• Stars
    star
    143
  • Rank 256,955 (Top 6 %)
  • Language
    Ruby
  • License
    MIT License
  • Created over 7 years ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Make rails console less dangerous!

SaferRailsConsole

Build Status Gem Version

This gem makes Rails console sessions less dangerous in specified environments by warning, color-coding, and auto-sandboxing PostgreSQL connections. In the future we'd like to extend this to make other external connections read-only too (e.g. disable job queueing, non-GET HTTP requests, etc.)

Installation

Add this line to your application's Gemfile:

gem 'safer_rails_console'

And then execute:

$ bundle install

Or install it yourself as:

$ gem install safer_rails_console

Add the following line to the end of 'config/boot.rb' in your Rails application.

require 'safer_rails_console/patches/boot'

Usage

The quickest way to demo this gem is to run bundle exec rails console --sandbox.

Several ways to explicitly enable or disable the sandbox are added to Rails console as flags with the last install step. The order of precedence is -s, -r, then -w if multiple sandbox related flags are specified.

bundle exec rails console --help  

Usage: rails console [environment] [options]
    -s, --[no-]sandbox               Explicitly enable/disable sandbox mode.
    -w, --writable                   Alias for --no-sandbox.
    -r, --read-only                  Alias for --sandbox.
    -e, --environment=name           Specifies the environment to run this console under (test/development/production).
                                     Default: development
        --debugger                   Enable the debugger.

This gem is autoloaded via Railties. The following defaults can be configured from 'environments' or 'application.rb':

# Set what console is used. Currently, only 'irb' is supported. 'pry' and other consoles are to be added.
config.safer_rails_console.console = 'irb'  

# Mapping environments to shortened names. `false` to disable.
config.safer_rails_console.environment_names = {
                                                 'development' => 'dev',
                                                 'staging' => 'staging',
                                                 'production' => 'prod'
                                               }  
# Mapping environments to console prompt colors. See colors.rb for colors. `false` to disable.
config.safer_rails_console.environment_prompt_colors = {
                                                         'development' => SaferRailsConsole::Colors::GREEN,
                                                         'staging' => SaferRailsConsole::Colors::YELLOW,
                                                         'production' => SaferRailsConsole::Colors::RED
                                                       }  

# Set environments which should default to sandbox. `false` to disable.
config.safer_rails_console.sandbox_environments = %w{production}  

# Set 'true' to have a prompt that asks the user if sandbox should be enabled/disabled if it was not explicitly specified (via. --[no-]sandbox)
config.safer_rails_console.sandbox_prompt = false  

# Set environments that should have a warning. `false` to disable.
config.safer_rails_console.warn_environments = %w{production}  

# Set warning message that should appear in the specified environments.
config.safer_rails_console.warn_text = "WARNING: YOU ARE USING RAILS CONSOLE IN PRODUCTION!\n" \
                                       'Changing data can cause serious data loss. ' \
                                       'Make sure you know what you\'re doing.'

configuration settings can also be overridden using ENV variables. The following ENV vars can be used:

# Set the color prompt to a new color. See colors.rb for a listing of supported colors.
SAFER_RAILS_CONSOLE_PROMPT_COLOR=red/yellow/green

# Set the short name for the rails console prompt
SAFER_RAILS_CONSOLE_ENVIRONMENT_NAME=short-name

# Set the warning text to be displayed when warning for the environments rails consoled is enabled
SAFER_RAILS_CONSOLE_WARN_TEXT=New warning prompt text

# Enable or disable sandboxing of the rails console
SAFER_RAILS_CONSOLE_SANDBOX_ENVIRONMENT=true/false

# Enable or disable warning prompt of the rails console
SAFER_RAILS_CONSOLE_WARN_ENVIRONMENT=true/false

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run wwtd to simulate the entire build matrix (ruby version / rails version) or appraisal to test against each supported rails version with your active ruby version. Run rubocop to check for style.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/salsify/safer_rails_console. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.

License

The gem is available as open source under the terms of the MIT License.

More Repositories

1

goldiloader

Just the right amount of Rails eager loading
Ruby
1,575
star
2

jsonstreamingparser

A JSON streaming parser implementation in PHP.
PHP
718
star
3

ember-css-modules

CSS Modules for ambitious applications
JavaScript
282
star
4

avro-builder

Ruby DSL to create Avro schemas
Ruby
103
star
5

avro-schema-registry

Implementation of the Confluent Schema Registry API as a Rails application
Ruby
90
star
6

avromatic

Generate Ruby models from Avro schemas
Ruby
86
star
7

offline-sort

A Ruby gem to sort large amounts of data using a predictable amount of memory.
Ruby
84
star
8

ember-cli-dependency-lint

Lint your app's addon dependencies, making sure you only have one version of each.
JavaScript
83
star
9

action-detect-and-tag-new-version

A GitHub action to detect and tag new versions of a repo based on changes to its contents
TypeScript
57
star
10

omniauth-multi-provider

OmniAuth support for multiple providers of an authentication strategy
Ruby
43
star
11

ember-cli-pact

Contract testing with Ember.js and Pact
JavaScript
42
star
12

rails-multitenant

Ruby
37
star
13

delayed_job_worker_pool

Worker process pooling for Delayed Job
Ruby
36
star
14

ember-debug-logger

An Ember addon for attaching debug logging to container-managed objects
JavaScript
36
star
15

botanist

A JavaScript DSL for traversing and transforming data based on structural rules
TypeScript
28
star
16

delayed_job_groups_plugin

Job groups for delayed_job - http://www.salsify.com/blog/adding-job-groups-to-delayed-job-in-rails
Ruby
18
star
17

milestones

Tools for finding your way through async code
TypeScript
15
star
18

arc-furnace

Need to melt, weave, and meld information together? Arc furnace will fuse anything you've got.
Ruby
14
star
19

omniauth-multi-provider-saml

An extension to omniauth-saml for handling multiple identity providers
Ruby
14
star
20

ember-exclaim

An addon allowing apps to expose declarative, JSON-configurable custom UIs backed by Ember components
JavaScript
14
star
21

delayed_job_heartbeat_plugin

Delayed::Job plugin to unlock jobs from dead workers
Ruby
13
star
22

ember-cli-sticky

JavaScript
11
star
23

postgres-vacuum-monitor

Simple stats collector for postgres auto vacuumer and long running queries
Ruby
8
star
24

broccoli-css-modules

A broccoli plugin for compiling modular CSS
JavaScript
8
star
25

avro-patches

Patches to the official Apache Avro ruby implementation
Ruby
6
star
26

salsify_rubocop

Salsify shared RuboCop configuration and experimental cops
Ruby
5
star
27

broccoli-gzip

Broccoli plugin to apply gzip compression to trees
JavaScript
4
star
28

salsify-to-4-tell

Example project showing how to run a service for free on Heroku that takes data published from Salsify and pushes it to another service, in this case 4-Tell.
PHP
2
star
29

elasticsearch-proxy

Ruby
2
star
30

logstash-codec-avro-data-file

Logstash codec for parsing Avro Data Files
Ruby
2
star
31

salsify-gtin

Validates and converts GTIN variants to standardized GTIN-14 representation
Ruby
2
star
32

multipartuploader

Small PHP library to make sending multipart uploads a little less painful.
PHP
2
star
33

zzz-test-commissioner

A CircleCI test failure aggregator and analysis tool
Ruby
2
star
34

activerecord-forbid_implicit_connection_checkout

Optionally prevent threads from checking out out an ActiveRecord connection
Ruby
2
star
35

avro_schema_registry-client

Client for the the avro-schema-registry app
Ruby
1
star
36

heroku_rails_deploy

Simple script for deploying a Rails project to Heroku
Ruby
1
star
37

tree_reject

Remove deeply nested keys from hash.
Ruby
1
star
38

delayed_job_chainable_hooks

Implement DelayedJob lifecyle hook methods without overriding previous definitions
Ruby
1
star
39

alexa-app

JavaScript
1
star
40

thrifty_charlock_holmes

A charlock holmes decidedly trimmer, and lacking in history
Ruby
1
star
41

customer-success-interview

1
star
42

ruby-exclaim

Exclaim UI processor for Ruby
Ruby
1
star
43

html-lambda-cli

Command line interface for creating HTML lambda's
JavaScript
1
star
44

avro-resolution_canonical_form

Unique identification of Avro schemas for schema resolution and compatibility
Ruby
1
star