Class: Kindergarten::HeadGoverness

Inherits:

Object

• Object
• Kindergarten::HeadGoverness

Includes:

CanCan::Ability

Defined in:

lib/kindergarten/governesses/head_governess.rb

Overview

The Governess keeps an eye on the child in the sandbox and makes sure she plays nicely and within the bounds of legality

Direct Known Subclasses

EasyGoverness, StrictGoverness

Instance Attribute Summary

• #child ⇒ Object readonly

  Returns the value of attribute child.

Instance Method Summary

• #empty? ⇒ Boolean

  The governess is empty when no rules have been defined.

• #governed(method, &block) ⇒ Object

  Perform a sandbox method within the care of the governess.

• #guard(action, target, opts = {}) ⇒ Object

  Check to see if the child can do something, increments @guard_count.

• #guarded? ⇒ Boolean
• #initialize(child) ⇒ HeadGoverness constructor

  A new instance of HeadGoverness.

• #rinse(attributes, untaint_opts) ⇒ RinsedHash

  Scrub a hash of any key that is not specified.

• #scrub(attributes, *list) ⇒ ScrubbedHash

  Scrub a hash of any key that is not specified.

• #unguarded(&block) ⇒ Object

  When a block is given, set the Governess to unguarded during the execution of the block.

• #unguarded? ⇒ Boolean

Constructor Details

#initialize(child) ⇒ HeadGoverness

Returns a new instance of HeadGoverness.

# File 'lib/kindergarten/governesses/head_governess.rb', line 9

def initialize(child)
  @child     = child
  @unguarded = false
  @rules     = []
end

Instance Attribute Details

#child ⇒ Object (readonly)

Returns the value of attribute child.

# File 'lib/kindergarten/governesses/head_governess.rb', line 7

def child
  @child
end

Instance Method Details

#empty? ⇒ Boolean

The governess is empty when no rules have been defined

Returns:

• (Boolean)

# File 'lib/kindergarten/governesses/head_governess.rb', line 16

def empty?
  @rules.empty?
end

#governed(method, &block) ⇒ Object

Perform a sandbox method within the care of the governess.

The HeadGoverness does nothing with it.

Parameters:

• method (Symbol) —

  The name of the method that will be executed (for logging, record-keeping, raising, etc.)

Returns:

• The result of the block

# File 'lib/kindergarten/governesses/head_governess.rb', line 28

def governed(method, &block)
  raise "You must specify a block" unless block_given?

  return yield
end

#guard(action, target, opts = {}) ⇒ Object

Check to see if the child can do something, increments @guard_count

Parameters:

• action —

  Action to take

• target —

  On given target

• opts (Hash) (defaults to: {}) —

  options

Options Hash (opts):

• :message (String) —

  The message on access denied

Returns:

• The given target to allow def project(id)

  project = Project.find(id)
  guard(:view, project)
  

  end

Raises:

• (Kindergarten::AccessDenied) —

  when the kindergarten is guarded and the action is not allowed

# File 'lib/kindergarten/governesses/head_governess.rb', line 50

def guard(action, target, opts={})
  if guarded? && cannot?(action, target)
    raise Kindergarten::AccessDenied.new(action, target, opts)
  end

  # to allow
  #   def project(id)
  #     project = Project.find(id)
  #     guard(:view, project)
  #   end
  #
  return target
end

#guarded? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/kindergarten/governesses/head_governess.rb', line 77

def guarded?
  !unguarded?
end

#rinse(attributes, untaint_opts) ⇒ RinsedHash

Scrub a hash of any key that is not specified

Examples:

Untaint

rinse(attributes, :name => /^([a-Z0-9]+)/, :description => /([\w\s-]+)/mg)

Pass on a Date attribute

rinse(attributes, :name => /([\w\s-]+)/, :date => :pass)

Bad practice

# beware of the dot-star!
rinse(attributes, :name => /(.*)/)

Parameters:

• attributes (Hash) —

  An attributes-hash to scrub

• untaint_opts (Hash) —

  Specify a Regexp for each key. The value from the attributes will be matched against the regexp and replaced with the first result.

  specify :pass instead of a Regexp to let the value pass without matching (usefull for non strings, etc.)

Returns:

• (RinsedHash) —

  a hash with only allowed keys and untainted values

# File 'lib/kindergarten/governesses/head_governess.rb', line 131

def rinse(attributes, untaint_opts)
  untaint_opts.symbolize_keys!

  scrubbed = scrub(attributes, *untaint_opts.keys)

  scrubbed.each do |key, value|
    untaint = untaint_opts[key]
    next if untaint == :pass

    match = "#{value}".match(untaint)
    if match.nil?
      scrubbed.delete key
    else
      scrubbed[key] = match[1]
    end
  end

  return Kindergarten::RinsedHash[scrubbed]
end

#scrub(attributes, *list) ⇒ ScrubbedHash

Scrub a hash of any key that is not specified

Parameters:

• attributes (Hash) —

  An attributes-hash to scrub

• list (Symbol) —

  A list of allowed attributes

Returns:

• (ScrubbedHash) —

  a hash with only allowed keys

# File 'lib/kindergarten/governesses/head_governess.rb', line 91

def scrub(attributes, *list)
  list.map!(&:to_sym)

  if attributes.respond_to?(:symbolize_keys!)
    attributes.symbolize_keys!
  else
    attributes = attributes.symbolize_keys
  end

  forbidden = Kindergarten::Governesses.forbidden_keys

  Kindergarten::ScrubbedHash[
    attributes.delete_if do |key,value|
      forbidden.include?(key) || !list.include?(key)
    end
  ]
end

#unguarded(&block) ⇒ Object

When a block is given, set the Governess to unguarded during the execution of the block

# File 'lib/kindergarten/governesses/head_governess.rb', line 67

def unguarded(&block)
  if block_given?
    before = @unguarded

    @unguarded = true
    yield
    @unguarded = before
  end
end

#unguarded? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/kindergarten/governesses/head_governess.rb', line 81

def unguarded?
  !!@unguarded
end