Merge pull request #660 from bpo/allowlist-regex
Support regular expressions in allowlist
This commit is contained in:
commit
f7b9246e68
|
@ -2,6 +2,7 @@
|
|||
|
||||
=== Changes
|
||||
* Rename `url_whitelist` to `url_allowlist`
|
||||
* Allowlist now supports regular expressions
|
||||
* Fixed Ruby 2.7 deprecation warnings
|
||||
|
||||
=== Breaking changes
|
||||
|
|
|
@ -349,6 +349,15 @@ to one of the values specified in the url allowlist like so:
|
|||
DatabaseCleaner.url_allowlist = ['postgres://postgres@localhost', 'postgres://foo@bar']
|
||||
```
|
||||
|
||||
Allowlist elements are matched with case equality (`===`), so regular expressions or procs may be used:
|
||||
|
||||
```ruby
|
||||
DatabaseCleaner.url_allowlist = [
|
||||
%r{^postgres://postgres@localhost}, # match any db with this prefix
|
||||
proc {|uri| URI.parse(uri).user == "test" } # match any db authenticating with the 'test' user
|
||||
]
|
||||
```
|
||||
|
||||
## COPYRIGHT
|
||||
|
||||
See [LICENSE](LICENSE) for details.
|
||||
|
|
|
@ -29,7 +29,7 @@ module DatabaseCleaner
|
|||
private
|
||||
|
||||
def database_url_not_allowed?
|
||||
!DatabaseCleaner.url_allowlist.include?(ENV['DATABASE_URL'])
|
||||
!DatabaseCleaner.url_allowlist.any? {|allowed| allowed === ENV['DATABASE_URL'] }
|
||||
end
|
||||
|
||||
def skip?
|
||||
|
|
|
@ -86,11 +86,27 @@ module DatabaseCleaner
|
|||
describe 'A remote url is not on the allowlist' do
|
||||
let(:database_url) { 'postgress://bar.baz' }
|
||||
|
||||
it 'raises a allowlist error' do
|
||||
it 'raises a not allowed error' do
|
||||
expect { cleaner.start }.to raise_error(Safeguard::Error::UrlNotAllowed)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'A similar url not explicitly matched as a pattern' do
|
||||
let(:database_url) { 'postgres://foo.bar?pool=8' }
|
||||
|
||||
it 'raises a not allowed error' do
|
||||
expect { cleaner.start }.to raise_error(Safeguard::Error::UrlNotAllowed)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'A remote url matches a pattern on the allowlist' do
|
||||
let(:database_url) { 'postgres://bar.baz?pool=16' }
|
||||
|
||||
it 'does not raise' do
|
||||
expect { cleaner.start }.to_not raise_error
|
||||
end
|
||||
end
|
||||
|
||||
describe 'A local url is on the allowlist' do
|
||||
let(:database_url) { 'postgres://postgres@localhost' }
|
||||
|
||||
|
@ -106,9 +122,24 @@ module DatabaseCleaner
|
|||
expect { cleaner.start }.to raise_error(Safeguard::Error::UrlNotAllowed)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'A url that matches a proc' do
|
||||
let(:database_url) { 'redis://test:test@foo.bar' }
|
||||
|
||||
it 'does not raise' do
|
||||
expect { cleaner.start }.to_not raise_error
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
let(:url_allowlist) { ['postgres://postgres@localhost', 'postgres://foo.bar'] }
|
||||
let(:url_allowlist) do
|
||||
[
|
||||
'postgres://postgres@localhost',
|
||||
'postgres://foo.bar',
|
||||
%r{^postgres://bar.baz},
|
||||
proc { |x| URI.parse(x).user == 'test' }
|
||||
]
|
||||
end
|
||||
|
||||
describe 'url_allowlist' do
|
||||
before { DatabaseCleaner.url_allowlist = url_allowlist }
|
||||
|
|
Loading…
Reference in New Issue