Merge pull request #183 from ktheory/v5.0-prep

More safelist/blocklist refactoring
rack · Jul 5, 2016 · f9a6720 · f9a6720
2 parents 1bc85fa + f6762df
commit f9a6720
Show file tree

Hide file tree

Showing 9 changed files with 58 additions and 67 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -6,11 +6,8 @@ rvm:
   - jruby-19mode
 
 gemfile:
-  - gemfiles/activesupport3.2.gemfile
-  - gemfiles/activesupport4.0.gemfile
   - gemfiles/activesupport4.1.gemfile
   - gemfiles/activesupport4.2.gemfile
-  - gemfiles/dalli1.1.gemfile
   - gemfiles/dalli2.gemfile
 
 services:

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,15 @@
 
 ## master (unreleased)
 
+## v5.0.0 (beta)
+
+  - Deprecate `whitelist`/`blacklist` in favor of `safelist`/`blocklist`. (#181,
+    thanks @renee-travisci).
+
+To upgrade and fix deprecations, find and replace instances of `whitelist` and
+`blacklist` with `safelist` and `blocklist`. If you reference `rack.attack.match_type`,
+note that it will have values like `:safelist`/`:blocklist`.
+
 ## v4.4.1 17 Feb 2016
 
   - Fix a bug affecting apps using Redis::Store and ActiveSupport that could generate an error

diff --git a/README.md b/README.md
@@ -97,7 +97,7 @@ Define safelists, blocklists, throttles, and tracks as blocks that return truthy
 these go in an initializer in `config/initializers/`.
 A [Rack::Request](http://www.rubydoc.info/gems/rack/Rack/Request) object is passed to the block (named 'req' in the examples).
 
-### safelists
+### Safelists
 
 ```ruby
 # Always allow requests from localhost
@@ -108,7 +108,7 @@ Rack::Attack.safelist('allow from localhost') do |req|
 end
 ```
 
-### blocklists
+### Blocklists
 
 ```ruby
 # Block requests from 1.2.3.4
@@ -138,11 +138,11 @@ Rack::Attack.blocklist('fail2ban pentesters') do |req|
   # so the request is blocked
   Rack::Attack::Fail2Ban.filter("pentesters-#{req.ip}", :maxretry => 3, :findtime => 10.minutes, :bantime => 5.minutes) do
     # The count for the IP is incremented if the return value is truthy
-    CGI.unescape(req.query_string) =~ %r{/etc/passwd} || 
+    CGI.unescape(req.query_string) =~ %r{/etc/passwd} ||
     req.path.include?('/etc/passwd') ||
-    req.path.include?('wp-admin') || 
+    req.path.include?('wp-admin') ||
     req.path.include?('wp-login')
-    
+
   end
 end
 ```

diff --git a/gemfiles/activesupport3.2.gemfile b/gemfiles/activesupport3.2.gemfile
diff --git a/gemfiles/activesupport4.0.gemfile b/gemfiles/activesupport4.0.gemfile
diff --git a/gemfiles/dalli1.1.gemfile b/gemfiles/dalli1.1.gemfile
diff --git a/lib/rack/attack.rb b/lib/rack/attack.rb
@@ -24,9 +24,9 @@ class << self
     def safelist(name, &block)
       self.safelists[name] = Safelist.new(name, block)
     end
-    
+
     def whitelist(name, &block)
-      warn "[DEPRECATION] 'whitelist' is deprecated.  Please use 'safelist' instead."
+      warn "[DEPRECATION] 'Rack::Attack.whitelist' is deprecated.  Please use 'safelist' instead."
       safelist(name, &block)
     end
 
@@ -35,7 +35,7 @@ def blocklist(name, &block)
     end
 
     def blacklist(name, &block)
-      warn "[DEPRECATION] 'blacklist' is deprecated.  Please use 'blocklist' instead."
+      warn "[DEPRECATION] 'Rack::Attack.blacklist' is deprecated.  Please use 'blocklist' instead."
       blocklist(name, &block)
     end
 
@@ -53,12 +53,12 @@ def throttles;  @throttles  ||= {}; end
     def tracks;     @tracks     ||= {}; end
 
     def whitelists
-      warn "[DEPRECATION] 'whitelists' is deprecated.  Please use 'safelists' instead."
+      warn "[DEPRECATION] 'Rack::Attack.whitelists' is deprecated.  Please use 'safelists' instead."
       safelists
     end
 
     def blacklists
-      warn "[DEPRECATION] 'blacklists' is deprecated.  Please use 'blocklists' instead."
+      warn "[DEPRECATION] 'Rack::Attack.blacklists' is deprecated.  Please use 'blocklists' instead."
       blocklists
     end
 
@@ -69,7 +69,7 @@ def safelisted?(req)
     end
 
     def whitelisted?
-      warn "[DEPRECATION] 'whitelisted?' is deprecated.  Please use 'safelisted?' instead."
+      warn "[DEPRECATION] 'Rack::Attack.whitelisted?' is deprecated.  Please use 'safelisted?' instead."
       safelisted?
     end
 
@@ -80,7 +80,7 @@ def blocklisted?(req)
     end
 
     def blacklisted?
-      warn "[DEPRECATION] 'blacklisted?' is deprecated.  Please use 'blocklisted?' instead."
+      warn "[DEPRECATION] 'Rack::Attack.blacklisted?' is deprecated.  Please use 'blocklisted?' instead."
       blocklisted?
     end
 
@@ -108,6 +108,16 @@ def clear!
       @safelists, @blocklists, @throttles, @tracks = {}, {}, {}, {}
     end
 
+    def blacklisted_response=(res)
+      warn "[DEPRECATION] 'Rack::Attack.blacklisted_response=' is deprecated.  Please use 'blocklisted_response=' instead."
+      self.blocklisted_response=(res)
+    end
+
+    def blacklisted_response
+      warn "[DEPRECATION] 'Rack::Attack.blacklisted_response' is deprecated.  Please use 'blocklisted_response' instead."
+      self.blocklisted_response
+    end
+
   end
 
   # Set defaults

diff --git a/lib/rack/attack/version.rb b/lib/rack/attack/version.rb
@@ -1,5 +1,5 @@
 module Rack
   class Attack
-    VERSION = '4.4.1'
+    VERSION = '5.0.0.beta1'
   end
 end
diff --git a/spec/rack_attack_spec.rb b/spec/rack_attack_spec.rb
@@ -23,12 +23,12 @@
     it('has a blocklist') {
       Rack::Attack.blocklists.key?("ip #{@bad_ip}").must_equal true
     }
-    
+
     it('has a blacklist with a deprication warning') {
-      stdout, stderror  = capture_io do
+      _, stderror  = capture_io do
         Rack::Attack.blacklists.key?("ip #{@bad_ip}").must_equal true
       end
-      assert_match "[DEPRECATION] 'blacklists' is deprecated.  Please use 'blocklists' instead.", stderror
+      assert_match "[DEPRECATION] 'Rack::Attack.blacklists' is deprecated.  Please use 'blocklists' instead.", stderror
     }
 
     describe "a bad request" do
@@ -55,10 +55,10 @@
       it('has a safelist'){ Rack::Attack.safelists.key?("good ua") }
 
       it('has a whitelist with a deprication warning') {
-        stdout, stderror  = capture_io do
+        _, stderror  = capture_io do
           Rack::Attack.whitelists.key?("good ua")
         end
-        assert_match "[DEPRECATION] 'whitelists' is deprecated.  Please use 'safelists' instead.", stderror
+        assert_match "[DEPRECATION] 'Rack::Attack.whitelists' is deprecated.  Please use 'safelists' instead.", stderror
       }
 
       describe "with a request match both safelist & blocklist" do
@@ -73,6 +73,27 @@
         end
       end
     end
+
+    describe '#blocklisted_response' do
+      it 'should exist' do
+        Rack::Attack.blocklisted_response.must_respond_to :call
+      end
+
+      it 'should give a deprication warning for blacklisted_response' do
+        _, stderror  = capture_io do
+          Rack::Attack.blacklisted_response
+        end
+        assert_match "[DEPRECATION] 'Rack::Attack.blacklisted_response' is deprecated.  Please use 'blocklisted_response' instead.", stderror
+
+      end
+    end
+
+    describe '#throttled_response' do
+      it 'should exist' do
+        Rack::Attack.throttled_response.must_respond_to :call
+      end
+    end
+
   end
 
 end