sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

style: avoid compact class/module definitions

Browse source
This commit is contained in:
Gonzalo Rodriguez 2019-08-02 11:17:41 -03:00
parent f5a352b8f9
commit c8021da91c
No known key found for this signature in database
GPG key ID: 5DB8B81B049B8AB1
3 changed files with 173 additions and 164 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.rubocop.yml
View file

@ -41,6 +41,11 @@ Style/BlockDelimiters:
Style/BracesAroundHashParameters: Style/BracesAroundHashParameters:
Enabled: true Enabled: true
Style/ClassAndModuleChildren:
Enabled: true
Exclude:
- "spec/**/*"
Style/Encoding: Style/Encoding:
Enabled: true Enabled: true

294
lib/rack/attack.rb
View file

@ -6,159 +6,161 @@ require 'rack/attack/path_normalizer'
require 'rack/attack/request' require 'rack/attack/request'
require "ipaddr" require "ipaddr"
class Rack::Attack module Rack
class MisconfiguredStoreError < StandardError; end class Attack
class MissingStoreError < StandardError; end class MisconfiguredStoreError < StandardError; end
class MissingStoreError < StandardError; end
autoload :Cache, 'rack/attack/cache' autoload :Cache, 'rack/attack/cache'
autoload :Check, 'rack/attack/check' autoload :Check, 'rack/attack/check'
autoload :Throttle, 'rack/attack/throttle' autoload :Throttle, 'rack/attack/throttle'
autoload :Safelist, 'rack/attack/safelist' autoload :Safelist, 'rack/attack/safelist'
autoload :Blocklist, 'rack/attack/blocklist' autoload :Blocklist, 'rack/attack/blocklist'
autoload :Track, 'rack/attack/track' autoload :Track, 'rack/attack/track'
autoload :StoreProxy, 'rack/attack/store_proxy' autoload :StoreProxy, 'rack/attack/store_proxy'
autoload :DalliProxy, 'rack/attack/store_proxy/dalli_proxy' autoload :DalliProxy, 'rack/attack/store_proxy/dalli_proxy'
autoload :MemCacheStoreProxy, 'rack/attack/store_proxy/mem_cache_store_proxy' autoload :MemCacheStoreProxy, 'rack/attack/store_proxy/mem_cache_store_proxy'
autoload :RedisProxy, 'rack/attack/store_proxy/redis_proxy' autoload :RedisProxy, 'rack/attack/store_proxy/redis_proxy'
autoload :RedisStoreProxy, 'rack/attack/store_proxy/redis_store_proxy' autoload :RedisStoreProxy, 'rack/attack/store_proxy/redis_store_proxy'
autoload :RedisCacheStoreProxy, 'rack/attack/store_proxy/redis_cache_store_proxy' autoload :RedisCacheStoreProxy, 'rack/attack/store_proxy/redis_cache_store_proxy'
autoload :ActiveSupportRedisStoreProxy, 'rack/attack/store_proxy/active_support_redis_store_proxy' autoload :ActiveSupportRedisStoreProxy, 'rack/attack/store_proxy/active_support_redis_store_proxy'
autoload :Fail2Ban, 'rack/attack/fail2ban' autoload :Fail2Ban, 'rack/attack/fail2ban'
autoload :Allow2Ban, 'rack/attack/allow2ban' autoload :Allow2Ban, 'rack/attack/allow2ban'
class << self class << self
attr_accessor :notifier, :blocklisted_response, :throttled_response, :anonymous_blocklists, :anonymous_safelists attr_accessor :notifier, :blocklisted_response, :throttled_response, :anonymous_blocklists, :anonymous_safelists
def safelist(name = nil, &block) def safelist(name = nil, &block)
safelist = Safelist.new(name, &block) safelist = Safelist.new(name, &block)
if name if name
safelists[name] = safelist safelists[name] = safelist
else
anonymous_safelists << safelist
end
end
def blocklist(name = nil, &block)
blocklist = Blocklist.new(name, &block)
if name
blocklists[name] = blocklist
else
anonymous_blocklists << blocklist
end
end
def blocklist_ip(ip_address)
anonymous_blocklists << Blocklist.new { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
end
def safelist_ip(ip_address)
anonymous_safelists << Safelist.new { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
end
def throttle(name, options, &block)
throttles[name] = Throttle.new(name, options, &block)
end
def track(name, options = {}, &block)
tracks[name] = Track.new(name, options, &block)
end
def safelists
@safelists ||= {}
end
def blocklists
@blocklists ||= {}
end
def throttles
@throttles ||= {}
end
def tracks
@tracks ||= {}
end
def safelisted?(request)
anonymous_safelists.any? { |safelist| safelist.matched_by?(request) } ||
safelists.any? { |_name, safelist| safelist.matched_by?(request) }
end
def blocklisted?(request)
anonymous_blocklists.any? { |blocklist| blocklist.matched_by?(request) } ||
blocklists.any? { |_name, blocklist| blocklist.matched_by?(request) }
end
def throttled?(request)
throttles.any? do |_name, throttle|
throttle.matched_by?(request)
end
end
def tracked?(request)
tracks.each_value do |track|
track.matched_by?(request)
end
end
def instrument(request)
if notifier
event_type = request.env["rack.attack.match_type"]
notifier.instrument("#{event_type}.rack_attack", request: request)
# Deprecated: Keeping just for backwards compatibility
notifier.instrument("rack.attack", request: request)
end
end
def cache
@cache ||= Cache.new
end
def clear_configuration
@safelists, @blocklists, @throttles, @tracks = {}, {}, {}, {}
self.anonymous_blocklists = []
self.anonymous_safelists = []
end
def clear!
warn "[DEPRECATION] Rack::Attack.clear! is deprecated. Please use Rack::Attack.clear_configuration instead"
clear_configuration
end
end
# Set defaults
@anonymous_blocklists = []
@anonymous_safelists = []
@notifier = ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
@blocklisted_response = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbidden\n"]] }
@throttled_response = lambda { |env|
retry_after = (env['rack.attack.match_data'] || {})[:period]
[429, { 'Content-Type' => 'text/plain', 'Retry-After' => retry_after.to_s }, ["Retry later\n"]]
}
def initialize(app)
@app = app
end
def call(env)
env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
request = Rack::Attack::Request.new(env)
if safelisted?(request)
@app.call(env)
elsif blocklisted?(request)
self.class.blocklisted_response.call(env)
elsif throttled?(request)
self.class.throttled_response.call(env)
else else
anonymous_safelists << safelist tracked?(request)
@app.call(env)
end end
end end
def blocklist(name = nil, &block) extend Forwardable
blocklist = Blocklist.new(name, &block) def_delegators self, :safelisted?, :blocklisted?, :throttled?, :tracked?
if name
blocklists[name] = blocklist
else
anonymous_blocklists << blocklist
end
end
def blocklist_ip(ip_address)
anonymous_blocklists << Blocklist.new { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
end
def safelist_ip(ip_address)
anonymous_safelists << Safelist.new { |request| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }
end
def throttle(name, options, &block)
throttles[name] = Throttle.new(name, options, &block)
end
def track(name, options = {}, &block)
tracks[name] = Track.new(name, options, &block)
end
def safelists
@safelists ||= {}
end
def blocklists
@blocklists ||= {}
end
def throttles
@throttles ||= {}
end
def tracks
@tracks ||= {}
end
def safelisted?(request)
anonymous_safelists.any? { |safelist| safelist.matched_by?(request) } ||
safelists.any? { |_name, safelist| safelist.matched_by?(request) }
end
def blocklisted?(request)
anonymous_blocklists.any? { |blocklist| blocklist.matched_by?(request) } ||
blocklists.any? { |_name, blocklist| blocklist.matched_by?(request) }
end
def throttled?(request)
throttles.any? do |_name, throttle|
throttle.matched_by?(request)
end
end
def tracked?(request)
tracks.each_value do |track|
track.matched_by?(request)
end
end
def instrument(request)
if notifier
event_type = request.env["rack.attack.match_type"]
notifier.instrument("#{event_type}.rack_attack", request: request)
# Deprecated: Keeping just for backwards compatibility
notifier.instrument("rack.attack", request: request)
end
end
def cache
@cache ||= Cache.new
end
def clear_configuration
@safelists, @blocklists, @throttles, @tracks = {}, {}, {}, {}
self.anonymous_blocklists = []
self.anonymous_safelists = []
end
def clear!
warn "[DEPRECATION] Rack::Attack.clear! is deprecated. Please use Rack::Attack.clear_configuration instead"
clear_configuration
end
end end
# Set defaults
@anonymous_blocklists = []
@anonymous_safelists = []
@notifier = ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
@blocklisted_response = lambda { |_env| [403, { 'Content-Type' => 'text/plain' }, ["Forbidden\n"]] }
@throttled_response = lambda { |env|
retry_after = (env['rack.attack.match_data'] || {})[:period]
[429, { 'Content-Type' => 'text/plain', 'Retry-After' => retry_after.to_s }, ["Retry later\n"]]
}
def initialize(app)
@app = app
end
def call(env)
env['PATH_INFO'] = PathNormalizer.normalize_path(env['PATH_INFO'])
request = Rack::Attack::Request.new(env)
if safelisted?(request)
@app.call(env)
elsif blocklisted?(request)
self.class.blocklisted_response.call(env)
elsif throttled?(request)
self.class.throttled_response.call(env)
else
tracked?(request)
@app.call(env)
end
end
extend Forwardable
def_delegators self, :safelisted?, :blocklisted?, :throttled?, :tracked?
end end

38
lib/rack/attack/path_normalizer.rb
View file

@ -1,24 +1,26 @@
# frozen_string_literal: true # frozen_string_literal: true
class Rack::Attack module Rack
# When using Rack::Attack with a Rails app, developers expect the request path class Attack
# to be normalized. In particular, trailing slashes are stripped. # When using Rack::Attack with a Rails app, developers expect the request path
# (See https://git.io/v0rrR for implementation.) # to be normalized. In particular, trailing slashes are stripped.
# # (See https://git.io/v0rrR for implementation.)
# Look for an ActionDispatch utility class that Rails folks would expect #
# to normalize request paths. If unavailable, use a fallback class that # Look for an ActionDispatch utility class that Rails folks would expect
# doesn't normalize the path (as a non-Rails rack app developer expects). # to normalize request paths. If unavailable, use a fallback class that
# doesn't normalize the path (as a non-Rails rack app developer expects).
module FallbackPathNormalizer module FallbackPathNormalizer
def self.normalize_path(path) def self.normalize_path(path)
path path
end
end end
end
PathNormalizer = if defined?(::ActionDispatch::Journey::Router::Utils) PathNormalizer = if defined?(::ActionDispatch::Journey::Router::Utils)
# For Rails apps # For Rails apps
::ActionDispatch::Journey::Router::Utils ::ActionDispatch::Journey::Router::Utils
else else
FallbackPathNormalizer FallbackPathNormalizer
end end
end
end end