add foodsoft_config protection whitelisting

This commit is contained in:
wvengen 2014-06-27 09:07:47 +02:00
parent 3fee071a10
commit f09ef892dc
2 changed files with 24 additions and 3 deletions

View file

@ -28,6 +28,9 @@
# shared_lists: false # allow database connection override # shared_lists: false # allow database connection override
# use_messages: true # foodcoops can't disable the use of messages # use_messages: true # foodcoops can't disable the use of messages
# #
# When you like to whitelist protected attributes, define an entry +all: true+,
# then you can whitelist specific attributes setting them to +false+.
#
class FoodsoftConfig class FoodsoftConfig
# @!attribute scope # @!attribute scope
@ -152,7 +155,11 @@ class FoodsoftConfig
# @return [Boolean] Whether this key may be set in the database # @return [Boolean] Whether this key may be set in the database
def allowed_key?(key) def allowed_key?(key)
# fast check for keys without nesting # fast check for keys without nesting
return !self.config[:protected][key] if self.config[:protected].include? key
return !self.config[:protected][key]
else
return !self.config[:protected][:all]
end
# @todo allow to check nested keys as well # @todo allow to check nested keys as well
end end

View file

@ -5,11 +5,11 @@ describe FoodsoftConfig do
let(:other_name) { Faker::Lorem.words(rand(2..4)).join(' ') } let(:other_name) { Faker::Lorem.words(rand(2..4)).join(' ') }
it 'returns a default value' do it 'returns a default value' do
expect(FoodsoftConfig[:protected][:database]).to be_true expect(FoodsoftConfig[:protected][:database]).to be true
end end
it 'returns an empty default value' do it 'returns an empty default value' do
expect(FoodsoftConfig[:protected][:LIUhniuyGNKUQTWfbiOQIWYexngo78hqexul]).to be_false expect(FoodsoftConfig[:protected][:LIUhniuyGNKUQTWfbiOQIWYexngo78hqexul]).to be nil
end end
it 'returns a configuration value' do it 'returns a configuration value' do
@ -60,6 +60,20 @@ describe FoodsoftConfig do
end end
end end
it 'can protect all values' do
old_name = FoodsoftConfig[:name]
FoodsoftConfig.config[:protected][:all] = true
FoodsoftConfig[:name] = name
expect(FoodsoftConfig[:name]).to eq old_name
end
it 'can whitelist a value' do
FoodsoftConfig.config[:protected][:all] = true
FoodsoftConfig.config[:protected][:name] = false
FoodsoftConfig[:name] = name
expect(FoodsoftConfig[:name]).to eq name
end
describe 'has indifferent access', type: :feature do describe 'has indifferent access', type: :feature do
it 'with symbol' do it 'with symbol' do
FoodsoftConfig[:name] = name FoodsoftConfig[:name] = name