Module: Hippo::Concerns::ApiAttributeAccess
- Extended by:
- ActiveSupport::Concern
- Included in:
- Model
- Defined in:
- lib/hippo/concerns/set_attribute_data.rb
Defined Under Namespace
Modules: AccessChecks, ClassMethods
Constant Summary collapse
- DEFAULT_BLACKLISTED =
{}
Instance Method Summary collapse
- #_set_attribute_data_from_collection(association, name, record_data, user) ⇒ Object
-
#set_attribute_data(data, user) ⇒ Object
Takes in a hash containing attribute name/value pairs, as well as sub hashes/arrays.
-
#setting_attribute_is_allowed?(name, user) ⇒ Boolean
An attribute is allowed if it’s white listed or it’s a valid attribute and not black listed.
Instance Method Details
#_set_attribute_data_from_collection(association, name, record_data, user) ⇒ Object
104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/hippo/concerns/set_attribute_data.rb', line 104 def _set_attribute_data_from_collection(association, name, record_data, user) records = public_send(name) record_data.map do | association_data | record = if association_data['id'].blank? association.build else records.detect{ |r| r.id.to_s == association_data['id'].to_s } end next unless record if association_data['_delete'] == true record.mark_for_destruction else record.set_attribute_data(association_data, user) end end end |
#set_attribute_data(data, user) ⇒ Object
Takes in a hash containing attribute name/value pairs, as well as sub hashes/arrays. Sets all the attributes that are allowed and recursively sets sub-associations as well
79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'lib/hippo/concerns/set_attribute_data.rb', line 79 def set_attribute_data(data, user) return {} unless self.can_write_attributes?(data, user) data.each_with_object(Hash.new) do | (key, value), result | # First we set all the attributes that are allowed if self.setting_attribute_is_allowed?(key.to_sym, user) result[key] = value public_send("#{key}=", value) elsif value.present? # allow nested params to be specified using Rails _attributes name = key.to_s.gsub(/_attributes$/,'').to_sym next unless self.class.has_exported_nested_attribute?(name, user) association = self.association(name) if value.is_a?(Hash) && [:belongs_to,:has_one].include?(association.reflection.macro) target = send(name) || association.build result[name] = target.set_attribute_data(value, user) elsif value.is_a?(Array) && :has_many == association.reflection.macro result[name] = _set_attribute_data_from_collection(association, name, value, user) end end end end |
#setting_attribute_is_allowed?(name, user) ⇒ Boolean
An attribute is allowed if it’s white listed or it’s a valid attribute and not black listed
64 65 66 67 68 69 70 71 72 |
# File 'lib/hippo/concerns/set_attribute_data.rb', line 64 def setting_attribute_is_allowed?(name, user) return false unless user.can_write?(self, name) (self.whitelisted_attributes && self.whitelisted_attributes.has_key?( name.to_sym)) || ( self.attribute_names.include?( name.to_s ) && ( self.blacklisted_attributes.nil? || ! self.blacklisted_attributes.has_key?( name.to_sym ) ) ) end |