module Protector::Adapters::ActiveRecord::Base

Patches ‘ActiveRecord::Base`

Public Class Methods

restrict!(*args) click to toggle source
# File lib/protector/adapters/active_record/base.rb, line 28
def self.restrict!(*args)
  scoped.restrict!(*args)
end

Public Instance Methods

[](name) click to toggle source
# File lib/protector/adapters/active_record/base.rb, line 37
def [](name)
  # rubocop:disable ParenthesesAroundCondition
  if (
    !protector_subject? ||
    name == self.class.primary_key ||
    (self.class.primary_key.is_a?(Array) && self.class.primary_key.include?(name)) ||
    protector_meta.readable?(name)
  )
    read_attribute(name)
  else
    nil
  end
  # rubocop:enable ParenthesesAroundCondition
end
association(*params) click to toggle source
Calls superclass method
# File lib/protector/adapters/active_record/base.rb, line 52
def association(*params)
  return super unless protector_subject?
  super.restrict!(protector_subject)
end
can?(action, field=false) click to toggle source
# File lib/protector/adapters/active_record/base.rb, line 121
def can?(action, field=false)
  protector_meta.can?(action, field)
end
creatable?() click to toggle source

Checks if current model can be created in the context of current subject

# File lib/protector/adapters/active_record/base.rb, line 107
def creatable?
  protector_meta.creatable? protector_changed
end
destroyable?() click to toggle source

Checks if current model can be destroyed in the context of current subject

# File lib/protector/adapters/active_record/base.rb, line 117
def destroyable?
  protector_meta.destroyable?
end
protector_changed() click to toggle source

Gathers real changed values bypassing restrictions

# File lib/protector/adapters/active_record/base.rb, line 88
def protector_changed
  HashWithIndifferentAccess[changed.map { |field| [field, read_attribute(field)] }]
end
protector_meta(subject=protector_subject) click to toggle source

Storage for {Protector::DSL::Meta::Box}

# File lib/protector/adapters/active_record/base.rb, line 93
def protector_meta(subject=protector_subject)
  @protector_meta ||= self.class.protector_meta.evaluate(subject, self)
end
restrict!(*args) click to toggle source

Drops {Protector::DSL::Meta::Box} cache when subject changes

Calls superclass method Protector::DSL::Base#restrict!
# File lib/protector/adapters/active_record/base.rb, line 22
def restrict!(*args)
  @protector_meta = nil
  super
end
updatable?() click to toggle source

Checks if current model can be updated in the context of current subject

# File lib/protector/adapters/active_record/base.rb, line 112
def updatable?
  protector_meta.updatable? protector_changed
end
visible?() click to toggle source

Checks if current model can be selected in the context of current subject

# File lib/protector/adapters/active_record/base.rb, line 98
def visible?
  return true unless protector_meta.scoped?

  protector_meta.relation.where(
    self.class.primary_key => id
  ).any?
end

Private Instance Methods

protector_ensure_destroyable() click to toggle source
# File lib/protector/adapters/active_record/base.rb, line 126
def protector_ensure_destroyable
  return true unless protector_subject?
  destroyable?
end