aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/lib/active_record/mass_assignment_security/permission_set.rb
diff options
context:
space:
mode:
Diffstat (limited to 'activerecord/lib/active_record/mass_assignment_security/permission_set.rb')
-rw-r--r--activerecord/lib/active_record/mass_assignment_security/permission_set.rb44
1 files changed, 44 insertions, 0 deletions
diff --git a/activerecord/lib/active_record/mass_assignment_security/permission_set.rb b/activerecord/lib/active_record/mass_assignment_security/permission_set.rb
new file mode 100644
index 0000000000..1d34dce02e
--- /dev/null
+++ b/activerecord/lib/active_record/mass_assignment_security/permission_set.rb
@@ -0,0 +1,44 @@
+require 'active_record/mass_assignment_security/sanitizer'
+
+module ActiveRecord
+ module MassAssignmentSecurity
+ class PermissionSet < Set
+
+ attr_accessor :logger
+
+ def merge(values)
+ super(values.map(&:to_s))
+ end
+
+ def include?(key)
+ super(remove_multiparameter_id(key))
+ end
+
+ protected
+
+ def remove_multiparameter_id(key)
+ key.gsub(/\(.+/, '')
+ end
+
+ end
+
+ class WhiteList < PermissionSet
+ include Sanitizer
+
+ def deny?(key)
+ !include?(key)
+ end
+
+ end
+
+ class BlackList < PermissionSet
+ include Sanitizer
+
+ def deny?(key)
+ include?(key)
+ end
+
+ end
+
+ end
+end \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-21 07:22:09 +0000