Module: Ace::Support::Config::Atoms::PathValidator

Defined in:

lib/ace/support/config/atoms/path_validator.rb

Overview

Validates path segments for security Prevents path traversal attacks via “..” and absolute paths (Unix and Windows)

This module provides pure validation functions that check path segments for potentially dangerous patterns without any side effects.

Examples:

Validate a namespace segment

PathValidator.validate_segment!("valid_name")  # => true
PathValidator.validate_segment!("..")          # => raises ArgumentError
PathValidator.validate_segment!("/absolute")   # => raises ArgumentError
PathValidator.validate_segment!("C:\\path")    # => raises ArgumentError

Validate multiple segments

PathValidator.validate_segments!(["config", "nested", "file"])  # => true
PathValidator.validate_segments!(["config", "..", "secret"])    # => raises ArgumentError

Class Method Summary

• .valid_segment?(segment) ⇒ Boolean

  Check if a segment is valid (non-raising version).

• .valid_segments?(segments) ⇒ Boolean

  Check if all segments are valid (non-raising version).

• .validate_segment!(segment) ⇒ true

  Validate a single path segment for security.

• .validate_segments!(segments) ⇒ true

  Validate multiple path segments for security.

Class Method Details

.valid_segment?(segment) ⇒ Boolean

Check if a segment is valid (non-raising version)

# File 'lib/ace/support/config/atoms/path_validator.rb', line 55

def valid_segment?(segment)
  validate_segment!(segment)
  true
rescue ArgumentError
  false
end

.valid_segments?(segments) ⇒ Boolean

Check if all segments are valid (non-raising version)

# File 'lib/ace/support/config/atoms/path_validator.rb', line 65

def valid_segments?(segments)
  validate_segments!(segments)
  true
rescue ArgumentError
  false
end

.validate_segment!(segment) ⇒ true

Validate a single path segment for security

Raises:

• (ArgumentError) —

  If segment contains invalid characters

# File 'lib/ace/support/config/atoms/path_validator.rb', line 29

def validate_segment!(segment)
  if segment.include?("..")
    raise ArgumentError, "Invalid path segment: #{segment.inspect} (path traversal not allowed)"
  end
  if segment.start_with?("/")
    raise ArgumentError, "Invalid path segment: #{segment.inspect} (absolute paths not allowed)"
  end
  # Windows-style absolute paths: drive letters (C:) or UNC paths (\\server)
  if segment.start_with?("\\") || segment.match?(/\A[A-Za-z]:/)
    raise ArgumentError, "Invalid path segment: #{segment.inspect} (absolute paths not allowed)"
  end
  true
end

.validate_segments!(segments) ⇒ true

Validate multiple path segments for security

Raises:

• (ArgumentError) —

  If any segment contains invalid characters

# File 'lib/ace/support/config/atoms/path_validator.rb', line 47

def validate_segments!(segments)
  segments.each { |segment| validate_segment!(segment) }
  true
end