4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# File 'lib/standard_api/orders.rb', line 4
def self.sanitize(orders, permit)
return nil if orders.nil?
permit = [permit] if !permit.is_a?(Array)
permit = permit.flatten.map { |x| x.is_a?(Hash) ? x.with_indifferent_access : x.to_s }
permitted = []
case orders
when Hash, ActionController::Parameters
orders.each do |key, value|
if key.to_s.count('.') == 1
key2, key3 = *key.to_s.split('.')
permitted << sanitize({key2.to_sym => { key3.to_sym => value } }, permit)
elsif permit.include?(key.to_s)
value = case value
when Hash
value
when ActionController::Parameters
value.permit([:asc, :desc]).to_h
else
value
end
permitted << { key.to_sym => value }
elsif permit.find { |x| (x.is_a?(Hash) || x.is_a?(ActionController::Parameters)) && x.has_key?(key.to_s) }
subpermit = permit.find { |x| (x.is_a?(Hash) || x.is_a?(ActionController::Parameters)) && x.has_key?(key.to_s) }[key.to_s]
sanitized_value = sanitize(value, subpermit)
permitted << { key.to_sym => sanitized_value }
else
raise(StandardAPI::UnpermittedParameters.new([orders]))
end
end
when Array
orders.each do |order|
order = sanitize(order, permit)
if order.is_a?(Array)
permitted += order
else
permitted << order
end
end
else
if orders.to_s.count('.') == 1
key, value = *orders.to_s.split('.')
permitted = sanitize({key.to_sym => value.to_sym}, permit)
elsif permit.include?(orders.to_s)
permitted = orders
else
raise(StandardAPI::UnpermittedParameters.new([orders]))
end
end
if permitted.is_a?(Array) && permitted.length == 1
permitted.first
else
permitted
end
end
|