expected_attributes = attributes.delete_if { |k, _| k == 'address' }
+
+      expect(Dummy).to receive(:foo).with(expected_attributes)
+
+      get '/test_ignored_params', attributes
+    end
+  end
+
+  context 'when the request contains splat or wildcard parameters' do
+    context 'when wildcard parameters (splat & captures) are not defined as permitted' do
+      it 'does not raise an error' do
+        attributes = { 'name' => 'Joe', 'code' => 'ERF' }
+        expected_attributes = attributes.merge('id' => '5')
+
+        expect(Dummy).to receive(:foo).with(expected_attributes)
+
+        put '/test_wildcard_params/5', attributes
+      end
+    end
+  end
+end
+
+def app
+  DummyController.new
+end

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+
+ENV['RACK_ENV'] ||= 'test'
+
+require 'sinatra'
+require 'sinatra/permitted_params'
+require 'rspec'
+require 'rack/test'
+

metadata

@@ -0,0 +1,123 @@
+--- !ruby/object:Gem::Specification
+name: sinatra_permitted_params
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- peerTransfer tech
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-03-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A sinatra gem to filter params
+email:
+- tech@peertransfer.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- README.md
+- lib/sinatra/permitted_params.rb
+- lib/sinatra_permitted_params/version.rb
+- sinatra_permitted_params.gemspec
+- spec/lib/sinatra/permitted_params_spec.rb
+- spec/spec_helper.rb
+homepage: 
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: A sinatra gem to filter params
+test_files:
+- spec/spec_helper.rb
+- spec/lib/sinatra/permitted_params_spec.rb