add foodsoft_config protection whitelisting
This commit is contained in:
parent
3fee071a10
commit
f09ef892dc
2 changed files with 24 additions and 3 deletions
|
@ -28,6 +28,9 @@
|
||||||
# shared_lists: false # allow database connection override
|
# shared_lists: false # allow database connection override
|
||||||
# use_messages: true # foodcoops can't disable the use of messages
|
# use_messages: true # foodcoops can't disable the use of messages
|
||||||
#
|
#
|
||||||
|
# When you like to whitelist protected attributes, define an entry +all: true+,
|
||||||
|
# then you can whitelist specific attributes setting them to +false+.
|
||||||
|
#
|
||||||
class FoodsoftConfig
|
class FoodsoftConfig
|
||||||
|
|
||||||
# @!attribute scope
|
# @!attribute scope
|
||||||
|
@ -152,7 +155,11 @@ class FoodsoftConfig
|
||||||
# @return [Boolean] Whether this key may be set in the database
|
# @return [Boolean] Whether this key may be set in the database
|
||||||
def allowed_key?(key)
|
def allowed_key?(key)
|
||||||
# fast check for keys without nesting
|
# fast check for keys without nesting
|
||||||
return !self.config[:protected][key]
|
if self.config[:protected].include? key
|
||||||
|
return !self.config[:protected][key]
|
||||||
|
else
|
||||||
|
return !self.config[:protected][:all]
|
||||||
|
end
|
||||||
# @todo allow to check nested keys as well
|
# @todo allow to check nested keys as well
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -5,11 +5,11 @@ describe FoodsoftConfig do
|
||||||
let(:other_name) { Faker::Lorem.words(rand(2..4)).join(' ') }
|
let(:other_name) { Faker::Lorem.words(rand(2..4)).join(' ') }
|
||||||
|
|
||||||
it 'returns a default value' do
|
it 'returns a default value' do
|
||||||
expect(FoodsoftConfig[:protected][:database]).to be_true
|
expect(FoodsoftConfig[:protected][:database]).to be true
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns an empty default value' do
|
it 'returns an empty default value' do
|
||||||
expect(FoodsoftConfig[:protected][:LIUhniuyGNKUQTWfbiOQIWYexngo78hqexul]).to be_false
|
expect(FoodsoftConfig[:protected][:LIUhniuyGNKUQTWfbiOQIWYexngo78hqexul]).to be nil
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns a configuration value' do
|
it 'returns a configuration value' do
|
||||||
|
@ -60,6 +60,20 @@ describe FoodsoftConfig do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'can protect all values' do
|
||||||
|
old_name = FoodsoftConfig[:name]
|
||||||
|
FoodsoftConfig.config[:protected][:all] = true
|
||||||
|
FoodsoftConfig[:name] = name
|
||||||
|
expect(FoodsoftConfig[:name]).to eq old_name
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'can whitelist a value' do
|
||||||
|
FoodsoftConfig.config[:protected][:all] = true
|
||||||
|
FoodsoftConfig.config[:protected][:name] = false
|
||||||
|
FoodsoftConfig[:name] = name
|
||||||
|
expect(FoodsoftConfig[:name]).to eq name
|
||||||
|
end
|
||||||
|
|
||||||
describe 'has indifferent access', type: :feature do
|
describe 'has indifferent access', type: :feature do
|
||||||
it 'with symbol' do
|
it 'with symbol' do
|
||||||
FoodsoftConfig[:name] = name
|
FoodsoftConfig[:name] = name
|
||||||
|
|
Loading…
Reference in a new issue