diff options
Diffstat (limited to 'activemodel/lib/active_model/mass_assignment_security/permission_set.rb')
-rw-r--r-- | activemodel/lib/active_model/mass_assignment_security/permission_set.rb | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb new file mode 100644 index 0000000000..7c48472799 --- /dev/null +++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb @@ -0,0 +1,39 @@ +require 'active_model/mass_assignment_security/sanitizer' + +module ActiveModel + module MassAssignmentSecurity + class PermissionSet < Set + attr_accessor :logger + + def +(values) + super(values.map(&:to_s)) + end + + def include?(key) + super(remove_multiparameter_id(key)) + end + + protected + + def remove_multiparameter_id(key) + key.to_s.gsub(/\(.+/, '') + end + end + + class WhiteList < PermissionSet + include Sanitizer + + def deny?(key) + !include?(key) + end + end + + class BlackList < PermissionSet + include Sanitizer + + def deny?(key) + include?(key) + end + end + end +end
\ No newline at end of file |