aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport
diff options
context:
space:
mode:
authoryuuji.yaginuma <yuuji.yaginuma@gmail.com>2017-10-15 08:10:38 +0900
committeryuuji.yaginuma <yuuji.yaginuma@gmail.com>2017-11-13 17:39:10 +0900
commit00f5aca3ef5de2637134c40e2e8b5d3c1d5b1a08 (patch)
treea7b598742584a020eedce05ff40305e076953b1f /activesupport
parent5668dc6b1863ef43be8f8ef0fb1d5db913085fb3 (diff)
downloadrails-00f5aca3ef5de2637134c40e2e8b5d3c1d5b1a08.tar.gz
rails-00f5aca3ef5de2637134c40e2e8b5d3c1d5b1a08.tar.bz2
rails-00f5aca3ef5de2637134c40e2e8b5d3c1d5b1a08.zip
Verify credentials format before saving
Currently, credentials does not check the format when saving. As a result, incorrect data as yaml is also saved. If credentials is used in config files., an error will occur in credential yaml parsing before edit, and will not be able to edit it. In order to prevent this, verify the format when saving. Related: #30851
Diffstat (limited to 'activesupport')
-rw-r--r--activesupport/lib/active_support/encrypted_configuration.rb8
-rw-r--r--activesupport/test/encrypted_configuration_test.rb8
2 files changed, 15 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/encrypted_configuration.rb b/activesupport/lib/active_support/encrypted_configuration.rb
index b403048627..c52d3869de 100644
--- a/activesupport/lib/active_support/encrypted_configuration.rb
+++ b/activesupport/lib/active_support/encrypted_configuration.rb
@@ -22,6 +22,12 @@ module ActiveSupport
""
end
+ def write(contents)
+ deserialize(contents)
+
+ super
+ end
+
def config
@config ||= deserialize(read).deep_symbolize_keys
end
@@ -36,7 +42,7 @@ module ActiveSupport
end
def deserialize(config)
- config.present? ? YAML.load(config) : {}
+ config.present? ? YAML.load(config, content_path) : {}
end
end
end
diff --git a/activesupport/test/encrypted_configuration_test.rb b/activesupport/test/encrypted_configuration_test.rb
index 471faa8c12..0bc915be82 100644
--- a/activesupport/test/encrypted_configuration_test.rb
+++ b/activesupport/test/encrypted_configuration_test.rb
@@ -51,6 +51,14 @@ class EncryptedConfigurationTest < ActiveSupport::TestCase
assert_equal "things", @credentials[:new]
end
+ test "raise error when writing an invalid format value" do
+ assert_raise(Psych::SyntaxError) do
+ @credentials.change do |config_file|
+ config_file.write "login: *login\n username: dummy"
+ end
+ end
+ end
+
test "raises key error when accessing config via bang method" do
assert_raise(KeyError) { @credentials.something! }
end