class YamlCspConfig::YamlLoader
The entity that is responsible for loading the YAML and applying overrides
Constants
- DIRECTIVES
Attributes
config_file_path[R]
env_var_group_key[R]
env_var_key_prefix[R]
policy[R]
Public Class Methods
call(policy, config_file = YamlCspConfig.configuration.configuration_file_path)
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 26 def call(policy, config_file = YamlCspConfig.configuration.configuration_file_path) new(policy, config_file).configure end
new( policy, config_file_path, group_key: YamlCspConfig.configuration.default_env_var_group_key, var_key_prefix: YamlCspConfig.configuration.default_env_var_additions_key_prefix )
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 31 def initialize( policy, config_file_path, group_key: YamlCspConfig.configuration.default_env_var_group_key, var_key_prefix: YamlCspConfig.configuration.default_env_var_additions_key_prefix ) raise ArgumentError, "Config file doesn't exist" unless File.exist?(config_file_path) @policy = policy @config_file_path = config_file_path @env_var_group_key = group_key @env_var_key_prefix = var_key_prefix end
Public Instance Methods
configure()
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 45 def configure configure_with_overrides.each do |rule, values| unless policy.respond_to?(rule.to_sym) raise StandardError, "A CSP configuration was defined for an unsupported directive/setting: #{rule}" end policy.send(rule, *values) end policy end
Private Instance Methods
add_to_csp(policies, rule, value)
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 106 def add_to_csp(policies, rule, value) policies[rule] ||= [] policies[rule] += parse_policies_config(value) end
config_key_base()
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 115 def config_key_base @config_key_base ||= YamlCspConfig.configuration.yaml_config_base_key.to_s end
configure_with_overrides()
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 66 def configure_with_overrides config = raw_configuration policies = config[config_key_base].transform_values { |v| parse_policies_config(v) } env_var_direct_override( env_var_group_override( config, env_override(config, policies) ) ) end
env_override(config, policies)
click to toggle source
Override with any Rails env specific config
# File lib/yaml_csp_config/yaml_loader.rb, line 78 def env_override(config, policies) d = config[Rails.env.to_s] return policies unless d raise(StandardError, "The config is invalid for env #{Rails.env}") unless d.is_a?(Hash) d.each { |k, v| add_to_csp(policies, k, v) } policies end
env_var_direct_override(policies)
click to toggle source
Allow environment variables to add to rules
# File lib/yaml_csp_config/yaml_loader.rb, line 97 def env_var_direct_override(policies) DIRECTIVES.each do |rule| d = rule.to_s k = env_var_key_prefix + d.upcase add_to_csp(policies, d, ENV[k].split(" ")) if ENV[k].present? end policies end
env_var_group_override(config, policies)
click to toggle source
Optional an overriding config group can be specified by name in an environment variable
# File lib/yaml_csp_config/yaml_loader.rb, line 87 def env_var_group_override(config, policies) group_name = ENV[env_var_group_key] return policies if group_name.nil? || group_name.empty? || group_name == Rails.env d = config[group_name] raise(StandardError, "The config is invalid for #{group_name}") unless d.is_a?(Hash) d.each { |k, v| add_to_csp(policies, k, v) } policies end
parse_policies_config(policy)
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 111 def parse_policies_config(policy) Array.wrap(policy).flatten end
raw_configuration()
click to toggle source
# File lib/yaml_csp_config/yaml_loader.rb, line 61 def raw_configuration parsed = ERB.new(File.read(config_file_path.to_s)).result(binding) YAML.safe_load(parsed, permitted_classes: [Symbol], aliases: true) end