Module: ActiveModel::MassAssignmentSecurity::Sanitizer

Defined in:: lib/dm-rails/mass_assignment_security.rb

Overview

Provides a patched version of the Sanitizer used in Rails to handle property and relationship objects as keys. There is no way to inject a custom sanitizer without reimplementing the permission sets.

Instance Method Summary collapse

#sanitize(attributes) ⇒ Hash

Returns all attributes not denied by the authorizer.

Instance Method Details

#sanitize(attributes) ⇒ `Hash`

Returns all attributes not denied by the authorizer.

Parameters:

attributes (Hash{Symbol,String,::DataMapper::Property,::DataMapper::Relationship=>Object}) —

Names and values of attributes to sanitize.

Returns:

(Hash) —

Sanitized hash of attributes.

# File 'lib/dm-rails/mass_assignment_security.rb', line 18

def sanitize(attributes)
  sanitized_attributes = attributes.reject do |key, value|
    key_name = key.name rescue key
    deny?(key_name)
  end
  debug_protected_attribute_removal(attributes, sanitized_attributes)
  sanitized_attributes
end

Module: ActiveModel::MassAssignmentSecurity::Sanitizer

Overview

Instance Method Summary collapse

Instance Method Details

#sanitize(attributes) ⇒ Hash

#sanitize(attributes) ⇒ `Hash`