Module: ActiveSecurity

Defined in:

lib/active_security.rb,
lib/active_security/base.rb,
lib/active_security/scoped.rb,
lib/active_security/finders.rb,
lib/active_security/version.rb,
lib/active_security/privileged.rb,
lib/active_security/restricted.rb,
lib/active_security/configuration.rb,
lib/active_security/finder_methods.rb,
lib/active_security/privileged_hooks.rb,
lib/active_security/restricted_hooks.rb

Defined Under Namespace

Modules: Base, FinderMethods, Finders, Privileged, PrivilegedHooks, Restricted, RestrictedHooks, Scoped, Version Classes: Configuration, InvalidConfig, RestrictedAccessError, UnhandledArelPredicateError

Class Method Summary

• .defaults(&block) ⇒ Object

  Set global defaults for all models using ActiveSecurity.

• .extended(model_class) ⇒ Object

  ActiveSecurity takes advantage of ‘extended` to do basic model setup, primarily extending Base to add active_security as a class method.

• .included(model_class) ⇒ Object

  Allow developers to ‘include` ActiveSecurity or `extend` it.

• .reset_defaults ⇒ Object

  If you need to reset the defaults to original defaults, just call without a block:.

Class Method Details

.defaults(&block) ⇒ Object

Set global defaults for all models using ActiveSecurity.

The default defaults are to use the ‘:restricted` module and nothing else.

Examples:

ActiveSecurity.defaults do |config|
  config.base :name
  config.use :something_else
end

# File 'lib/active_security.rb', line 74

def defaults(&block)
  @defaults = block if block # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
  @defaults ||= ->(config) { config.use(:restricted) } # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
end

.extended(model_class) ⇒ Object

ActiveSecurity takes advantage of ‘extended` to do basic model setup, primarily extending Base to add active_security as a class method.

In addition to adding active_security, the class instance variable @active_security_config is added. This variable is an instance of an anonymous subclass of Configuration. This allows subsequently loaded modules like Scoped to add functionality to the configuration class only for the current class, rather than monkey patching Configuration directly. This isolates other models from large feature changes an addon to ActiveSecurity could potentially introduce.

The upshot of this is, you can have two Active Record models that both have a @active_security_config, but each config object can have different methods and behaviors depending on what modules have been loaded, without conflicts. Keep this in mind if you’re hacking on ActiveSecurity.

For examples of this, see the source for ActiveSecurity::Scoped.included.

# File 'lib/active_security.rb', line 48

def extended(model_class)
  return if model_class.respond_to?(:active_security)
  class << model_class
    alias_method :relation_without_active_security, :relation
  end
  model_class.class_eval do
    extend(Base)
    @active_security_config = Class.new(Configuration).new(self) # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
    ActiveSecurity.defaults.call(@active_security_config) # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
  end
end

.included(model_class) ⇒ Object

Allow developers to ‘include` ActiveSecurity or `extend` it.

# File 'lib/active_security.rb', line 61

def included(model_class)
  model_class.extend(self)
end

.reset_defaults ⇒ Object

If you need to reset the defaults to original defaults, just call without a block:

ActiveSecurity.reset_defaults

# File 'lib/active_security.rb', line 83

def reset_defaults
  @defaults = nil # rubocop:disable ThreadSafety/InstanceVariableInClassMethod
end