Class: YamlCspConfig::YamlLoader

Inherits:
Object
  • Object
show all
Defined in:
lib/yaml_csp_config/yaml_loader.rb

Overview

The entity that is responsible for loading the YAML and applying overrides

Constant Summary collapse

DIRECTIVES =
%i[
  base_uri
  block_all_mixed_content
  child_src
  connect_src
  default_src
  font_src
  form_action
  frame_ancestors
  frame_src
  img_src
  manifest_src
  media_src
  navigate_to
  object_src
  plugin_types
  prefetch_src
  referrer
  report_to
  report_uri
  require_trusted_types_for
  sandbox
  script_src
  script_src_attr
  script_src_elem
  style_src
  style_src_attr
  style_src_elem
  trusted_types
  upgrade_insecure_requests
  worker_src
].freeze

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(policy, config_file_path, group_key: YamlCspConfig.configuration.default_env_var_group_key, var_key_prefix: YamlCspConfig.configuration.default_env_var_additions_key_prefix) ⇒ YamlLoader

Returns a new instance of YamlLoader.

Raises:

  • (ArgumentError)


45
46
47
48
49
50
51
52
53
54
55
56
57
# File 'lib/yaml_csp_config/yaml_loader.rb', line 45

def initialize(
  policy,
  config_file_path,
  group_key: YamlCspConfig.configuration.default_env_var_group_key,
  var_key_prefix: YamlCspConfig.configuration.default_env_var_additions_key_prefix
)
  raise ArgumentError, "Config file doesn't exist" unless File.exist?(config_file_path)

  @policy = policy
  @config_file_path = config_file_path
  @env_var_group_key = group_key
  @env_var_key_prefix = var_key_prefix
end

Class Method Details

.call(policy, config_file = YamlCspConfig.configuration.configuration_file_path) ⇒ Object



40
41
42
# File 'lib/yaml_csp_config/yaml_loader.rb', line 40

def call(policy, config_file = YamlCspConfig.configuration.configuration_file_path)
  new(policy, config_file).configure
end

Instance Method Details

#configureObject



59
60
61
62
63
64
65
66
67
68
69
# File 'lib/yaml_csp_config/yaml_loader.rb', line 59

def configure
  configure_with_overrides.each do |rule, values|
    unless policy.respond_to?(rule.to_sym)
      raise StandardError, "A CSP configuration was defined for an unsupported directive/setting: #{rule}"
    end

    policy.send(rule, *values)
  end

  policy
end