Class: Hoodoo::ActiveRecord::Secure::SecurityHelper

Inherits:
Object
  • Object
show all
Defined in:
lib/hoodoo/active/active_record/security_helper.rb

Overview

Help build security exemption Procs to pass into Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with via its options Hash. The following extends an example given in the documentation (at the time of writing here) for the underlying implementation method Hoodoo::ActiveRecord::Secure::ClassMethods#secure:

class Audit < ActiveRecord::Base
  include Hoodoo::ActiveRecord::Secure

  secure_with(
    {
      :creating_caller_uuid => :authorised_caller_uuids
    },
    {
      :exemptions => Hoodoo::ActiveRecord::Secure::SecurityHelper::includes_wildcard( '*' )
    }
  )
end

Note that the Hoodoo::ActiveRecord::Secure module includes some belper constants to aid brevity for common cases such as the single value #eql? or enumerable #include? matchers checking for a ‘*’ as an indiscriminate wildcard - see for example Hoodoo::ActiveRecord::Secure::ENUMERABLE_INCLUDES_STAR.

Class Method Summary collapse

Class Method Details

.eqls_wildcard(wildcard_value) ⇒ Object

Match a given wildcard, typically a String, to a single value via #eql?.

wildcard_value

Wildcard value to match, e.g. '*'.

Returns a Proc suitable for passing to the :exemptions option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with.



52
53
54
55
56
# File 'lib/hoodoo/active/active_record/security_helper.rb', line 52

def self.eqls_wildcard( wildcard_value )
  Proc.new do | security_value |
    security_value.eql?( wildcard_value ) rescue false
  end
end

.includes_wildcard(wildcard_value) ⇒ Object

Match a given wildcard, typically a String, inside an Enumerable subclass via #include?.

wildcard_value

Wildcard value to match, e.g. '*'.

Returns a Proc suitable for passing to the :exemptions option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with.



66
67
68
69
70
71
# File 'lib/hoodoo/active/active_record/security_helper.rb', line 66

def self.includes_wildcard( wildcard_value )
  Proc.new do | security_values |
    security_values.is_a?( Enumerable ) &&
    security_values.include?( wildcard_value ) rescue false
  end
end

.matches_wildcard(wildcard_regexp) ⇒ Object

Match a given wildcard Regexp to a value via #match?.

wildcard_value

Wildcard Regexp to use, e.g. /.*/. Strings are coerced to Regexps without any escaping but doing so reduces performance.

Returns a Proc suitable for passing to the :exemptions option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with.



82
83
84
85
86
87
88
# File 'lib/hoodoo/active/active_record/security_helper.rb', line 82

def self.matches_wildcard( wildcard_regexp )
  wildcard_regexp = Regexp.new( wildcard_regexp ) unless wildcard_regexp.is_a?( Regexp )

  Proc.new do | security_value |
    security_value.match?( wildcard_regexp ) rescue false
  end
end

.matches_wildcard_enumerable(wildcard_regexp) ⇒ Object

Match a given wildcard Regexp to any value in an enumerable object via iteration and #match?. Exists with true as soon as any match is made.

wildcard_value

Wildcard Regexp to use, e.g. /.*/. Strings are coerced to Regexps without any escaping but doing so reduces performance.

Returns a Proc suitable for passing to the :exemptions option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with.



101
102
103
104
105
106
107
108
109
110
111
112
113
# File 'lib/hoodoo/active/active_record/security_helper.rb', line 101

def self.matches_wildcard_enumerable( wildcard_regexp )
  match_proc = self.matches_wildcard( wildcard_regexp )

  Proc.new do | security_values |
    begin
      security_values.any? do | security_value |
        match_proc.call( security_value )
      end
    rescue
      false
    end
  end
end