Class: Rockstart::SecurityGenerator

Inherits:
Rails::Generators::Base
  • Object
show all
Includes:
Rails::Generators::AppName
Defined in:
lib/generators/rockstart/security/security_generator.rb

Instance Method Summary collapse

Instance Method Details

#add_content_security_policyObject 



70
71
72
73
74
75
76
77
78
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 70

def add_content_security_policy
  template "content_security_policy_initializer.rb.tt",
           "config/initializers/content_security_policy.rb"

  copy_file "csp_violations_controller.rb", "app/controllers/csp_violations_controller.rb"
  route "resources :csp_violations, only: [:create]"

  template "content_security_spec.rb.tt", "spec/requests/content_security_spec.rb"
end

#add_security_rake_tasksObject 



45
46
47
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 45

def add_security_rake_tasks
  copy_file "security.rake", "lib/tasks/security.rake"
end

#add_session_initializerObject 



66
67
68
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 66

def add_session_initializer
  template "session_store_initializer.rb.tt", "config/initializers/session_store.rb"
end

#enforce_sslObject 



80
81
82
83
84
85
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 80

def enforce_ssl
  gsub_file "config/environments/production.rb",
            /config.force_ssl = .+$/,
            'config.force_ssl = ENV["ALLOW_INSECURE_HTTP"].to_i != 1'
  uncomment_lines "config/environments/production.rb", /config.force_ssl =/
end

#install_brakemanObject 



35
36
37
38
39
40
41
42
43
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 35

def install_brakeman
  gem "brakeman", group: i[development test]

  Bundler.clean_system("bundle install --quiet")

  copy_file "brakeman.rake", "lib/tasks/brakeman.rake"

  append_to_file ".gitignore", "brakeman\n"
end

#install_bundler_auditObject 



27
28
29
30
31
32
33
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 27

def install_bundler_audit
  gem "bundler-audit", github: "rubysec/bundler-audit"

  Bundler.clean_system("bundle install --quiet")

  copy_file "bundler_audit.rake", "lib/tasks/bundler_audit.rake"
end

#install_rack_attackObject 



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'lib/generators/rockstart/security/security_generator.rb', line 49

def install_rack_attack
  gem "rack-attack"

  Bundler.clean_system("bundle install --quiet")

  copy_file "rack_attack.rb", "config/initializers/rack_attack.rb"
  copy_file "cache_support.rb", "spec/support/cache.rb"

  application do
    "      # Use memory_store cache for testing and default configurations\n      config.cache_store = :memory_store\n    CACHE\n  end\n  comment_lines \"config/environments/test.rb\", \"config.cache_store = \"\nend\n"