diff options
author | Bogdan Gusiev <agresso@gmail.com> | 2011-05-26 15:58:43 +0300 |
---|---|---|
committer | Bogdan Gusiev <agresso@gmail.com> | 2011-05-26 15:58:43 +0300 |
commit | c7567c9a6dee1380432beaf88c1854a4ed6bb15b (patch) | |
tree | 5377527d012f7d5dfa25c1b393c65c14213e9982 /activemodel/lib/active_model/mass_assignment_security/permission_set.rb | |
parent | 9562c0f8998e04833737591378841b45bbf24bef (diff) | |
download | rails-c7567c9a6dee1380432beaf88c1854a4ed6bb15b.tar.gz rails-c7567c9a6dee1380432beaf88c1854a4ed6bb15b.tar.bz2 rails-c7567c9a6dee1380432beaf88c1854a4ed6bb15b.zip |
MassAssignmentSecurity: add ability to specify your own sanitizer
Added an ability to specify your own behavior on mass assingment
protection, controlled by option:
ActiveModel::MassAssignmentSecurity.mass_assignment_sanitizer
Diffstat (limited to 'activemodel/lib/active_model/mass_assignment_security/permission_set.rb')
-rw-r--r-- | activemodel/lib/active_model/mass_assignment_security/permission_set.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb index 9fcb94d48a..a1fcdf1a38 100644 --- a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb +++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb @@ -1,10 +1,8 @@ require 'set' -require 'active_model/mass_assignment_security/sanitizer' module ActiveModel module MassAssignmentSecurity class PermissionSet < Set - attr_accessor :logger def +(values) super(values.map(&:to_s)) @@ -14,6 +12,10 @@ module ActiveModel super(remove_multiparameter_id(key)) end + def deny?(key) + raise NotImplementedError, "#deny?(key) suppose to be overwritten" + end + protected def remove_multiparameter_id(key) @@ -22,7 +24,6 @@ module ActiveModel end class WhiteList < PermissionSet - include Sanitizer def deny?(key) !include?(key) @@ -30,7 +31,6 @@ module ActiveModel end class BlackList < PermissionSet - include Sanitizer def deny?(key) include?(key) |