aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--activemodel/lib/active_model/mass_assignment_security.rb30
-rw-r--r--activemodel/lib/active_model/mass_assignment_security/sanitizer.rb12
-rw-r--r--activemodel/test/cases/mass_assignment_security/sanitizer_test.rb18
3 files changed, 48 insertions, 12 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security.rb b/activemodel/lib/active_model/mass_assignment_security.rb
index cc30609f2b..e3c9097646 100644
--- a/activemodel/lib/active_model/mass_assignment_security.rb
+++ b/activemodel/lib/active_model/mass_assignment_security.rb
@@ -11,7 +11,13 @@ module ActiveModel
class_attribute :_accessible_attributes
class_attribute :_protected_attributes
class_attribute :_active_authorizer
- class_attribute :mass_assignment_sanitizer
+
+ class_attribute :mass_assignment_sanitizer, :mass_assignment_sanitizers
+ self.mass_assignment_sanitizer = :logger
+ self.mass_assignment_sanitizers = {
+ :logger => LoggerSanitizer.new(self.respond_to?(:logger) && self.logger),
+ :strict => StrictSanitizer.new
+ }
end
# Mass assignment security provides an interface for protecting attributes
@@ -43,6 +49,16 @@ module ActiveModel
#
# end
#
+ # = Configuration options
+ #
+ # * <tt>mass_assignment_sanitizer</tt> - Defines sanitize method. Possible values are:
+ # * <tt>:logger</tt> (default) - writes filtered attributes to logger
+ # * <tt>:strict</tt> - raise <tt>ActiveModel::MassAssignmentSecurity::Error</tt> on any protected attribute update
+ #
+ # You can specify your own sanitizer object eg. MySanitizer.new.
+ # See <tt>ActiveModel::MassAssignmentSecurity::LoggerSanitizer</tt> for example implementation.
+ #
+ #
module ClassMethods
# Attributes named in this macro are protected from mass-assignment
# whenever attributes are sanitized before assignment. A role for the
@@ -199,11 +215,13 @@ module ActiveModel
protected
def sanitize_for_mass_assignment(attributes, role = :default)
- (mass_assignment_sanitizer || default_mass_assignment_sanitizer).sanitize(attributes, mass_assignment_authorizer(role))
- end
-
- def default_mass_assignment_sanitizer
- DefaultSanitizer.new(self.respond_to?(:logger) && self.logger)
+ sanitizer = case mass_assignment_sanitizer
+ when Symbol
+ self.mass_assignment_sanitizers[mass_assignment_sanitizer]
+ else
+ mass_assignment_sanitizer
+ end
+ sanitizer.sanitize(attributes, mass_assignment_authorizer(role))
end
def mass_assignment_authorizer(role = :default)
diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
index 5dbcf473bd..4dfff050a8 100644
--- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
+++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
@@ -20,7 +20,7 @@ module ActiveModel
end
end
- class DefaultSanitizer < Sanitizer
+ class LoggerSanitizer < Sanitizer
attr_accessor :logger
@@ -33,5 +33,15 @@ module ActiveModel
self.logger.debug "WARNING: Can't mass-assign protected attributes: #{attrs.join(', ')}" if self.logger
end
end
+
+ class StrictSanitizer < Sanitizer
+ def process_removed_attributes(attrs)
+ raise ActiveModel::MassAssignmentSecurity::Error, "Can't mass-assign protected attributes: #{attrs.join(', ')}"
+ end
+ end
+
+ class Error < StandardError
+ end
+
end
end
diff --git a/activemodel/test/cases/mass_assignment_security/sanitizer_test.rb b/activemodel/test/cases/mass_assignment_security/sanitizer_test.rb
index 8547694c24..e9e7eee0bd 100644
--- a/activemodel/test/cases/mass_assignment_security/sanitizer_test.rb
+++ b/activemodel/test/cases/mass_assignment_security/sanitizer_test.rb
@@ -12,24 +12,32 @@ class SanitizerTest < ActiveModel::TestCase
end
def setup
- @sanitizer = ActiveModel::MassAssignmentSecurity::DefaultSanitizer.new
+ @logger_sanitizer = ActiveModel::MassAssignmentSecurity::LoggerSanitizer.new
+ @strict_sanitizer = ActiveModel::MassAssignmentSecurity::StrictSanitizer.new
@authorizer = Authorizer.new
end
test "sanitize attributes" do
original_attributes = { 'first_name' => 'allowed', 'admin' => 'denied' }
- attributes = @sanitizer.sanitize(original_attributes, @authorizer)
+ attributes = @logger_sanitizer.sanitize(original_attributes, @authorizer)
assert attributes.key?('first_name'), "Allowed key shouldn't be rejected"
assert !attributes.key?('admin'), "Denied key should be rejected"
end
- test "debug mass assignment removal" do
+ test "debug mass assignment removal with LoggerSanitizer" do
original_attributes = { 'first_name' => 'allowed', 'admin' => 'denied' }
log = StringIO.new
- @sanitizer.logger = Logger.new(log)
- @sanitizer.sanitize(original_attributes, @authorizer)
+ @logger_sanitizer.logger = Logger.new(log)
+ @logger_sanitizer.sanitize(original_attributes, @authorizer)
assert_match(/admin/, log.string, "Should log removed attributes: #{log.string}")
end
+ test "debug mass assignment removal with StrictSanitizer" do
+ original_attributes = { 'first_name' => 'allowed', 'admin' => 'denied' }
+ assert_raise ActiveModel::MassAssignmentSecurity::Error do
+ @strict_sanitizer.sanitize(original_attributes, @authorizer)
+ end
+ end
+
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-04 01:54:40 +0000