Module: Redmine::SafeAttributes
Defined Under Namespace
Modules: ClassMethods
Class Method Summary collapse
Instance Method Summary collapse
-
#delete_unsafe_attributes(attrs, user = User.current) ⇒ Object
Returns a hash with unsafe attributes removed from the given attrs hash.
-
#safe_attribute_names(user = User.current) ⇒ Object
Returns an array that can be safely set by user or current user.
-
#safe_attributes=(attrs, user = User.current) ⇒ Object
Sets attributes from attrs that are safe attrs is a Hash with string keys.
Class Method Details
.included(base) ⇒ Object
20 21 22 |
# File 'lib/redmine/safe_attributes.rb', line 20 def self.included(base) base.extend(ClassMethods) end |
Instance Method Details
#delete_unsafe_attributes(attrs, user = User.current) ⇒ Object
Returns a hash with unsafe attributes removed from the given attrs hash
Example:
book.delete_unsafe_attributes({'title' => 'My book', 'foo' => 'bar'})
# => {'title' => 'My book'}
63 64 65 66 |
# File 'lib/redmine/safe_attributes.rb', line 63 def delete_unsafe_attributes(attrs, user=User.current) safe = safe_attribute_names(user) attrs.dup.delete_if {|k,v| !safe.include?(k)} end |
#safe_attribute_names(user = User.current) ⇒ Object
Returns an array that can be safely set by user or current user
Example:
book.safe_attributes # => ['title', 'pages']
book.safe_attributes(book.) # => ['title', 'pages', 'isbn']
47 48 49 50 51 52 53 54 55 |
# File 'lib/redmine/safe_attributes.rb', line 47 def safe_attribute_names(user=User.current) names = [] self.class.safe_attributes.collect do |attrs, | if [:if].nil? || [:if].call(self, user) names += attrs.collect(&:to_s) end end names.uniq end |
#safe_attributes=(attrs, user = User.current) ⇒ Object
Sets attributes from attrs that are safe attrs is a Hash with string keys
70 71 72 73 |
# File 'lib/redmine/safe_attributes.rb', line 70 def safe_attributes=(attrs, user=User.current) return unless attrs.is_a?(Hash) self.attributes = delete_unsafe_attributes(attrs, user) end |