Permalink
Browse files

Shortened the blurb on serialization scope issues.

  • Loading branch information...
1 parent 63e87df commit cf9c5f6e5db46adf8c48cc1a2e43c83ece3c2f4f @jeriko jeriko committed Nov 28, 2011
Showing with 5 additions and 9 deletions.
  1. +5 −9 lib/methods/serialize.rb
@@ -48,9 +48,8 @@ def initialize(base, column_name, options)
base.send :private, :make_default_roles
-
- # Scopes (Ugly, no cross-table query support, potentially unsafe. Fix?)
- # ----------------------------------------------------------------------------------------------------
+ # Scopes:
+ # ---------
# For security, wrapping markers must be included in the LIKE search, otherwise a user with
# role 'administrator' would erroneously be included in `User.with_scope('admin')`.
#
@@ -61,12 +60,9 @@ def initialize(base, column_name, options)
# the '!' character.
#
# An alternative would be to use JSON instead of YAML to serialize the data, but I've wrestled
- # countless SerializationTypeMismatch errors trying to accomplish this, in vain.
- #
- # Adding a dependancy to something like Squeel would allow for cleaner syntax in the `where()`, with the
- # added bonus of supporting complex cross-table queries. The real problem, of course, is even trying to
- # query serialized data. I'm unsure how well this would work in different ruby versions or implementations,
- # which may handle object dumping differently.
+ # countless SerializationTypeMismatch errors trying to accomplish this, in vain. The real problem, of course,
+ # is even trying to query serialized data. I'm unsure how well this would work in different ruby versions or
+ # implementations, which may handle object dumping differently. Bitmasking seems to be a more reliable strategy.
base.class_eval do
const_set :ROLES_MARKER, '!'

0 comments on commit cf9c5f6

Please sign in to comment.