Module: WhiteListModel::InstanceMethods

Defined in:
lib/white_list_model.rb

Instance Method Summary collapse

Instance Method Details

#white_list_fieldsObject 



94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
 
# File 'lib/white_list_model.rb', line 94

def white_list_fields
  # fix a bug with Rails internal AR::Base models that get loaded before
  # the plugin, like CGI::Sessions::ActiveRecordStore::Session
  return if white_list_options.nil? || !white_list_options.is_a?(Hash)

  profiles = WhiteListModel::PROFILES

  fields = self.class.columns.collect do |column|
    column.name.to_sym if (column.type == :string || column.type == :text)
  end.compact

  # Add globalize2 columns
  fields += self.class.globalize_options[:translated_attributes].to_a.collect do |column|
    column if (self.send(column).class == String || self.send(column).class == Text)
  end.compact if self.class.respond_to?(:globalize_options)

  fields.each do |field|
    value = self.send(field)

    next if value.nil?

    field_options = white_list_options[field] || white_list_options[:white_list_defaults]
    next if field_options.nil? || field_options == 0

    opts = {}
    profile = ( profiles.keys.include?(field_options[:profile].to_sym) )? profiles[field_options[:profile].to_sym] : profiles[:default]
    opts[:attributes] = (profile[:attributes] + field_options[:attributes]).uniq
    opts[:bad_tags]   = (profile[:bad_tags]   + field_options[:bad_tags]).uniq
    opts[:protocols]  = (profile[:protocols]  + field_options[:protocols]).uniq
    opts[:tags]       = (profile[:tags]       + field_options[:tags]).uniq

    self.send( field.to_s + "=", white_list_parse(value, opts) )
  end
end