Permalink
Browse files

Speed up mass assignment by avoiding extra loops.

  • Loading branch information...
1 parent 6d0047a commit 034ccf40489d5329ac72a0a5d33b907f755cf1b6 @josevalim josevalim committed Mar 16, 2012
Showing with 5 additions and 7 deletions.
  1. +5 −7 activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
@@ -3,18 +3,16 @@ module MassAssignmentSecurity
class Sanitizer
# Returns all attributes not denied by the authorizer.
def sanitize(attributes, authorizer)
- sanitized_attributes = attributes.reject { |key, value| authorizer.deny?(key) }
- debug_protected_attribute_removal(attributes, sanitized_attributes)
+ rejected = []
+ sanitized_attributes = attributes.reject do |key, value|
+ rejected << key if authorizer.deny?(key)
+ end
+ process_removed_attributes(rejected) unless rejected.empty?
sanitized_attributes
end
protected
- def debug_protected_attribute_removal(attributes, sanitized_attributes)
- removed_keys = attributes.keys - sanitized_attributes.keys
- process_removed_attributes(removed_keys) if removed_keys.any?
- end
-
def process_removed_attributes(attrs)
raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten"
end

2 comments on commit 034ccf4

@bogdan
Contributor
bogdan commented on 034ccf4 Mar 16, 2012

OMG! You stole my next patch)

What do think about this imrovement also?

rejected = nil  
sanitized_attributes = attributes.reject do |key, value|    
  if authorizer.deny?(key)
    (rejected ||= []) << key 
  end
end
process_removed_attributes(rejected) unless rejected
@josevalim
Member
Please sign in to comment.