Module: Protector::Adapters::Sequel::Model

Extended by:
ActiveSupport::Concern
Defined in:
lib/protector/adapters/sequel/model.rb

Overview

Patches Sequel::Model

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#[](name) ⇒ Object

Security-checking attributes reader

Parameters:

  • name (Symbol)

    Name of attribute to read



92
93
94
95
96
97
98
99
100
101
102
103
 
# File 'lib/protector/adapters/sequel/model.rb', line 92

def [](name)
  if (
    !protector_subject? || 
    name == self.class.primary_key ||
    (self.class.primary_key.is_a?(Array) && self.class.primary_key.include?(name)) ||
    protector_meta.readable?(name.to_s)
  )
    @values[name]
  else
    nil
  end
end

#_associated_dataset(*args) ⇒ Object

This is used whenever we fetch data



106
107
108
109
 
# File 'lib/protector/adapters/sequel/model.rb', line 106

def _associated_dataset(*args)
  return super unless protector_subject?
  super.restrict!(protector_subject)
end

#_dataset(*args) ⇒ Object

This is used whenever we call counters and existance checkers



112
113
114
115
 
# File 'lib/protector/adapters/sequel/model.rb', line 112

def _dataset(*args)
  return super unless protector_subject?
  super.restrict!(protector_subject)
end

#before_destroyObject

Destroy availability check



84
85
86
87
 
# File 'lib/protector/adapters/sequel/model.rb', line 84

def before_destroy
  return false if protector_subject? && !destroyable?
  super
end

#can?(action, field = false) ⇒ Boolean

Returns:

  • (Boolean) 


66
67
68
 
# File 'lib/protector/adapters/sequel/model.rb', line 66

def can?(action, field=false)
  protector_meta.can?(action, field)
end

#creatable?Boolean

Checks if current model can be created in the context of current subject

Returns:

  • (Boolean) 


51
52
53
54
 
# File 'lib/protector/adapters/sequel/model.rb', line 51

def creatable?
  fields = HashWithIndifferentAccess[keys.map{|x| [x.to_s, @values[x]]}]
  protector_meta.creatable? protector_changed(keys)
end

#destroyable?Boolean

Checks if current model can be destroyed in the context of current subject

Returns:

  • (Boolean) 


62
63
64
 
# File 'lib/protector/adapters/sequel/model.rb', line 62

def destroyable?
  protector_meta.destroyable?
end

#protector_changed(fields) ⇒ Object

Gathers real values of given fields bypassing restrictions



35
36
37
 
# File 'lib/protector/adapters/sequel/model.rb', line 35

def protector_changed(fields)
  HashWithIndifferentAccess[fields.map{|x| [x.to_s, @values[x]]}]
end

#protector_meta(subject = protector_subject) ⇒ Object

Storage for DSL::Meta::Box



40
41
42
 
# File 'lib/protector/adapters/sequel/model.rb', line 40

def protector_meta(subject=protector_subject)
  @protector_meta ||= self.class.protector_meta.evaluate(subject, self)
end

#updatable?Boolean

Checks if current model can be updated in the context of current subject

Returns:

  • (Boolean) 


57
58
59
 
# File 'lib/protector/adapters/sequel/model.rb', line 57

def updatable?
  protector_meta.updatable? protector_changed(changed_columns)
end

#validateObject

Basic security validations



71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/protector/adapters/sequel/model.rb', line 71

def validate
  super; return unless protector_subject?

  field = if new?
    protector_meta.first_uncreatable_field protector_changed(keys)
  else
    protector_meta.first_unupdatable_field protector_changed(changed_columns)
  end

  errors.add :base, I18n.t('protector.invalid', field: field) if field
end

#visible?Boolean

Checks if current model can be selected in the context of current subject

Returns:

  • (Boolean) 


45
46
47
48
 
# File 'lib/protector/adapters/sequel/model.rb', line 45

def visible?
  return true unless protector_meta.scoped?
  protector_meta.relation.where(pk_hash).any?
end