Module: ActiveSecurity
- Defined in:
- lib/active_security.rb,
lib/active_security/base.rb,
lib/active_security/scoped.rb,
lib/active_security/finders.rb,
lib/active_security/version.rb,
lib/active_security/privileged.rb,
lib/active_security/restricted.rb,
lib/active_security/configuration.rb,
lib/active_security/finder_methods.rb,
lib/active_security/privileged_hooks.rb,
lib/active_security/restricted_hooks.rb
Defined Under Namespace
Modules: Base, FinderMethods, Finders, Privileged, PrivilegedHooks, Restricted, RestrictedHooks, Scoped, Version Classes: Configuration, InvalidConfig, RestrictedAccessError, UnhandledArelPredicateError
Class Method Summary collapse
-
.defaults(&block) ⇒ Object
Set global defaults for all models using ActiveSecurity.
-
.extended(model_class) ⇒ Object
ActiveSecurity takes advantage of ‘extended` to do basic model setup, primarily extending Base to add active_security as a class method.
-
.included(model_class) ⇒ Object
Allow developers to ‘include` ActiveSecurity or `extend` it.
-
.reset_defaults ⇒ Object
If you need to reset the defaults to original defaults, just call without a block:.
Class Method Details
.defaults(&block) ⇒ Object
Set global defaults for all models using ActiveSecurity.
The default defaults are to use the ‘:restricted` module and nothing else.
74 75 76 77 |
# File 'lib/active_security.rb', line 74 def defaults(&block) @defaults = block if block # rubocop:disable ThreadSafety/InstanceVariableInClassMethod @defaults ||= ->(config) { config.use(:restricted) } # rubocop:disable ThreadSafety/InstanceVariableInClassMethod end |
.extended(model_class) ⇒ Object
ActiveSecurity takes advantage of ‘extended` to do basic model setup, primarily extending Base to add active_security as a class method.
In addition to adding active_security, the class instance variable @active_security_config is added. This variable is an instance of an anonymous subclass of Configuration. This allows subsequently loaded modules like Scoped to add functionality to the configuration class only for the current class, rather than monkey patching Configuration directly. This isolates other models from large feature changes an addon to ActiveSecurity could potentially introduce.
The upshot of this is, you can have two Active Record models that both have a @active_security_config, but each config object can have different methods and behaviors depending on what modules have been loaded, without conflicts. Keep this in mind if you’re hacking on ActiveSecurity.
For examples of this, see the source for ActiveSecurity::Scoped.included.
48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/active_security.rb', line 48 def extended(model_class) return if model_class.respond_to?(:active_security) class << model_class alias_method :relation_without_active_security, :relation end model_class.class_eval do extend(Base) @active_security_config = Class.new(Configuration).new(self) # rubocop:disable ThreadSafety/InstanceVariableInClassMethod ActiveSecurity.defaults.call(@active_security_config) # rubocop:disable ThreadSafety/InstanceVariableInClassMethod end end |
.included(model_class) ⇒ Object
Allow developers to ‘include` ActiveSecurity or `extend` it.
61 62 63 |
# File 'lib/active_security.rb', line 61 def included(model_class) model_class.extend(self) end |
.reset_defaults ⇒ Object
If you need to reset the defaults to original defaults, just call without a block:
ActiveSecurity.reset_defaults
83 84 85 |
# File 'lib/active_security.rb', line 83 def reset_defaults @defaults = nil # rubocop:disable ThreadSafety/InstanceVariableInClassMethod end |