Module: Sequel::Plugins::WhitelistSecurity::ClassMethods
- Defined in:
- lib/sequel/plugins/whitelist_security.rb
Instance Attribute Summary collapse
-
#allowed_columns ⇒ Object
readonly
Which columns should be the only columns allowed in a call to a mass assignment method (e.g. set) (default: not set, so all columns not otherwise restricted are allowed).
Instance Method Summary collapse
-
#freeze ⇒ Object
Freeze allowed columns when freezing model class.
-
#set_allowed_columns(*cols) ⇒ Object
Set the columns to allow when using mass assignment (e.g.
set).
Instance Attribute Details
#allowed_columns ⇒ Object (readonly)
Which columns should be the only columns allowed in a call to a mass assignment method (e.g. set) (default: not set, so all columns not otherwise restricted are allowed).
22 23 24 |
# File 'lib/sequel/plugins/whitelist_security.rb', line 22 def allowed_columns @allowed_columns end |
Instance Method Details
#freeze ⇒ Object
Freeze allowed columns when freezing model class.
27 28 29 30 |
# File 'lib/sequel/plugins/whitelist_security.rb', line 27 def freeze @allowed_columns.freeze super end |
#set_allowed_columns(*cols) ⇒ Object
Set the columns to allow when using mass assignment (e.g. set). Using this means that any columns not listed here will not be modified. If you have any virtual setter methods (methods that end in =) that you want to be used during mass assignment, they need to be listed here as well (without the =).
It may be better to use set_fields which lets you specify the allowed fields per call.
Artist.set_allowed_columns(:name, :hometown)
Artist.set(name: 'Bob', hometown: 'Sactown') # No Error
Artist.set(name: 'Bob', records_sold: 30000) # Error
43 44 45 46 |
# File 'lib/sequel/plugins/whitelist_security.rb', line 43 def set_allowed_columns(*cols) clear_setter_methods_cache @allowed_columns = cols end |