module Protector::Adapters::Sequel::Model
Patches ‘Sequel::Model`
Public Instance Methods
[](name)
click to toggle source
Security-checking attributes reader
@param name [Symbol] Name of attribute to read
# File lib/protector/adapters/sequel/model.rb, line 92 def [](name) # rubocop:disable ParenthesesAroundCondition if ( !protector_subject? || name == self.class.primary_key || (self.class.primary_key.is_a?(Array) && self.class.primary_key.include?(name)) || protector_meta.readable?(name.to_s) ) @values[name.to_sym] else nil end # rubocop:enable ParenthesesAroundCondition end
_associated_dataset(*args)
click to toggle source
This is used whenever we fetch data
Calls superclass method
# File lib/protector/adapters/sequel/model.rb, line 108 def _associated_dataset(*args) return super unless protector_subject? super.restrict!(protector_subject) end
_dataset(*args)
click to toggle source
This is used whenever we call counters and existance checkers
Calls superclass method
# File lib/protector/adapters/sequel/model.rb, line 114 def _dataset(*args) return super unless protector_subject? super.restrict!(protector_subject) end
before_destroy()
click to toggle source
Destroy availability check
Calls superclass method
# File lib/protector/adapters/sequel/model.rb, line 84 def before_destroy return false if protector_subject? && !destroyable? super end
can?(action, field=false)
click to toggle source
# File lib/protector/adapters/sequel/model.rb, line 63 def can?(action, field=false) protector_meta.can?(action, field) end
creatable?()
click to toggle source
Checks if current model can be created in the context of current subject
# File lib/protector/adapters/sequel/model.rb, line 49 def creatable? protector_meta.creatable? protector_changed(keys) end
destroyable?()
click to toggle source
Checks if current model can be destroyed in the context of current subject
# File lib/protector/adapters/sequel/model.rb, line 59 def destroyable? protector_meta.destroyable? end
protector_changed(fields)
click to toggle source
Gathers real values of given fields bypassing restrictions
# File lib/protector/adapters/sequel/model.rb, line 33 def protector_changed(fields) HashWithIndifferentAccess[fields.map { |x| [x.to_s, @values[x]] }] end
protector_meta(subject=protector_subject)
click to toggle source
Storage for {Protector::DSL::Meta::Box}
# File lib/protector/adapters/sequel/model.rb, line 38 def protector_meta(subject=protector_subject) @protector_meta ||= self.class.protector_meta.evaluate(subject, self) end
restrict!(*args)
click to toggle source
Drops {Protector::DSL::Meta::Box} cache when subject changes
Calls superclass method
Protector::DSL::Base#restrict!
# File lib/protector/adapters/sequel/model.rb, line 12 def restrict!(*args) @protector_meta = nil super end
updatable?()
click to toggle source
Checks if current model can be updated in the context of current subject
# File lib/protector/adapters/sequel/model.rb, line 54 def updatable? protector_meta.updatable? protector_changed(changed_columns) end
validate()
click to toggle source
Basic security validations
Calls superclass method
# File lib/protector/adapters/sequel/model.rb, line 68 def validate super return unless protector_subject? # rubocop:disable IndentationWidth, EndAlignment field = if new? protector_meta.first_uncreatable_field protector_changed(keys) else protector_meta.first_unupdatable_field protector_changed(changed_columns) end # rubocop:enable IndentationWidth, EndAlignment errors.add :base, I18n.t('protector.invalid', field: field) if field end
visible?()
click to toggle source
Checks if current model can be selected in the context of current subject
# File lib/protector/adapters/sequel/model.rb, line 43 def visible? return true unless protector_meta.scoped? protector_meta.relation.where(pk_hash).any? end