Class: Devise::ParamFilter

Inherits:

Object

• Object
• Devise::ParamFilter

Defined in:

lib/devise/param_filter.rb

Instance Method Summary

• #filter(conditions) ⇒ Object
• #filtered_hash_by_method_for_given_keys(conditions, method, condition_keys) ⇒ Object
• #initialize(case_insensitive_keys, strip_whitespace_keys) ⇒ ParamFilter constructor

  A new instance of ParamFilter.

• #stringify_params(conditions) ⇒ Object

  Force keys to be string to avoid injection on mongoid related database.

Constructor Details

#initialize(case_insensitive_keys, strip_whitespace_keys) ⇒ ParamFilter

Returns a new instance of ParamFilter.

# File 'lib/devise/param_filter.rb', line 3

def initialize(case_insensitive_keys, strip_whitespace_keys)
  @case_insensitive_keys = case_insensitive_keys || []
  @strip_whitespace_keys = strip_whitespace_keys || []
end

Instance Method Details

#filter(conditions) ⇒ Object

# File 'lib/devise/param_filter.rb', line 8

def filter(conditions)
  conditions = stringify_params(conditions.dup)

  conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :downcase, @case_insensitive_keys))
  conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :strip, @strip_whitespace_keys))

  conditions
end

#filtered_hash_by_method_for_given_keys(conditions, method, condition_keys) ⇒ Object

# File 'lib/devise/param_filter.rb', line 17

def filtered_hash_by_method_for_given_keys(conditions, method, condition_keys)
  condition_keys.each do |k|
    value = conditions[k]
    conditions[k] = value.send(method) if value.respond_to?(method)
  end

  conditions
end

#stringify_params(conditions) ⇒ Object

Force keys to be string to avoid injection on mongoid related database.

# File 'lib/devise/param_filter.rb', line 27

def stringify_params(conditions)
  return conditions unless conditions.is_a?(Hash)
  conditions.each do |k, v|
    conditions[k] = v.to_s if param_requires_string_conversion?(v)
  end
end