Module: Protector::Adapters::Sequel::Model

Extended by:
ActiveSupport::Concern
Defined in:
lib/protector/adapters/sequel/model.rb

Overview

Patches Sequel::Model

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#[](name) ⇒ Object

Security-checking attributes reader

Parameters:

  • name (Symbol)

    Name of attribute to read



92
93
94
95
96
97
98
99
100
101
102
103
104
105
 
# File 'lib/protector/adapters/sequel/model.rb', line 92

def [](name)
  # rubocop:disable ParenthesesAroundCondition
  if (
    !protector_subject? ||
    name == self.class.primary_key ||
    (self.class.primary_key.is_a?(Array) && self.class.primary_key.include?(name)) ||
    protector_meta.readable?(name.to_s)
  )
    @values[name.to_sym]
  else
    nil
  end
  # rubocop:enable ParenthesesAroundCondition
end

#_associated_dataset(*args) ⇒ Object

This is used whenever we fetch data



108
109
110
111
 
# File 'lib/protector/adapters/sequel/model.rb', line 108

def _associated_dataset(*args)
  return super unless protector_subject?
  super.restrict!(protector_subject)
end

#_dataset(*args) ⇒ Object

This is used whenever we call counters and existance checkers



114
115
116
117
 
# File 'lib/protector/adapters/sequel/model.rb', line 114

def _dataset(*args)
  return super unless protector_subject?
  super.restrict!(protector_subject)
end

#before_destroyObject

Destroy availability check



84
85
86
87
 
# File 'lib/protector/adapters/sequel/model.rb', line 84

def before_destroy
  return false if protector_subject? && !destroyable?
  super
end

#can?(action, field = false) ⇒ Boolean

Returns:

  • (Boolean) 


63
64
65
 
# File 'lib/protector/adapters/sequel/model.rb', line 63

def can?(action, field=false)
  protector_meta.can?(action, field)
end

#creatable?Boolean

Checks if current model can be created in the context of current subject

Returns:

  • (Boolean) 


49
50
51
 
# File 'lib/protector/adapters/sequel/model.rb', line 49

def creatable?
  protector_meta.creatable? protector_changed(keys)
end

#destroyable?Boolean

Checks if current model can be destroyed in the context of current subject

Returns:

  • (Boolean) 


59
60
61
 
# File 'lib/protector/adapters/sequel/model.rb', line 59

def destroyable?
  protector_meta.destroyable?
end

#protector_changed(fields) ⇒ Object

Gathers real values of given fields bypassing restrictions



33
34
35
 
# File 'lib/protector/adapters/sequel/model.rb', line 33

def protector_changed(fields)
  HashWithIndifferentAccess[fields.map { |x| [x.to_s, @values[x]] }]
end

#protector_meta(subject = protector_subject) ⇒ Object

Storage for DSL::Meta::Box



38
39
40
 
# File 'lib/protector/adapters/sequel/model.rb', line 38

def protector_meta(subject=protector_subject)
  @protector_meta ||= self.class.protector_meta.evaluate(subject, self)
end

#updatable?Boolean

Checks if current model can be updated in the context of current subject

Returns:

  • (Boolean) 


54
55
56
 
# File 'lib/protector/adapters/sequel/model.rb', line 54

def updatable?
  protector_meta.updatable? protector_changed(changed_columns)
end

#validateObject

Basic security validations



68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/protector/adapters/sequel/model.rb', line 68

def validate
  super
  return unless protector_subject?

  # rubocop:disable IndentationWidth, EndAlignment
  field = if new?
    protector_meta.first_uncreatable_field protector_changed(keys)
  else
    protector_meta.first_unupdatable_field protector_changed(changed_columns)
  end
  # rubocop:enable IndentationWidth, EndAlignment

  errors.add :base, I18n.t('protector.invalid', field: field) if field
end

#visible?Boolean

Checks if current model can be selected in the context of current subject

Returns:

  • (Boolean) 


43
44
45
46
 
# File 'lib/protector/adapters/sequel/model.rb', line 43

def visible?
  return true unless protector_meta.scoped?
  protector_meta.relation.where(pk_hash).any?
end