Module: Searchlogic::Conditions::Protection

Included in:

Base

Defined in:

lib/searchlogic/conditions/protection.rb

Overview

Conditions Protection

Adds protection from SQL injections. Just set protect = true and it will limit what kind of conditions it will accept.

Class Method Summary

• .included(klass) ⇒ Object

Instance Method Summary

• #conditions_with_protection=(conditions) ⇒ Object
• #protect=(value) ⇒ Object
• #protect? ⇒ Boolean (also: #protected?)

Class Method Details

.included(klass) ⇒ Object

# File 'lib/searchlogic/conditions/protection.rb', line 7

def self.included(klass)
  klass.class_eval do
    attr_reader :protect
    alias_method_chain :conditions=, :protection
  end
end

Instance Method Details

#conditions_with_protection=(conditions) ⇒ Object

# File 'lib/searchlogic/conditions/protection.rb', line 14

def conditions_with_protection=(conditions)
  unless conditions.is_a?(Hash)
    if protect?
      return if conditions.blank?
      raise(ArgumentError, "You can not pass SQL as conditions while the search is being protected, you can only pass a hash")
    end
  end
  
  self.conditions_without_protection = conditions
end

#protect=(value) ⇒ Object

# File 'lib/searchlogic/conditions/protection.rb', line 25

def protect=(value)
  associations.each { |name, obj| obj.protect = value }
  @protect = value
end

#protect? ⇒ Boolean Also known as: protected?

Returns:

• (Boolean)

# File 'lib/searchlogic/conditions/protection.rb', line 30

def protect?
  protect == true
end