ts_vector_tags 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +9 -1
- data/lib/ts_vector_tags.rb +17 -0
- data/spec/ts_vector_tags_spec.rb +13 -0
- data/ts_vector_tags.gemspec +2 -1
- metadata +32 -5
data/README.md
CHANGED
|
@@ -27,11 +27,19 @@ Tags can be set using either an array, or a comma separated list.
|
|
|
27
27
|
post.tags
|
|
28
28
|
=> ['bing', 'bong']
|
|
29
29
|
|
|
30
|
-
The including class has
|
|
30
|
+
The including class has scopes:
|
|
31
|
+
|
|
32
|
+
Common '&'-searches:
|
|
31
33
|
|
|
32
34
|
Post.with_tags('Paris, Texas')
|
|
33
35
|
Post.with_tags('Paris', 'Texas')
|
|
34
36
|
|
|
37
|
+
Complex tsqueries:
|
|
38
|
+
|
|
39
|
+
Post.with_tags_query("foo & !(bar | baz)")
|
|
40
|
+
|
|
41
|
+
tsqueries deemed potentially dangerous raises the `TsVectorTags::InvalidTsQueryError` exception.
|
|
42
|
+
|
|
35
43
|
Tags are normalized:
|
|
36
44
|
|
|
37
45
|
post.tags = [' wtf#$%^ &*??!']
|
data/lib/ts_vector_tags.rb
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
module TsVectorTags
|
|
3
3
|
|
|
4
|
+
# Regexp to reject injection attacks with ts_queries
|
|
5
|
+
TSQUERY_VALIDATOR = /^[[:alnum:]\*\:\(\)\&\!\|[:space:]]+$/
|
|
6
|
+
|
|
7
|
+
class InvalidTsQueryError < StandardError; end
|
|
8
|
+
|
|
4
9
|
module Standardizer
|
|
5
10
|
class << self
|
|
6
11
|
def tagify(tags)
|
|
@@ -14,11 +19,23 @@ module TsVectorTags
|
|
|
14
19
|
end
|
|
15
20
|
end
|
|
16
21
|
|
|
22
|
+
def self.acceptable_tsquery?(query)
|
|
23
|
+
# TODO: Check for balanced parantheses
|
|
24
|
+
query =~ TSQUERY_VALIDATOR
|
|
25
|
+
end
|
|
26
|
+
|
|
17
27
|
def self.included(base)
|
|
18
28
|
base.class_eval do
|
|
29
|
+
# Accepts a comma separated list of tags and applies the 'and'-operator to them
|
|
19
30
|
scope :with_tags, lambda { |tags|
|
|
20
31
|
where("tags_vector @@ to_tsquery('simple', ?) ", TsVectorTags::Standardizer.tagify(tags).join(' & '))
|
|
21
32
|
}
|
|
33
|
+
|
|
34
|
+
# Accepts a proper ts_query an allows complex logical expressions like "foo & !(bar | bling)"
|
|
35
|
+
scope :with_tags_query, lambda { |query|
|
|
36
|
+
raise InvalidTsQueryError, "Invalid tag query '#{query}'" unless TsVectorTags.acceptable_tsquery?(query)
|
|
37
|
+
where("tags_vector @@ to_tsquery('simple', '#{query}')")
|
|
38
|
+
}
|
|
22
39
|
end
|
|
23
40
|
end
|
|
24
41
|
|
data/spec/ts_vector_tags_spec.rb
CHANGED
|
@@ -28,6 +28,19 @@ class Thing
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
describe TsVectorTags do
|
|
31
|
+
|
|
32
|
+
describe "tsqueries" do
|
|
33
|
+
it "rejects potentially dangerous tsqueries" do
|
|
34
|
+
TsVectorTags.acceptable_tsquery?("'").should be_false
|
|
35
|
+
TsVectorTags.acceptable_tsquery?('"').should be_false
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
it "accepts plain tsqueries" do
|
|
39
|
+
TsVectorTags.acceptable_tsquery?("foo & !(bar | fudd)")
|
|
40
|
+
TsVectorTags.acceptable_tsquery?("foo:*A")
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
31
44
|
describe "accessors" do
|
|
32
45
|
let(:thing) { Thing.new }
|
|
33
46
|
|
data/ts_vector_tags.gemspec
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
$:.push File.expand_path("../lib", __FILE__)
|
|
3
3
|
|
|
4
4
|
module TsVectorTags
|
|
5
|
-
VERSION = "0.0.
|
|
5
|
+
VERSION = "0.0.6"
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
Gem::Specification.new do |s|
|
|
@@ -22,4 +22,5 @@ Gem::Specification.new do |s|
|
|
|
22
22
|
s.require_paths = ["lib"]
|
|
23
23
|
|
|
24
24
|
s.add_development_dependency "rspec"
|
|
25
|
+
s.add_development_dependency "rake"
|
|
25
26
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ts_vector_tags
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,11 +10,11 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2012-
|
|
13
|
+
date: 2012-11-12 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rspec
|
|
17
|
-
requirement:
|
|
17
|
+
requirement: !ruby/object:Gem::Requirement
|
|
18
18
|
none: false
|
|
19
19
|
requirements:
|
|
20
20
|
- - ! '>='
|
|
@@ -22,7 +22,28 @@ dependencies:
|
|
|
22
22
|
version: '0'
|
|
23
23
|
type: :development
|
|
24
24
|
prerelease: false
|
|
25
|
-
version_requirements:
|
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
26
|
+
none: false
|
|
27
|
+
requirements:
|
|
28
|
+
- - ! '>='
|
|
29
|
+
- !ruby/object:Gem::Version
|
|
30
|
+
version: '0'
|
|
31
|
+
- !ruby/object:Gem::Dependency
|
|
32
|
+
name: rake
|
|
33
|
+
requirement: !ruby/object:Gem::Requirement
|
|
34
|
+
none: false
|
|
35
|
+
requirements:
|
|
36
|
+
- - ! '>='
|
|
37
|
+
- !ruby/object:Gem::Version
|
|
38
|
+
version: '0'
|
|
39
|
+
type: :development
|
|
40
|
+
prerelease: false
|
|
41
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
42
|
+
none: false
|
|
43
|
+
requirements:
|
|
44
|
+
- - ! '>='
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '0'
|
|
26
47
|
description: Extremely simple, if somewhat exotic, mixin that uses the tsvector feature
|
|
27
48
|
in postgresql to add tags to an ActiveRecord model.
|
|
28
49
|
email:
|
|
@@ -52,15 +73,21 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
52
73
|
- - ! '>='
|
|
53
74
|
- !ruby/object:Gem::Version
|
|
54
75
|
version: '0'
|
|
76
|
+
segments:
|
|
77
|
+
- 0
|
|
78
|
+
hash: -2976820661742119530
|
|
55
79
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
56
80
|
none: false
|
|
57
81
|
requirements:
|
|
58
82
|
- - ! '>='
|
|
59
83
|
- !ruby/object:Gem::Version
|
|
60
84
|
version: '0'
|
|
85
|
+
segments:
|
|
86
|
+
- 0
|
|
87
|
+
hash: -2976820661742119530
|
|
61
88
|
requirements: []
|
|
62
89
|
rubyforge_project: ts_vector_tags
|
|
63
|
-
rubygems_version: 1.8.
|
|
90
|
+
rubygems_version: 1.8.24
|
|
64
91
|
signing_key:
|
|
65
92
|
specification_version: 3
|
|
66
93
|
summary: Super simple tag mixin for postgresql and activerecord
|