Skip to content

/activerecord-firewall

No description, website, or topics provided.
Ruby HTML JavaScript CSS
  1. Ruby 83.5%
  2. HTML 12.4%
  3. JavaScript 2.5%
  4. CSS 1.6%
Branch: master
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Download ZIP

Launching GitHub Desktop

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop

If nothing happens, download GitHub Desktop and try again.

Launching Xcode

If nothing happens, download Xcode and try again.

Launching Visual Studio

If nothing happens, download the GitHub extension for Visual Studio and try again.

Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.shopify-build Enable Shopify build Mar 12, 2018
bin Initial commit of functionality Mar 8, 2018
lib Add test to make sure the firewall type behaves like a big int Apr 23, 2018
test Move test to the right folder Apr 23, 2018
.gitignore Add after_find callback and a dummy app with a couple models/controll… Mar 12, 2018
Gemfile Add shipit integration Mar 12, 2018
Gemfile.lock Add shipit integration Mar 12, 2018
LICENSE Add license Jul 12, 2018
README.md
Rakefile
activerecord-firewall.gemspec
dev.yml Initial commit of functionality Mar 8, 2018
shipit.yml Add shipit integration Mar 12, 2018

README.md

Activerecord::Firewall

This gem adds a patch to ActiveRecord that attempts to stop IDOR problems in multi-tenant applications by adding a new AR attribute type generated by the method firewalled_belongs_to.

Usage

This plugin adds a method firewalled_belongs_to to all ActiveRecord models with the same usage as belongs_to. firewalled_belongs_to expects that if you call firewalled_belongs_to :shop in the Product model, you will define Current.shop. This will add a check each time a Product object is loaded from the database to ensure that the associated Shop object has the ID of the current shop.

Contributing

Contribution directions go here.

License

The gem is available as open source under the terms of the MIT License.

You can’t perform that action at this time.