Initial Implementation (#2)

salsify · Jun 26, 2017 · 28a77c8 · 28a77c8
1 parent baddba2
commit 28a77c8
Show file tree

Hide file tree

Showing 201 changed files with 3,697 additions and 127 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,6 @@
-/.bundle/
+**/.bundle/
+**/Gemfile.lock
 /.yardoc
-/Gemfile.lock
 /_yardoc/
 /coverage/
 /doc/
@@ -10,3 +10,6 @@
 
 # rspec failure tracking
 .rspec_status
+
+# Appraisal gemfile.lock
+/gemfiles/*.gemfile.lock
diff --git a/.overcommit.yml b/.overcommit.yml
@@ -0,0 +1,13 @@
+PreCommit:
+  RuboCop:
+    enabled: true
+    required: false
+    on_warn: fail
+
+  HardTabs:
+    enabled: true
+    required: false
+
+CommitMsg:
+  TrailingPeriod:
+    enabled: false
diff --git a/.rspec b/.rspec
@@ -1,2 +1,3 @@
 --format documentation
 --color
+--require spec_helper
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -0,0 +1,2 @@
+inherit_gem:
+  salsify_rubocop: conf/rubocop_rails.yml
diff --git a/.travis.yml b/.travis.yml
@@ -1,5 +1,29 @@
-sudo: false
 language: ruby
+sudo: false
+
+bundler_args: --without test --jobs 3 --retry 3
+before_install:
+  - gem install bundler
+
+script:
+  - bundle exec rubocop
+  - bundle exec rspec
+
 rvm:
+  - 2.2.7
   - 2.3.4
-before_install: gem install bundler -v 1.15.0
+  - 2.4.1
+
+gemfile:
+  - gemfiles/4.1.gemfile
+  - gemfiles/4.2.gemfile
+  - gemfiles/5.0.gemfile
+  - gemfiles/5.1.gemfile
+
+matrix:
+  allow_failures:
+    - gemfile: gemfiles/4.1.gemfile
+      rvm: 2.4.1
+    - gemfile: gemfiles/5.1.gemfile
+
+  fast_finish: true
diff --git a/Appraisals b/Appraisals
@@ -0,0 +1,15 @@
+appraise '4.1' do
+  gem 'rails', '~> 4.1.0'
+end
+
+appraise '4.2' do
+  gem 'rails', '~> 4.2.0'
+end
+
+appraise '5.0' do
+  gem 'rails', '~> 5.0.0'
+end
+
+appraise '5.1' do
+  gem 'rails', '~> 5.1.0'
+end
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
diff --git a/Gemfile b/Gemfile
@@ -1,4 +1,4 @@
-source "https://rubygems.org"
+source 'https://rubygems.org'
 
 # Specify your gem's dependencies in safer_rails_console.gemspec
 gemspec
diff --git a/LICENSE.txt b/LICENSE.txt
@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2017 Timothy Su
+Copyright (c) 2017 Salsify, Inc
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -1,8 +1,6 @@
 # SaferRailsConsole
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/safer_rails_console`. To experiment with that code, run `bin/console` for an interactive prompt.
-
-TODO: Delete this and the text above, and describe your gem
+This gem makes Rails console sessions less dangerous in specified environments by warning, color-coding, auto-sandboxing, and allowing read-only external connections (disables job queueing, non-GET requests, etc.)
 
 ## Installation
 
@@ -14,30 +12,74 @@ gem 'safer_rails_console'
 
 And then execute:
 
-    $ bundle
+    $ bundle install
 
 Or install it yourself as:
 
     $ gem install safer_rails_console
 
+Add the following line to the end of 'config/boot.rb' in your Rails application.
+```ruby
+require 'safer_rails_console/patches/boot'
+```
+
 ## Usage
 
-TODO: Write usage instructions here
+The quickest way to demo this gem is to run `bundle exec rails console --sandbox`.
+
+A way to explicitly enable or disable the sandbox is added to Rails console as a flag with the last install step.
+```ruby
+bundle exec rails console --help  
+
+    -s, --[no-]sandbox               Explicitly enable/disable sandbox mode.
+    -e, --environment=name           Specifies the environment to run this console under (test/development/production).
+                                     Default: development
+        --debugger                   Enable the debugger.
+```
+
+This gem is autoloaded via Railties.  The following defaults can be configured from 'environments' or 'application.rb':
+```ruby
+# Set what console is used. Currently, only 'irb' is supported. 'pry' and other consoles are to be added.
+config.safer_rails_console.console = 'irb'  
+
+# Mapping environments to shortened names. `false` to disable.
+config.safer_rails_console.environment_names = {
+                                                 'development' => 'dev',
+                                                 'staging' => 'staging',
+                                                 'production' => 'prod'
+                                               }  
+# Mapping environments to console prompt colors. See colors.rb for colors. `false` to disable.
+config.safer_rails_console.environment_prompt_colors = {
+                                                         'development' => SaferRailsConsole::Colors::GREEN,
+                                                         'staging' => SaferRailsConsole::Colors::YELLOW,
+                                                         'production' => SaferRailsConsole::Colors::RED
+                                                       }  
+
+# Set environments which should default to sandbox. `false` to disable.
+config.safer_rails_console.sandbox_environments = %w{production}  
+
+# Set 'true' to have a prompt that asks the user if sandbox should be enabled/disabled if it was not explicitly specified (via. --[no-]sandbox)
+config.safer_rails_console.sandbox_prompt = false  
+
+# Set environments that should have a warning. `false` to disable.
+config.safer_rails_console.warn_environments = %w{production}  
+
+# Set warning message that should appear in the specified environments.
+config.safer_rails_console.warn_text = "WARNING: YOU ARE USING RAILS CONSOLE IN PRODUCTION!\n" \
+                                       'Changing data can cause serious data loss. ' \
+                                       'Make sure you know what you\'re doing.'
+```
 
 ## Development
 
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `wwtd` to simulate the entire build matrix (ruby version / rails version) or `appraisal` to test against each supported rails version with your active ruby version. Run `rubocop` to check for style. 
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/safer_rails_console. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/salsify/safer_rails_console. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
 ## License
 
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
-
-## Code of Conduct
-
-Everyone interacting in the SaferRailsConsole project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/safer_rails_console/blob/master/CODE_OF_CONDUCT.md).
diff --git a/Rakefile b/Rakefile
@@ -1,6 +1,7 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'rails'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec
diff --git a/gemfiles/4.1.gemfile b/gemfiles/4.1.gemfile
@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 4.1.0"
+
+gemspec path: "../"
diff --git a/gemfiles/4.2.gemfile b/gemfiles/4.2.gemfile
@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 4.2.0"
+
+gemspec path: "../"
diff --git a/gemfiles/5.0.gemfile b/gemfiles/5.0.gemfile
@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 5.0.0"
+
+gemspec path: "../"
diff --git a/gemfiles/5.1.gemfile b/gemfiles/5.1.gemfile
@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 5.1.0"
+
+gemspec path: "../"
diff --git a/lib/safer_rails_console.rb b/lib/safer_rails_console.rb
@@ -1,5 +1,61 @@
-require "safer_rails_console/version"
+require 'safer_rails_console/version'
+require 'safer_rails_console/railtie'
+require 'safer_rails_console/colors'
+require 'safer_rails_console/rails_version'
+require 'safer_rails_console/console'
 
 module SaferRailsConsole
-  # Your code goes here...
+  class << self
+    def environment_name
+      config.environment_names.key?(::Rails.env.downcase) ? config.environment_names[::Rails.env.downcase] : 'unknown env'
+    end
+
+    def prompt_color
+      config.environment_prompt_colors.key?(::Rails.env.downcase) ? config.environment_prompt_colors[::Rails.env.downcase] : SaferRailsConsole::Colors::NONE
+    end
+
+    def sandbox_environment?
+      config.sandbox_environments.include?(::Rails.env.downcase)
+    end
+
+    def warn_environment?
+      config.warn_environments.include?(::Rails.env.downcase)
+    end
+
+    def config
+      @config ||= Configuration.new
+    end
+  end
+
+  class Configuration
+    include ActiveSupport::Configurable
+
+    CONFIG_DEFAULTS = {
+        console: 'irb',
+        environment_names: {
+            'development' => 'dev',
+            'staging' => 'staging',
+            'production' => 'prod'
+        },
+        environment_prompt_colors: {
+            'development' => SaferRailsConsole::Colors::GREEN,
+            'staging' => SaferRailsConsole::Colors::YELLOW,
+            'production' => SaferRailsConsole::Colors::RED
+        },
+        sandbox_environments: %w{production},
+        sandbox_prompt: false,
+        warn_environments: %w{production},
+        warn_text: "WARNING: YOU ARE USING RAILS CONSOLE IN PRODUCTION!\n" \
+                   'Changing data can cause serious data loss. ' \
+                   'Make sure you know what you\'re doing.'
+    }.freeze
+
+    CONFIG_DEFAULTS.each do |name, value|
+      config_accessor(name) { value }
+    end
+
+    def set(**new_config)
+      config.merge!(new_config.select { |k, _v| CONFIG_DEFAULTS.key?(k) })
+    end
+  end
 end
diff --git a/lib/safer_rails_console/colors.rb b/lib/safer_rails_console/colors.rb
@@ -0,0 +1,17 @@
+module SaferRailsConsole
+  module Colors
+    NONE = 0
+    BLACK = 30
+    RED = 31
+    GREEN = 32
+    YELLOW = 33
+    BLUE = 34
+    PINK = 35
+    CYAN = 36
+    WHITE = 37
+
+    def color_text(text, color_code)
+      "\e[#{color_code}m#{text}\e[0m"
+    end
+  end
+end