Permalink
Browse files

Remove MassAssignmentSecurity from ActiveModel

This will be moved out to protected_attributes gem
  • Loading branch information...
1 parent a8f6d5c commit f8c9a4d3e88181cee644f91e1342bfe896ca64c6 @guilleiguaran guilleiguaran committed Jul 17, 2012
@@ -36,7 +36,6 @@ module ActiveModel
autoload :EachValidator, 'active_model/validator'
autoload :ForbiddenAttributesProtection
autoload :Lint
- autoload :MassAssignmentSecurity
autoload :Model
autoload :Name, 'active_model/naming'
autoload :Naming
@@ -3,11 +3,11 @@ class ForbiddenAttributes < StandardError
end
module ForbiddenAttributesProtection
- def sanitize_for_mass_assignment(new_attributes, options = {})
- if !new_attributes.respond_to?(:permitted?) || (new_attributes.respond_to?(:permitted?) && new_attributes.permitted?)
- super
- else
+ def sanitize_for_mass_assignment(attributes, options = {})
+ if attributes.respond_to?(:permitted?) && !attributes.permitted?
raise ActiveModel::ForbiddenAttributes
+ else
+ attributes
end
end
end
@@ -1,350 +0,0 @@
-require 'active_support/core_ext/string/inflections'
-require 'active_model/mass_assignment_security/permission_set'
-require 'active_model/mass_assignment_security/sanitizer'
-
-module ActiveModel
- # == Active Model Mass-Assignment Security
- #
- # Mass assignment security provides an interface for protecting attributes
- # from end-user assignment. For more complex permissions, mass assignment
- # security may be handled outside the model by extending a non-ActiveRecord
- # class, such as a controller, with this behavior.
- #
- # For example, a logged in user may need to assign additional attributes
- # depending on their role:
- #
- # class AccountsController < ApplicationController
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessible :first_name, :last_name
- # attr_accessible :first_name, :last_name, :plan_id, as: :admin
- #
- # def update
- # ...
- # @account.update_attributes(account_params)
- # ...
- # end
- #
- # protected
- #
- # def account_params
- # role = admin ? :admin : :default
- # sanitize_for_mass_assignment(params[:account], role)
- # end
- #
- # end
- #
- # === Configuration options
- #
- # * <tt>mass_assignment_sanitizer</tt> - Defines sanitize method. Possible
- # values are:
- # * <tt>:logger</tt> (default) - writes filtered attributes to logger
- # * <tt>:strict</tt> - raise <tt>ActiveModel::MassAssignmentSecurity::Error</tt>
- # on any protected attribute update.
- #
- # You can specify your own sanitizer object eg. <tt>MySanitizer.new</tt>.
- # See <tt>ActiveModel::MassAssignmentSecurity::LoggerSanitizer</tt> for
- # example implementation.
- module MassAssignmentSecurity
- extend ActiveSupport::Concern
-
- included do
- class_attribute :_accessible_attributes, instance_writer: false
- class_attribute :_protected_attributes, instance_writer: false
- class_attribute :_active_authorizer, instance_writer: false
-
- class_attribute :_mass_assignment_sanitizer, instance_writer: false
- self.mass_assignment_sanitizer = :logger
- end
-
- module ClassMethods
- # Attributes named in this macro are protected from mass-assignment
- # whenever attributes are sanitized before assignment. A role for the
- # attributes is optional, if no role is provided then <tt>:default</tt>
- # is used. A role can be defined by using the <tt>:as</tt> option with a
- # symbol or an array of symbols as the value.
- #
- # Mass-assignment to these attributes will simply be ignored, to assign
- # to them you can use direct writer methods. This is meant to protect
- # sensitive attributes from being overwritten by malicious users
- # tampering with URLs or forms.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessor :name, :email, :logins_count
- #
- # attr_protected :logins_count
- # # Suppose that admin can not change email for customer
- # attr_protected :logins_count, :email, as: :admin
- #
- # def assign_attributes(values, options = {})
- # sanitize_for_mass_assignment(values, options[:as]).each do |k, v|
- # send("#{k}=", v)
- # end
- # end
- # end
- #
- # When using the <tt>:default</tt> role:
- #
- # customer = Customer.new
- # customer.assign_attributes({ name: 'David', email: 'a@b.com', logins_count: 5 }, as: :default)
- # customer.name # => "David"
- # customer.email # => "a@b.com"
- # customer.logins_count # => nil
- #
- # And using the <tt>:admin</tt> role:
- #
- # customer = Customer.new
- # customer.assign_attributes({ name: 'David', email: 'a@b.com', logins_count: 5}, as: :admin)
- # customer.name # => "David"
- # customer.email # => nil
- # customer.logins_count # => nil
- #
- # customer.email = 'c@d.com'
- # customer.email # => "c@d.com"
- #
- # To start from an all-closed default and enable attributes as needed,
- # have a look at +attr_accessible+.
- #
- # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of
- # +attr_protected+ to sanitize attributes provides basically the same
- # functionality, but it makes a bit tricky to deal with nested attributes.
- def attr_protected(*args)
- options = args.extract_options!
- role = options[:as] || :default
-
- self._protected_attributes = protected_attributes_configs.dup
-
- Array(role).each do |name|
- self._protected_attributes[name] = self.protected_attributes(name) + args
- end
-
- self._active_authorizer = self._protected_attributes
- end
-
- # Specifies a white list of model attributes that can be set via
- # mass-assignment.
- #
- # Like +attr_protected+, a role for the attributes is optional,
- # if no role is provided then <tt>:default</tt> is used. A role can be
- # defined by using the <tt>:as</tt> option with a symbol or an array of
- # symbols as the value.
- #
- # This is the opposite of the +attr_protected+ macro: Mass-assignment
- # will only set attributes in this list, to assign to the rest of
- # attributes you can use direct writer methods. This is meant to protect
- # sensitive attributes from being overwritten by malicious users
- # tampering with URLs or forms. If you'd rather start from an all-open
- # default and restrict attributes as needed, have a look at
- # +attr_protected+.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessor :name, :credit_rating
- #
- # # Both admin and default user can change name of a customer
- # attr_accessible :name, as: [:admin, :default]
- # # Only admin can change credit rating of a customer
- # attr_accessible :credit_rating, as: :admin
- #
- # def assign_attributes(values, options = {})
- # sanitize_for_mass_assignment(values, options[:as]).each do |k, v|
- # send("#{k}=", v)
- # end
- # end
- # end
- #
- # When using the <tt>:default</tt> role:
- #
- # customer = Customer.new
- # customer.assign_attributes({ name: 'David', credit_rating: 'Excellent', last_login: 1.day.ago }, as: :default)
- # customer.name # => "David"
- # customer.credit_rating # => nil
- #
- # customer.credit_rating = 'Average'
- # customer.credit_rating # => "Average"
- #
- # And using the <tt>:admin</tt> role:
- #
- # customer = Customer.new
- # customer.assign_attributes({ name: 'David', credit_rating: 'Excellent', last_login: 1.day.ago }, as: :admin)
- # customer.name # => "David"
- # customer.credit_rating # => "Excellent"
- #
- # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of
- # +attr_accessible+ to sanitize attributes provides basically the same
- # functionality, but it makes a bit tricky to deal with nested attributes.
- def attr_accessible(*args)
- options = args.extract_options!
- role = options[:as] || :default
-
- self._accessible_attributes = accessible_attributes_configs.dup
-
- Array(role).each do |name|
- self._accessible_attributes[name] = self.accessible_attributes(name) + args
- end
-
- self._active_authorizer = self._accessible_attributes
- end
-
- # Returns an instance of <tt>ActiveModel::MassAssignmentSecurity::BlackList</tt>
- # with the attributes protected by #attr_protected method. If no +role+
- # is provided, then <tt>:default</tt> is used.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessor :name, :email, :logins_count
- #
- # attr_protected :logins_count
- # attr_protected :logins_count, :email, as: :admin
- # end
- #
- # Customer.protected_attributes
- # # => #<ActiveModel::MassAssignmentSecurity::BlackList: {"logins_count"}>
- #
- # Customer.protected_attributes(:default)
- # # => #<ActiveModel::MassAssignmentSecurity::BlackList: {"logins_count"}>
- #
- # Customer.protected_attributes(:admin)
- # # => #<ActiveModel::MassAssignmentSecurity::BlackList: {"logins_count", "email"}>
- def protected_attributes(role = :default)
- protected_attributes_configs[role]
- end
-
- # Returns an instance of <tt>ActiveModel::MassAssignmentSecurity::WhiteList</tt>
- # with the attributes protected by #attr_accessible method. If no +role+
- # is provided, then <tt>:default</tt> is used.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessor :name, :credit_rating
- #
- # attr_accessible :name, as: [:admin, :default]
- # attr_accessible :credit_rating, as: :admin
- # end
- #
- # Customer.accessible_attributes
- # # => #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name"}>
- #
- # Customer.accessible_attributes(:default)
- # # => #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name"}>
- #
- # Customer.accessible_attributes(:admin)
- # # => #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name", "credit_rating"}>
- def accessible_attributes(role = :default)
- accessible_attributes_configs[role]
- end
-
- # Returns a hash with the protected attributes (by #attr_accessible or
- # #attr_protected) per role.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessor :name, :credit_rating
- #
- # attr_accessible :name, as: [:admin, :default]
- # attr_accessible :credit_rating, as: :admin
- # end
- #
- # Customer.active_authorizers
- # # => {
- # # :admin=> #<ActiveModel::MassAssignmentSecurity::WhiteList: {"name", "credit_rating"}>,
- # # :default=>#<ActiveModel::MassAssignmentSecurity::WhiteList: {"name"}>
- # #  }
- def active_authorizers
- self._active_authorizer ||= protected_attributes_configs
- end
- alias active_authorizer active_authorizers
-
- # Returns an empty array by default. You can still override this to define
- # the default attributes protected by #attr_protected method.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # def self.attributes_protected_by_default
- # [:name]
- # end
- # end
- #
- # Customer.protected_attributes
- # # => #<ActiveModel::MassAssignmentSecurity::BlackList: {:name}>
- def attributes_protected_by_default
- []
- end
-
- # Defines sanitize method.
- #
- # class Customer
- # include ActiveModel::MassAssignmentSecurity
- #
- # attr_accessor :name
- #
- # attr_protected :name
- #
- # def assign_attributes(values)
- # sanitize_for_mass_assignment(values).each do |k, v|
- # send("#{k}=", v)
- # end
- # end
- # end
- #
- # # See ActiveModel::MassAssignmentSecurity::StrictSanitizer for more information.
- # Customer.mass_assignment_sanitizer = :strict
- #
- # customer = Customer.new
- # customer.assign_attributes(name: 'David')
- # # => ActiveModel::MassAssignmentSecurity::Error: Can't mass-assign protected attributes for Customer: name
- #
- # Also, you can specify your own sanitizer object.
- #
- # class CustomSanitizer < ActiveModel::MassAssignmentSecurity::Sanitizer
- # def process_removed_attributes(klass, attrs)
- # raise StandardError
- # end
- # end
- #
- # Customer.mass_assignment_sanitizer = CustomSanitizer.new
- #
- # customer = Customer.new
- # customer.assign_attributes(name: 'David')
- # # => StandardError: StandardError
- def mass_assignment_sanitizer=(value)
- self._mass_assignment_sanitizer = if value.is_a?(Symbol)
- const_get(:"#{value.to_s.camelize}Sanitizer").new(self)
- else
- value
- end
- end
-
- private
-
- def protected_attributes_configs
- self._protected_attributes ||= begin
- Hash.new { |h,k| h[k] = BlackList.new(attributes_protected_by_default) }
- end
- end
-
- def accessible_attributes_configs
- self._accessible_attributes ||= begin
- Hash.new { |h,k| h[k] = WhiteList.new }
- end
- end
- end
-
- protected
-
- def sanitize_for_mass_assignment(attributes, role = nil) #:nodoc:
- _mass_assignment_sanitizer.sanitize(self.class, attributes, mass_assignment_authorizer(role))
- end
-
- def mass_assignment_authorizer(role) #:nodoc:
- self.class.active_authorizer[role || :default]
- end
- end
-end
Oops, something went wrong.

0 comments on commit f8c9a4d

Please sign in to comment.