tenant_check 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1186affdcb84a728e1e4689cee3907c517b0cd7136e02f4d96d7d299b199b11b
-  data.tar.gz: 487dc1e4c9bbd67acb6a6d98759c259dbe5ed1ef92fe9b6e21dc865188184dc5
+  metadata.gz: 6f601512de0336487ba3607ef044271704b9f525d71e3267cbb8f51cafd846fd
+  data.tar.gz: 891698c2c2af3a5222f61811544833f973ed83dc47f2511899749473058893ec
 SHA512:
-  metadata.gz: 776fbae20f003759b4a007666ef8e477fd50eab16071629182e53bff33c2d4b48fe394250acec492c950767d0f4b79fcabf0c14764a6cae94d4338408a1f8d1f
-  data.tar.gz: 0ddff666811b9d5193751e5eee2de26484fb2d526e8a4ca7d7ca5b197e5bcca99cf2896affff1d1af08a99090c032a1206d81e56f76045261faac5725efef394
+  metadata.gz: d6c71edc78c2b1acde0725717134c429a8dd2e3dd0517c2a75893d01c715afefb25d7b2da1c821a12b304feb8e547e7ce6a264b98818ce6bae70c77aa2b91ded
+  data.tar.gz: b960b3dedf52ad3b5446c6bfc746fc42b7c43e71443eb1634cef546bc464e3c009fe12085ce3be5d397b4f309d71ab4a6aa59ce28264c8029f83fe79aa4d547e

data/.gitignore

@@ -7,7 +7,7 @@
 /spec/reports/
 /tmp/
 /.vscode
-Gemfile.lock
+Gemfile*.lock
 .solargraph.yml
 
 # rspec failure tracking

data/.travis.yml

@@ -3,3 +3,6 @@ language: ruby
 rvm:
   - 2.5.0
 before_install: gem install bundler -v 1.16.1
+gemfile:
+  - Gemfile.rails-5.2
+  - Gemfile.rails-5.1

data/Gemfile.rails-5.1

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in tenant_check.gemspec
+gemspec
+
+gem 'rails', '~> 5.1.0'
+gem 'sqlite3'

data/Gemfile.rails-5.2

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in tenant_check.gemspec
+gemspec
+
+gem 'rails', '~> 5.2.0'
+gem 'sqlite3'

data/Gemfile.rails-master

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in tenant_check.gemspec
+gemspec
+
+gem 'rails', github: 'rails/rails'
+gem 'sqlite3'

data/README.md

@@ -1,4 +1,5 @@
 # TenantCheck
+[![Build Status](https://travis-ci.org/shunichi/tenant_check.svg?branch=master)](https://travis-ci.org/shunichi/tenant_check)
 
 Detect tenant unsafe queries in Rails app.
 
@@ -26,8 +27,8 @@ Or install it yourself as:
 
 ```ruby
 # in config/initializers/tenant_check.rb
+TenantCheck.tenant_class = Tenant # your tenant class
 if Rails.env.development?
-  TenantCheck.tenant_class = Tenant # your tenant class
   TenantCheck.enable = true
 end
 ```
@@ -52,16 +53,28 @@ end
 ```ruby
 # unsafe queries. (output warnings to log)
 user = User.first # the query without tenant is unsafe.
-user.tasks.to_a # the query based on unsafe record is unsafe.
+user.tasks.to_a # the query based on an unsafe record is unsafe.
 
 # safe queries. (no warnings)
 tenant = Tenant.first # tenant query is safe.
 tenant_user = tenant.users.first # the query based on tenant is safe.
-tenant_user.tasks.to_a # the query based on safe record is safe.
+tenant_user.tasks.to_a # the query based on a safe record is safe.
 current_user.tasks.to_a # devise current_user is safe and the query based on it is safe.
 ```
 
-### temporarlly disable tenant check
+### Mark relations as tenant safe
+
+```ruby
+  # safe relations get no warnings.
+  users = User.all.mark_as_tenant_safe.to_a
+  user = User.mark_as_tenant_safe.first
+  tasks = user.tasks.to_a # no warnings since user is safe
+
+  # unsafe relation gets warnings.
+  User.all.mark_as_tenant_safe.where('id > 3').to_a # method chain after mark_as_tenant_safe is unsafe.
+```
+
+### Temporarlly disable tenant check
 
 ```ruby
 users = TenantCheck.ignored { User.all.to_a }
@@ -74,8 +87,10 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
 ## TODO
-- test for various rails versions
-- support calculation methods
+- Option to raise exception on unsafe query
+- Support `update_all`, `destroy_all` and `delete_all`
+- Support `joins`
+- Support `or`
 
 ## Contributing
 

data/lib/tenant_check.rb

@@ -19,7 +19,7 @@ module TenantCheck
       @patched = true
       ActiveSupport.on_load(:active_record) do
         require 'tenant_check/active_record/extensions'
-        ::TenantCheck::ActiveRecord.apply_patch
+        ::TenantCheck::ActiveRecord.apply_check_patch
         ::Rails.configuration.middleware.use TenantCheck::Rack if defined? Rails
       end
     end
@@ -116,3 +116,8 @@ module TenantCheck
     end
   end
 end
+
+ActiveSupport.on_load(:active_record) do
+  require 'tenant_check/active_record/extensions'
+  ::TenantCheck::ActiveRecord.apply_patch
+end

data/lib/tenant_check/active_record/extensions.rb

@@ -14,26 +14,29 @@ module TenantCheck
 
     module TenantSafetyCheck
       class << self
-        def safe_preloading
-          Thread.current[:tenant_check_safe_preloading]
+        def internal_force_safe_scope?
+          Thread.current[:tenant_check_internal_force_safe_scope]
         end
 
-        def safe_preloading=(value)
-          Thread.current[:tenant_check_safe_preloading] = value
+        def internal_force_safe_scope=(value)
+          Thread.current[:tenant_check_internal_force_safe_scope] = value
         end
 
-        def safe_preload(safe)
-          prev, self.safe_preloading = safe_preloading, true if safe # rubocop:disable Style/ParallelAssignment
+        def internal_force_safe(safe)
+          # rubocop:disable Style/ParallelAssignment
+          prev, self.internal_force_safe_scope = internal_force_safe_scope?, true if safe
+          # rubocop:enable Style/ParallelAssignment
           yield
         ensure
-          self.safe_preloading = prev if safe
+          self.internal_force_safe_scope = prev if safe
         end
       end
 
       private
 
       def check_tenant_safety(sql_descpription = nil)
-        return true if TenantSafetyCheck.safe_preloading || klass.name == ::TenantCheck.tenant_class_name
+        return true if _tenant_safe_mark? || TenantSafetyCheck.internal_force_safe_scope?
+        return true if klass.name == ::TenantCheck.tenant_class_name
         return true if respond_to?(:proxy_association) && proxy_association.owner._tenant_check_safe
         unless tenant_safe_where_clause?(where_clause)
           c = caller
@@ -56,7 +59,7 @@ module TenantCheck
       end
     end
 
-    module CollectionProxyExtension
+    module CollectionProxyCheck
       include TenantSafetyCheck
 
       def load_target
@@ -64,7 +67,8 @@ module TenantCheck
         return super if loaded?
 
         safe = check_tenant_safety
-        result = TenantSafetyCheck.safe_preload(safe) do
+        # preloading is safe if the relation is safe
+        result = TenantSafetyCheck.internal_force_safe(safe) do
           super
         end
         if safe
@@ -76,14 +80,46 @@ module TenantCheck
       end
     end
 
-    module RelationExtension
+    module BaseClassMethods
+      def mark_as_tenant_safe
+        relation = all
+        relation.mark_as_tenant_safe
+        relation
+      end
+    end
+
+    module RelationMethods
+      def mark_as_tenant_safe
+        @_tenant_safe_mark = true
+        self
+      end
+
+      def _tenant_safe_mark?
+        @_tenant_safe_mark
+      end
+    end
+
+    module RelationCheck
       include TenantSafetyCheck
 
+      def calculate(operation, column_name)
+        return super unless ::TenantCheck.enable_and_started?
+        TenantSafetyCheck.internal_force_safe(_tenant_safe_mark?) do
+          # FIXME: Calling has_include? is highly implementation dependent. It subject to change by rails versions.
+          return super if has_include?(column_name)
+          check_tenant_safety(operation.to_s)
+          super
+        end
+      end
+
       def pluck(*column_names)
         return super unless ::TenantCheck.enable_and_started?
-        return super if has_include?(column_names.first)
-        check_tenant_safety('pluck')
-        super
+        TenantSafetyCheck.internal_force_safe(_tenant_safe_mark?) do
+          # FIXME: Calling has_include? is highly implementation dependent. It subject to change by rails versions.
+          return super if has_include?(column_names.first)
+          check_tenant_safety('pluck')
+          super
+        end
       end
 
       private
@@ -93,7 +129,8 @@ module TenantCheck
 
         safe = check_tenant_safety
 
-        result = TenantSafetyCheck.safe_preload(safe) do
+        # preloading is safe if the relation is safe
+        result = TenantSafetyCheck.internal_force_safe(safe) do
           super
         end
 
@@ -107,59 +144,16 @@ module TenantCheck
       end
     end
 
-    module ActiveRecordExtension
-      def find_by_sql(sql, binds = [], preparable: nil, &block)
-        puts '************************* find_by_sql'
-        puts caller
-        puts '************************* sql'
-        pp sql
-        puts '************************* binds'
-        pp binds
-        puts '************************* to_sql'
-        puts connection.to_sql(sql, binds)
-        puts '************************* dump_arel'
-        dump_arel(sql)
-        super
-      end
-
-      def dump_arel(arel, depth = 0)
-        case arel
-        when Array
-          arel.each do |node|
-            dump_arel(node, depth + 1)
-          end
-        when ::Arel::SelectManager
-          indent_puts(depth, '[SelectManager]')
-          dump_arel(arel.ast, depth + 1)
-          pp arel
-        when ::Arel::Nodes::SelectStatement
-          indent_puts(depth, '[SelectStatement]')
-          dump_arel(arel.cores, depth + 1)
-        when ::Arel::Nodes::SelectCore
-          indent_puts(depth, '[SelectCore]')
-          indent_puts(depth + 1, 'projections=')
-          dump_arel(arel.projections, depth + 1)
-          indent_puts(depth + 1, 'join_source=')
-          dump_arel(arel.source, depth + 2)
-          indent_puts(depth + 1, 'wheres=')
-          dump_arel(arel.wheres, depth + 1)
-        when ::Arel::Nodes::Node
-          indent_puts(depth, "[#{arel.class}]")
-        when ::Arel::Attributes::Attribute
-          indent_puts(depth, "[#{arel.class}]")
-        end
-      end
-
-      def indent_puts(depth, str)
-        puts '  ' * depth + str
-      end
-    end
-
     class << self
       def apply_patch
-        ::ActiveRecord::Base.include TenantMethodExtension
-        ::ActiveRecord::Relation.prepend RelationExtension
-        ::ActiveRecord::Associations::CollectionProxy.prepend CollectionProxyExtension
+        ::ActiveRecord::Base.extend ::TenantCheck::ActiveRecord::BaseClassMethods
+        ::ActiveRecord::Relation.prepend ::TenantCheck::ActiveRecord::RelationMethods
+      end
+
+      def apply_check_patch
+        ::ActiveRecord::Base.include ::TenantCheck::ActiveRecord::TenantMethodExtension
+        ::ActiveRecord::Relation.prepend ::TenantCheck::ActiveRecord::RelationCheck
+        ::ActiveRecord::Associations::CollectionProxy.prepend ::TenantCheck::ActiveRecord::CollectionProxyCheck
       end
     end
   end

data/lib/tenant_check/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TenantCheck
-  VERSION = '0.1.1'
+  VERSION = '0.1.2'
 end

data/tenant_check.gemspec

@@ -20,6 +20,8 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.add_runtime_dependency 'activerecord', '>= 5.1.0'
+
   spec.add_development_dependency "bundler", "~> 1.16"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rspec", "~> 3.0"

data/test.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+BUNDLE_GEMFILE=Gemfile.rails-5.1 bundle install && BUNDLE_GEMFILE=Gemfile.rails-5.1 bundle exec rspec spec
+BUNDLE_GEMFILE=Gemfile.rails-5.2 bundle install && BUNDLE_GEMFILE=Gemfile.rails-5.2 bundle exec rspec spec
+BUNDLE_GEMFILE=Gemfile.rails-master bundle install && BUNDLE_GEMFILE=Gemfile.rails-master bundle exec rspec spec

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: tenant_check
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Shunichi Ikegami
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-05-10 00:00:00.000000000 Z
+date: 2018-05-21 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.1.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -64,6 +78,9 @@ files:
 - ".rubocop.yml"
 - ".travis.yml"
 - Gemfile
+- Gemfile.rails-5.1
+- Gemfile.rails-5.2
+- Gemfile.rails-master
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -78,6 +95,7 @@ files:
 - lib/tenant_check/stack_trace_fliter.rb
 - lib/tenant_check/version.rb
 - tenant_check.gemspec
+- test.sh
 homepage: https://github.com/shunichi/tenant_check
 licenses:
 - MIT