Module: Searchgasm::Conditions::Protection

Included in:
Base
Defined in:
lib/searchgasm/conditions/protection.rb

Overview

Conditions Protection

Adds protection from SQL injections. Just set protect = true and it will limit what kind of conditions it will accept.

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(klass) ⇒ Object



7
8
9
10
11
12
# File 'lib/searchgasm/conditions/protection.rb', line 7

def self.included(klass)
  klass.class_eval do
    attr_reader :protect
    alias_method_chain :conditions=, :protection
  end
end

Instance Method Details

#conditions_with_protection=(conditions) ⇒ Object



14
15
16
17
18
19
20
21
22
23
# File 'lib/searchgasm/conditions/protection.rb', line 14

def conditions_with_protection=(conditions)
  unless conditions.is_a?(Hash)
    if protect?
      return if conditions.blank?
      raise(ArgumentError, "You can not pass SQL as conditions while the search is being protected, you can only pass a hash")
    end
  end
  
  self.conditions_without_protection = conditions
end

#protect=(value) ⇒ Object



25
26
27
28
# File 'lib/searchgasm/conditions/protection.rb', line 25

def protect=(value)
  associations.each { |name, obj| obj.protect = value }
  @protect = value
end

#protect?Boolean Also known as: protected?

Returns:

  • (Boolean)


30
31
32
# File 'lib/searchgasm/conditions/protection.rb', line 30

def protect?
  protect == true
end