Permalink
Browse files

AM::MassAssingmentSecurity: improve performance

  • Loading branch information...
1 parent 29094c0 commit 7d1379ffdbbaf01e99833dc06611b7e4f3799522 @bogdan committed Mar 14, 2012
@@ -3,20 +3,18 @@ module MassAssignmentSecurity
class Sanitizer
# Returns all attributes not denied by the authorizer.
def sanitize(attributes, authorizer)
- sanitized_attributes = attributes.reject { |key, value| authorizer.deny?(key) }
- debug_protected_attribute_removal(attributes, sanitized_attributes)
- sanitized_attributes
+ attributes.reject do |attr, value|
+ if authorizer.deny?(attr)
+ process_removed_attribute(attr)
+ true
+ end
+ end
end
protected
- def debug_protected_attribute_removal(attributes, sanitized_attributes)
- removed_keys = attributes.keys - sanitized_attributes.keys
- process_removed_attributes(removed_keys) if removed_keys.any?
- end
-
- def process_removed_attributes(attrs)
- raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten"
+ def process_removed_attribute(attr)
+ raise NotImplementedError, "#process_removed_attribute(attr) suppose to be overwritten"
end
end
@@ -34,8 +32,8 @@ def logger?
@target.respond_to?(:logger) && @target.logger
end
- def process_removed_attributes(attrs)
- logger.warn "Can't mass-assign protected attributes: #{attrs.join(', ')}" if logger?
+ def process_removed_attribute(attr)
+ logger.warn "Can't mass-assign protected attribute: #{attr}" if logger?
end
end
@@ -44,19 +42,19 @@ def initialize(target = nil)
super()
end
- def process_removed_attributes(attrs)
- return if (attrs - insensitive_attributes).empty?
- raise ActiveModel::MassAssignmentSecurity::Error.new(attrs)
+ def process_removed_attribute(attr)
+ return if insensitive_attributes.include?(attr)
+ raise ActiveModel::MassAssignmentSecurity::Error.new(attr)
end
def insensitive_attributes
- ['id']
+ @insensitive_attributes ||= ['id']
end
end
class Error < StandardError
- def initialize(attrs)
- super("Can't mass-assign protected attributes: #{attrs.join(', ')}")
+ def initialize(attr)
+ super("Can't mass-assign protected attribute: #{attr}")
end
end
end
@@ -4,7 +4,7 @@
class CustomSanitizer < ActiveModel::MassAssignmentSecurity::Sanitizer
- def process_removed_attributes(attrs)
+ def process_removed_attribute(attr)
raise StandardError
end

0 comments on commit 7d1379f

Please sign in to comment.