Home

Summary

validates_blacklist is a Ruby on Rails gem that allows per-model blacklisting at the attribute level, by maintaining yaml lists of disallowed content. More simply put, if you don’t want to allow new users to give themselves usernames like ‘admin’, ‘root’, or ‘staff’, you can do this with validates_blacklist without uggifying your models with what is essentially configuration data.

Installation

Since Rails 2.1, this has gotten really easy. In environment.rb:

# config/environment.rb

config.gem 'bellmyer-validates_blacklist', :lib => 'validates_blacklist',
    :source => "http://gems.github.com'

Followed by a couple of rake tasks on the command line:

rake gems:install
rake gems:unpack

Now generated blacklists for your existing models:

script/generate blacklists

Generating blacklists will only create blacklist files for new models, never overwrite existing blacklist files. Feel free to run it every time you add models to your app. Now update your model with the appropriate code:

# app/models/user.rb

class User < ActiveRecord::Base
    validates_blacklist
end

Finally, add some blacklist data:

# config/blacklists/user_blacklist.yml

name:
  - /admin/
  - root
  - staff

Screencast