diff options
author | Gonçalo Silva <goncalossilva@gmail.com> | 2010-07-10 17:36:10 +0100 |
---|---|---|
committer | Gonçalo Silva <goncalossilva@gmail.com> | 2010-07-10 17:36:10 +0100 |
commit | cd2bbed9846d84a1230a1b9e52843eedca17b28d (patch) | |
tree | 5214b7855f3d102e4c22239b9d62bc5717cb3547 /activemodel/lib/active_model/mass_assignment_security/permission_set.rb | |
parent | d2c633ba0bfb7baacdee89a46d7d036d24c68817 (diff) | |
parent | 80e47d7b88dcc732ebeb5290faab6e529829dac6 (diff) | |
download | rails-cd2bbed9846d84a1230a1b9e52843eedca17b28d.tar.gz rails-cd2bbed9846d84a1230a1b9e52843eedca17b28d.tar.bz2 rails-cd2bbed9846d84a1230a1b9e52843eedca17b28d.zip |
Merge branch 'master' of http://github.com/rails/rails
Diffstat (limited to 'activemodel/lib/active_model/mass_assignment_security/permission_set.rb')
-rw-r--r-- | activemodel/lib/active_model/mass_assignment_security/permission_set.rb | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb new file mode 100644 index 0000000000..7c48472799 --- /dev/null +++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb @@ -0,0 +1,39 @@ +require 'active_model/mass_assignment_security/sanitizer' + +module ActiveModel + module MassAssignmentSecurity + class PermissionSet < Set + attr_accessor :logger + + def +(values) + super(values.map(&:to_s)) + end + + def include?(key) + super(remove_multiparameter_id(key)) + end + + protected + + def remove_multiparameter_id(key) + key.to_s.gsub(/\(.+/, '') + end + end + + class WhiteList < PermissionSet + include Sanitizer + + def deny?(key) + !include?(key) + end + end + + class BlackList < PermissionSet + include Sanitizer + + def deny?(key) + include?(key) + end + end + end +end
\ No newline at end of file |