survey-gizmo-ruby 6.2.10 → 6.2.11

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 897e97a443708a3bbc799f88257396b15c83d7d2
4
- data.tar.gz: 9820bcf7514c52653e43752d9cf70c6466bac5fb
3
+ metadata.gz: 80f9cff758eafb0dc9a52c9d48c06d83094c3e6b
4
+ data.tar.gz: 2715840cd27fdf996c2f72b1cd53542e32ec9913
5
5
  SHA512:
6
- metadata.gz: 943be94d1c52765db58f50013f41ef32cbacc0260540388a15dd108b4af4265d163861b8d2f3969955ff5f80fc3b7279c21bad43eabe90071b02c3b34b8a7419
7
- data.tar.gz: 164399f8a1d3eaf1de4292f616467ef1d2d478faa77415649c6496efac4c17e5ad17ecddbce61b340655f274a62b8b15548f7add419582f290db16769ddc066b
6
+ metadata.gz: 551e3c4f4a93af34edc7d06ca47576f7355453dd3625c5631e9b7a4befd957970da1d14ac2bf38296055c0d4222e3f95de41e984b9a8839c7c55cbe68ebcd4cd
7
+ data.tar.gz: effefb9bda5c5d1975eaa8056b7fe4a096ea81512e046029420c5fb18eef70e7e7da7c1f72eef12a3e177c37ddd182ea73b9e8ae6ac965a5747e2cd81f742633
data/CHANGELOG.md CHANGED
@@ -1,5 +1,8 @@
1
1
  # Versions
2
2
 
3
+ ## 6.2.11
4
+ * Bugfix: Mask CGI escaped (percent encoded) api tokens in logs
5
+
3
6
  ## 6.2.10
4
7
  * Fix question pipe parsing when there's an integer without quotes instead of a quoted string (#87)
5
8
 
@@ -2,11 +2,22 @@ require 'logger'
2
2
 
3
3
  module SurveyGizmo
4
4
  class Logger < ::Logger
5
- def format_message(severity, timestamp, progname, msg)
6
- msg.gsub!(/#{Regexp.quote(SurveyGizmo.configuration.api_token)}/, '<SG_API_KEY>') if SurveyGizmo.configuration.api_token
7
- msg.gsub!(/#{Regexp.quote(SurveyGizmo.configuration.api_token_secret)}/, '<SG_API_SECRET>') if SurveyGizmo.configuration.api_token_secret
5
+ def format_message(severity, timestamp, progname, message)
6
+ if (api_token = SurveyGizmo.configuration.api_token)
7
+ message.gsub!(
8
+ /#{Regexp.quote(api_token)}|#{Regexp.quote(CGI.escape(api_token))}/,
9
+ '<SG_API_KEY>'
10
+ )
11
+ end
8
12
 
9
- "#{timestamp.strftime('%Y-%m-%d %H:%M:%S')} #{severity} #{msg}\n"
13
+ if (api_token_secret = SurveyGizmo.configuration.api_token_secret)
14
+ message.gsub!(
15
+ /#{Regexp.quote(api_token_secret)}|#{Regexp.quote(CGI.escape(api_token_secret))}/,
16
+ '<SG_API_SECRET>'
17
+ )
18
+ end
19
+
20
+ "#{timestamp.strftime('%Y-%m-%d %H:%M:%S')} #{severity} #{message}\n"
10
21
  end
11
22
  end
12
23
  end
@@ -1,3 +1,3 @@
1
1
  module SurveyGizmo
2
- VERSION = '6.2.10'
2
+ VERSION = '6.2.11'
3
3
  end
@@ -0,0 +1,77 @@
1
+ require 'spec_helper'
2
+
3
+ describe SurveyGizmo::Configuration do
4
+ before(:each) do
5
+ SurveyGizmo.configure do |config|
6
+ config.api_token = 'king_of_the&whirled$'
7
+ config.api_token_secret = 'dream/word'
8
+ end
9
+ @severity = 'INFO'
10
+ @time_string = '2015-04-15 05:46:30'
11
+ @progname = 'TEST'
12
+ end
13
+
14
+ after(:each) do
15
+ SurveyGizmo.reset!
16
+ end
17
+
18
+ it 'should mask unencoded api token' do
19
+ config = SurveyGizmo.configuration
20
+ formatted_message = config.logger.format_message(
21
+ @severity,
22
+ @time_string.to_time,
23
+ @progname,
24
+ config.api_token
25
+ )
26
+ expect(
27
+ formatted_message
28
+ ).to eq(
29
+ "#{@time_string} #{@severity} <SG_API_KEY>\n"
30
+ )
31
+ end
32
+
33
+ it 'should mask percent encoded api token' do
34
+ config = SurveyGizmo.configuration
35
+ formatted_message = config.logger.format_message(
36
+ @severity,
37
+ @time_string.to_time,
38
+ @progname,
39
+ CGI.escape(config.api_token)
40
+ )
41
+ expect(
42
+ formatted_message
43
+ ).to eq(
44
+ "#{@time_string} #{@severity} <SG_API_KEY>\n"
45
+ )
46
+ end
47
+
48
+ it 'should mask unencoded api token secret' do
49
+ config = SurveyGizmo.configuration
50
+ formatted_message = config.logger.format_message(
51
+ @severity,
52
+ @time_string.to_time,
53
+ @progname,
54
+ config.api_token_secret
55
+ )
56
+ expect(
57
+ formatted_message
58
+ ).to eq(
59
+ "#{@time_string} #{@severity} <SG_API_SECRET>\n"
60
+ )
61
+ end
62
+
63
+ it 'should mask percent encoded api token secret' do
64
+ config = SurveyGizmo.configuration
65
+ formatted_message = config.logger.format_message(
66
+ @severity,
67
+ @time_string.to_time,
68
+ @progname,
69
+ CGI.escape(config.api_token_secret)
70
+ )
71
+ expect(
72
+ formatted_message
73
+ ).to eq(
74
+ "#{@time_string} #{@severity} <SG_API_SECRET>\n"
75
+ )
76
+ end
77
+ end
@@ -22,15 +22,15 @@ describe 'Survey Gizmo Resource' do
22
22
  it '#reload' do
23
23
  stub_request(:get, /#{@base}/).to_return(json_response(true, get_attributes))
24
24
  obj = described_class.new(get_attributes.merge(update_attributes))
25
- obj.attributes.reject { |k, v| v.blank? }.should == get_attributes.merge(update_attributes)
25
+ expect(obj.attributes.reject { |k, v| v.blank? }).to eq(get_attributes.merge(update_attributes))
26
26
  obj.reload
27
- obj.attributes.reject { |k, v| v.blank? }.should == get_attributes
27
+ expect(obj.attributes.reject { |k, v| v.blank? }).to eq(get_attributes)
28
28
  end
29
29
 
30
30
  it 'should raise an error if params are missing' do
31
- lambda {
31
+ expect(lambda {
32
32
  SurveyGizmoSpec::ResourceTest.destroy(test_id: 5)
33
- }.should raise_error(SurveyGizmo::URLError, 'Missing RESTful parameters in request: `:id`')
33
+ }).to raise_error(SurveyGizmo::URLError, 'Missing RESTful parameters in request: `:id`')
34
34
  end
35
35
 
36
36
  it_should_behave_like 'an API object'
@@ -73,8 +73,8 @@ describe 'Survey Gizmo Resource' do
73
73
  stub_request(:get, /#{@base}\/survey\/1\/surveyresponse/).to_return(json_response(true, []))
74
74
 
75
75
  survey = described_class.new(id: 1)
76
- expect(survey.server_has_new_results_since?(Time.now)).to be_false
77
- a_request(:get, /#{@base}\/survey\/1\/surveyresponse/).should have_been_made
76
+ expect(survey.server_has_new_results_since?(Time.now)).to be_falsey
77
+ expect(a_request(:get, /#{@base}\/survey\/1\/surveyresponse/)).to have_been_made
78
78
  end
79
79
  end
80
80
 
@@ -100,13 +100,13 @@ describe 'Survey Gizmo Resource' do
100
100
  end
101
101
 
102
102
  it 'should handle the _subtype key' do
103
- described_class.new(:_subtype => 'radio').type.should == 'radio'
103
+ expect(described_class.new(:_subtype => 'radio').type).to eq('radio')
104
104
  end
105
105
 
106
106
  it 'should find the survey' do
107
107
  stub_request(:get, /#{@base}\/survey\/1234/).to_return(json_response(true, get_attributes))
108
108
  described_class.new(base_params).survey
109
- a_request(:get, /#{@base}\/survey\/1234/).should have_been_made
109
+ expect(a_request(:get, /#{@base}\/survey\/1234/)).to have_been_made
110
110
  end
111
111
 
112
112
  context 'options' do
@@ -139,17 +139,17 @@ describe 'Survey Gizmo Resource' do
139
139
 
140
140
  it 'correctly parses options out of question data' do
141
141
  question = described_class.first(survey_id: survey_id, id: question_id)
142
- expect(question.options.all? { |o| o.question_id == question_id && o.survey_id == survey_id }).to be_true
142
+ expect(question.options.all? { |o| o.question_id == question_id && o.survey_id == survey_id }).to be_truthy
143
143
  expect(question.options.map { |o| o.id }).to eq([10014, 10015])
144
- a_request(:get, /#{@base}\/.*surveyoption/).should_not have_been_made
144
+ expect(a_request(:get, /#{@base}\/.*surveyoption/)).to_not have_been_made
145
145
  end
146
146
 
147
147
  it 'correctly parses sub question options' do
148
148
  question = described_class.new(survey_id: survey_id, id: question_id + 1, parent_question_id: question_id)
149
149
  expect(question.parent_question.id).to eq(described_class.new(body_data).id)
150
- expect(question.options.all? { |o| o.question_id == question.id && o.survey_id == survey_id }).to be_true
150
+ expect(question.options.all? { |o| o.question_id == question.id && o.survey_id == survey_id }).to be_truthy
151
151
  expect(question.options.map { |o| o.id }).to eq([10014, 10015])
152
- a_request(:get, /#{@base}\/survey\/#{survey_id}\/surveyquestion\/#{question_id}/).should have_been_made
152
+ expect(a_request(:get, /#{@base}\/survey\/#{survey_id}\/surveyquestion\/#{question_id}/)).to have_been_made
153
153
  end
154
154
  end
155
155
  end
@@ -168,8 +168,10 @@ describe 'Survey Gizmo Resource' do
168
168
  expect(question_with_subquestions.sub_questions.size).to eq(2)
169
169
 
170
170
  question_with_subquestions.sub_questions.first.parent_question
171
- a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{parent_id}/).should have_been_made
172
- skus.each { |sku| a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{sku}/).should have_been_made }
171
+ expect(a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{parent_id}/)).to have_been_made
172
+ skus.each do |sku|
173
+ expect(a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{sku}/)).to have_been_made
174
+ end
173
175
  end
174
176
 
175
177
  context 'and shortname' do
@@ -181,8 +183,8 @@ describe 'Survey Gizmo Resource' do
181
183
  expect(question_with_subquestions.sub_questions.size).to eq(2)
182
184
 
183
185
  question_with_subquestions.sub_questions.first.parent_question
184
- a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{parent_id}/).should have_been_made
185
- a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{sku}/).should have_been_made
186
+ expect(a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{parent_id}/)).to have_been_made
187
+ expect(a_request(:get, /#{@base}\/survey\/1234\/surveyquestion\/#{sku}/)).to have_been_made
186
188
  end
187
189
  end
188
190
  end
@@ -8,7 +8,7 @@ shared_examples_for 'an API object' do
8
8
  stub_api_call(:put)
9
9
  obj = described_class.create(create_attributes)
10
10
 
11
- obj.should be_instance_of(described_class)
11
+ expect(obj).to be_instance_of(described_class)
12
12
  a_request(:put, /#{@base}#{uri_paths[:create]}/).should have_been_made
13
13
  end
14
14
 
@@ -16,7 +16,7 @@ shared_examples_for 'an API object' do
16
16
  stub_request(:put, /#{@base}/).to_return(json_response(true, create_attributes))
17
17
  obj = described_class.create(create_attributes)
18
18
 
19
- obj.attributes.reject { |k, v| v.blank? }.should == (create_attributes_to_compare || create_attributes)
19
+ expect(obj.attributes.reject { |k, v| v.blank? }).to eq(create_attributes_to_compare || create_attributes)
20
20
  end
21
21
  end
22
22
 
@@ -24,8 +24,8 @@ shared_examples_for 'an API object' do
24
24
  it "should make a request and set the attributes" do
25
25
  stub_request(:get, /#{@base}/).to_return(json_response(true, get_attributes))
26
26
  obj = described_class.first(first_params)
27
- a_request(:get, /#{@base}#{uri_paths[:get]}/).should have_been_made
28
- obj.attributes.reject { |k, v| v.blank? }.should == (get_attributes_to_compare || get_attributes)
27
+ expect(a_request(:get, /#{@base}#{uri_paths[:get]}/)).to have_been_made
28
+ expect(obj.attributes.reject { |k, v| v.blank? }).to eq(get_attributes_to_compare || get_attributes)
29
29
  end
30
30
 
31
31
  it "should return false if the request fails" do
@@ -42,7 +42,7 @@ shared_examples_for 'an API object' do
42
42
  it "should make a request" do
43
43
  stub_api_call(:delete)
44
44
  @obj.destroy
45
- a_request(:delete, /#{@base}#{uri_paths[:delete]}/).should have_been_made
45
+ expect(a_request(:delete, /#{@base}#{uri_paths[:delete]}/)).to have_been_made
46
46
  end
47
47
 
48
48
  it "cannot be destroyed if new" do
@@ -55,12 +55,12 @@ shared_examples_for 'an API object' do
55
55
  it "should make a request" do
56
56
  stub_api_call(:delete)
57
57
  described_class.destroy(first_params)
58
- a_request(:delete, /#{@base}#{uri_paths[:delete]}/).should have_been_made
58
+ expect(a_request(:delete, /#{@base}#{uri_paths[:delete]}/)).to have_been_made
59
59
  end
60
60
 
61
61
  it "should return result" do
62
62
  stub_api_call(:delete)
63
- described_class.destroy(first_params).should be_true
63
+ expect(described_class.destroy(first_params)).to be_truthy
64
64
  end
65
65
  end
66
66
 
@@ -69,14 +69,14 @@ shared_examples_for 'an API object' do
69
69
  stub_api_call(:put)
70
70
  obj = described_class.new(create_attributes)
71
71
  obj.save
72
- a_request(:put, /#{@base}#{uri_paths[:create]}/).should have_been_made
72
+ expect(a_request(:put, /#{@base}#{uri_paths[:create]}/)).to have_been_made
73
73
  end
74
74
 
75
75
  it "should call update on a created resource" do
76
76
  obj = described_class.new(get_attributes)
77
77
  stub_api_call(:post)
78
78
  obj.save
79
- a_request(:post, /#{@base}#{uri_paths[:update]}/).should have_been_made
79
+ expect(a_request(:post, /#{@base}#{uri_paths[:update]}/)).to have_been_made
80
80
  end
81
81
  end
82
82
 
@@ -92,11 +92,11 @@ shared_examples_for 'an API object' do
92
92
  it "should make a get request" do
93
93
  stub_request(:get, /#{@base}/).to_return(json_response(true, data))
94
94
  iterator = described_class.all(get_attributes.merge(page: 1))
95
- iterator.should be_instance_of(Enumerator)
95
+ expect(iterator).to be_instance_of(Enumerator)
96
96
  collection = iterator.to_a
97
- a_request(:get, /#{@base}#{uri_paths[:create]}/).should have_been_made
98
- collection.first.should be_instance_of(described_class)
99
- collection.length.should == 3
97
+ expect(a_request(:get, /#{@base}#{uri_paths[:create]}/)).to have_been_made
98
+ expect(collection.first).to be_instance_of(described_class)
99
+ expect(collection.length).to eq(3)
100
100
  end
101
101
  end
102
102
  end
@@ -24,8 +24,8 @@ Gem::Specification.new do |gem|
24
24
  gem.add_dependency 'i18n'
25
25
  gem.add_dependency 'virtus', '>= 1.0.0'
26
26
 
27
- gem.add_development_dependency 'rspec', '~> 2.11.0'
28
- gem.add_development_dependency 'rake'
27
+ gem.add_development_dependency 'rspec', '~> 3.4.0'
28
+ gem.add_development_dependency 'rake', '~> 12.0.0'
29
29
  gem.add_development_dependency 'webmock'
30
30
  gem.add_development_dependency 'yard'
31
31
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: survey-gizmo-ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.2.10
4
+ version: 6.2.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kabari Hendrick
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2016-10-27 00:00:00.000000000 Z
14
+ date: 2016-12-10 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: activesupport
@@ -143,28 +143,28 @@ dependencies:
143
143
  requirements:
144
144
  - - "~>"
145
145
  - !ruby/object:Gem::Version
146
- version: 2.11.0
146
+ version: 3.4.0
147
147
  type: :development
148
148
  prerelease: false
149
149
  version_requirements: !ruby/object:Gem::Requirement
150
150
  requirements:
151
151
  - - "~>"
152
152
  - !ruby/object:Gem::Version
153
- version: 2.11.0
153
+ version: 3.4.0
154
154
  - !ruby/object:Gem::Dependency
155
155
  name: rake
156
156
  requirement: !ruby/object:Gem::Requirement
157
157
  requirements:
158
- - - ">="
158
+ - - "~>"
159
159
  - !ruby/object:Gem::Version
160
- version: '0'
160
+ version: 12.0.0
161
161
  type: :development
162
162
  prerelease: false
163
163
  version_requirements: !ruby/object:Gem::Requirement
164
164
  requirements:
165
- - - ">="
165
+ - - "~>"
166
166
  - !ruby/object:Gem::Version
167
- version: '0'
167
+ version: 12.0.0
168
168
  - !ruby/object:Gem::Dependency
169
169
  name: webmock
170
170
  requirement: !ruby/object:Gem::Requirement
@@ -228,6 +228,7 @@ files:
228
228
  - lib/survey_gizmo/resource.rb
229
229
  - lib/survey_gizmo/version.rb
230
230
  - spec/configuration_spec.rb
231
+ - spec/logger_spec.rb
231
232
  - spec/resource_spec.rb
232
233
  - spec/spec_helper.rb
233
234
  - spec/support/methods.rb
@@ -264,6 +265,7 @@ specification_version: 4
264
265
  summary: Gem to use the SurveyGizmo.com REST API, v3+
265
266
  test_files:
266
267
  - spec/configuration_spec.rb
268
+ - spec/logger_spec.rb
267
269
  - spec/resource_spec.rb
268
270
  - spec/spec_helper.rb
269
271
  - spec/support/methods.rb