Class: Owasp::Esapi::Validator::DateRule

Inherits:

Object
BaseRule
Owasp::Esapi::Validator::DateRule

Defined in:: lib/validator/date_rule.rb

Overview

A validator performs syntax and possibly semantic validation of a single piece of string data from an untrusted source. This class will return Time objects, as they are more flexible to reformat to for timezones and calendars Format variables, from rdoc %a - The abbreviated weekday name (“Sun”) %A - The full weekday name (“Sunday”) %b - The abbreviated month name (“Jan”) %B - The full month name (“January”) %c - The preferred local date and time representation %d - Day of the month (01..31) %H - Hour of the day, 24-hour clock (00..23) %I - Hour of the day, 12-hour clock (01..12) %j - Day of the year (001..366) %m - Month of the year (01..12) %M - Minute of the hour (00..59)** %p - Meridian indicator (“AM” or “PM”) %S - Second of the minute (00..60) %U - Week number of the current year,

starting with the first Sunday as the first
day of the first week (00..53)

%W - Week number of the current year,

starting with the first Monday as the first
day of the first week (00..53)

%w - Day of the week (Sunday is 0, 0..6) %x - Preferred representation for the date alone, no time %X - Preferred representation for the time alone, no date %y - Year without a century (00..99) %Y - Year with century %Z - Time zone name %% - Literal “%” character

Instance Attribute Summary collapse

#format ⇒ Object readonly

Returns the value of attribute format.

Attributes inherited from BaseRule

#allow_nil, #encoder, #name

Instance Method Summary collapse

#initialize(type, encoder = nil, dateformat = nil) ⇒ DateRule constructor

Create a validator, if no format is specificed We assume %b $d, %Y i.e.
#sanitize(context, input) ⇒ Object

Calls valid, with any failures causing it to return a zero Time object.
#valid(context, input) ⇒ Object

Parse the input, raise exceptions if validation fails Returns a Time object see BaseRule.

Methods inherited from BaseRule

#safe, #valid?, #validate, #whitelist

Constructor Details

#initialize(type, encoder = nil, dateformat = nil) ⇒ `DateRule`

Create a validator, if no format is specificed We assume %b $d, %Y i.e. September 11, 2001

# File 'lib/validator/date_rule.rb', line 49

def initialize(type, encoder = nil, dateformat = nil)
  super(type,encoder)
  @format = dateformat
  @format = "%B %d, %Y" if dateformat.nil?
end

Instance Attribute Details

#format ⇒ `Object` (readonly)

Returns the value of attribute format.



46
47
48

# File 'lib/validator/date_rule.rb', line 46

def format
  @format
end

Instance Method Details

#sanitize(context, input) ⇒ `Object`

Calls valid, with any failures causing it to return a zero Time object

# File 'lib/validator/date_rule.rb', line 80

def sanitize(context,input)
  d = Time.new(0)
  begin
    d = valid(context,input)
  rescue ValidationException => e
  end
  return d
end

#valid(context, input) ⇒ `Object`

Parse the input, raise exceptions if validation fails Returns a Time object see BaseRule

# File 'lib/validator/date_rule.rb', line 58

def valid(context,input)
  # check for empty
  if input.nil? or input.empty?
    if @allow_nil
      return nil
    end
    user = "#{context}: Input date required"
    log = "Input date required: context=#{context}, input=#{input}"
    raise Owasp::Esapi::ValidationException.new(user,log,context)
  end
  # clean the input
  clean = @encoder.canonicalize(input)
  begin
    return DateTime.strptime(clean,@format).to_time
  rescue ArgumentError => failed
    user="#{context}: Input date required"
    log="Input date required: context=#{context}, input=#{input}"
    raise Owasp::Esapi::ValidationException.new(user,log,context)
  end
end