Module: MuckProfiles::Models::MuckProfile
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/muck-profiles/models/profile.rb
Instance Method Summary collapse
- #can_edit?(user) ⇒ Boolean
- #guess_and_assign_location_via_ip ⇒ Object
-
#sanitize_attributes ⇒ Object
Sanitize content before saving.
-
#sanitize_level ⇒ Object
Override this method to control sanitization levels.
Instance Method Details
#can_edit?(user) ⇒ Boolean
71 72 73 74 |
# File 'lib/muck-profiles/models/profile.rb', line 71 def can_edit?(user) return false if user.nil? self.user_id == user.id || user.admin? end |
#guess_and_assign_location_via_ip ⇒ Object
76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'lib/muck-profiles/models/profile.rb', line 76 def guess_and_assign_location_via_ip if MuckProfiles.configuration.enable_guess_location && self.user.current_login_ip location = Geokit::Geocoders::MultiGeocoder.geocode(self.user.current_login_ip) state = State.find_by_abbreviation(location.state) country = Country.find_by_abbreviation(location.country_code) self.update_attributes( :location => "#{location.city}, #{location.state || location.province} #{location.country_code}", :lat => location.lat, :lng => location.lng, :city => location.city, :state => state, :country => country) end end |
#sanitize_attributes ⇒ Object
Sanitize content before saving. This prevent XSS attacks and other malicious html.
92 93 94 95 96 97 |
# File 'lib/muck-profiles/models/profile.rb', line 92 def sanitize_attributes if self.sanitize_level self.about = Sanitize.clean(self.about, self.sanitize_level) unless self.about.blank? self.location = Sanitize.clean(self.location, self.sanitize_level) unless self.location.blank? end end |
#sanitize_level ⇒ Object
Override this method to control sanitization levels. Currently a user who is an admin will not have their content sanitized. A user in any role ‘editor’, ‘manager’, or ‘contributor’ will be given the ‘RELAXED’ settings while all other users will get ‘BASIC’.
Options are from sanitze: nil - no sanitize Sanitize::Config::RELAXED Sanitize::Config::BASIC Sanitize::Config::RESTRICTED for more details see: rgrove.github.com/sanitize/
110 111 112 113 114 115 |
# File 'lib/muck-profiles/models/profile.rb', line 110 def sanitize_level return Sanitize::Config::BASIC if self.user.nil? return nil if self.user.admin? return Sanitize::Config::RELAXED if self.user.any_role?('editor', 'manager', 'contributor') Sanitize::Config::BASIC end |