-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add read-only configuration #2893
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
module ReadOnlyPrepender | ||
# Given a list of method symbols, preempt calls to them using a proxy that | ||
# raises an error if read_only is enabled. | ||
def write_protected(*method_names) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Use 2 (not 4) spaces for indentation. |
||
method_names.each do |m| | ||
proxy = Module.new do | ||
define_method(m) do |*args| | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. ReadOnlyPrepender#write_protected contains iterators nested 2 deep |
||
raise ::Errors::Conjur::ReadOnly::ActionNotPermitted unless !Rails.configuration.read_only | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Add empty line after guard clause. |
||
super *args | ||
end | ||
end | ||
self.prepend proxy | ||
end | ||
end | ||
end | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# frozen_string_literal: true | ||
|
||
Rails.application.configure do | ||
# Determines whether or not writable API endpoints are enabled. | ||
# | ||
# The `read_only` arguement is a boolean. By default, `read_only` is "Off". | ||
# This means that any of the writable API endpoints will function as intended. | ||
# | ||
# A writable API endpoint is one whose controller method is decorated with the | ||
# `@read_safe` decorator. When `read_only` is "On", such endpoints will return | ||
# an HTTP 405 Method Not Allowed response code. | ||
# | ||
config.read_only = false | ||
end | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ReadOnlyPrepender has no descriptive comment