Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Access control for ActiveModel/ActiveRecord attributes
Ruby
branch: master
Failed to load latest commit information.
lib Initial commit
spec Initial commit
.gitignore Initial commit
.rspec Initial commit
Gemfile Initial commit
LICENSE.txt Initial commit
README.rdoc Initial commit
Rakefile Initial commit
VERSION Initial commit
active_access.gemspec Initial commit

README.rdoc

active_access

The ActiveAccess mixin makes it easy to limit access to ActiveModel and ActiveRecord attributes by declaring generated attribute accessor methods private.

Mixing the ActiveAcess::AttributeMethods into a class that mixes in ActiveModel::AttributeMethods or is derived from ActiveRecord::Base adds the attr_private and attr_private_writer macros.

These macros change the behavior of define_attribute_methods to declare generated attribute accessors private: attr_private declares all accessors for an attribute private; attr_private_writer declares only writer methods private.

ActiveAccess recognizes the following attribute reader method name patterns:

#name
#name?
#name_before_type_cast
#name_changed?
#name_change
#name_was
#_name

ActiveAccess recognizes the following attribute writer method name patterns:

#name=
#name_will_change
#reset_name!

Example

class Widget < ActiveRecord::Base

  include ActiveAccess::AttributeMethods

  attr_private_writer :read_me

  attr_private :secret

end

Widget.new.respond_to? :read_me  # => true
Widget.new.read_me = "new value" # raises NoMethodError

Widget.new.respond_to? :secret   # => false
Widget.new.secret = "new value"  # raises NoMethodError

Limitations

ActiveAccess only restricts access to named attribute accessors. Unnamed accessors such as ActiveRecord read_attribute and write_attribute as well as hash-style access are not restricted. Attribute aliases are also unrestricted.

ActiveRecord does not allow attributes with private writers to be initialized (i.e. passed as parameters to new) or mass-assigned (passed as parameters to assign_attributes or attributes=).

Copyright

Copyright © 2012 Riley Lynch, Teleological Software, LLC. See LICENSE.txt for further details.

Something went wrong with that request. Please try again.