Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
cc1c4acc
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
cc1c4acc
编写于
3月 14, 2012
作者:
J
José Valim
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #5431 from bogdan/mas_performance
AM::MassAssingmentSecurity: improve performance
上级
ab1b352a
7d1379ff
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
17 addition
and
19 deletion
+17
-19
activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
...el/lib/active_model/mass_assignment_security/sanitizer.rb
+16
-18
activemodel/test/cases/mass_assignment_security_test.rb
activemodel/test/cases/mass_assignment_security_test.rb
+1
-1
未找到文件。
activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
浏览文件 @
cc1c4acc
...
...
@@ -3,20 +3,18 @@ module MassAssignmentSecurity
class
Sanitizer
# Returns all attributes not denied by the authorizer.
def
sanitize
(
attributes
,
authorizer
)
sanitized_attributes
=
attributes
.
reject
{
|
key
,
value
|
authorizer
.
deny?
(
key
)
}
debug_protected_attribute_removal
(
attributes
,
sanitized_attributes
)
sanitized_attributes
attributes
.
reject
do
|
attr
,
value
|
if
authorizer
.
deny?
(
attr
)
process_removed_attribute
(
attr
)
true
end
end
end
protected
def
debug_protected_attribute_removal
(
attributes
,
sanitized_attributes
)
removed_keys
=
attributes
.
keys
-
sanitized_attributes
.
keys
process_removed_attributes
(
removed_keys
)
if
removed_keys
.
any?
end
def
process_removed_attributes
(
attrs
)
raise
NotImplementedError
,
"#process_removed_attributes(attrs) suppose to be overwritten"
def
process_removed_attribute
(
attr
)
raise
NotImplementedError
,
"#process_removed_attribute(attr) suppose to be overwritten"
end
end
...
...
@@ -34,8 +32,8 @@ def logger?
@target
.
respond_to?
(
:logger
)
&&
@target
.
logger
end
def
process_removed_attribute
s
(
attrs
)
logger
.
warn
"Can't mass-assign protected attribute
s:
#{
attrs
.
join
(
', '
)
}
"
if
logger?
def
process_removed_attribute
(
attr
)
logger
.
warn
"Can't mass-assign protected attribute
:
#{
attr
}
"
if
logger?
end
end
...
...
@@ -44,19 +42,19 @@ def initialize(target = nil)
super
()
end
def
process_removed_attribute
s
(
attrs
)
return
if
(
attrs
-
insensitive_attributes
).
empty?
raise
ActiveModel
::
MassAssignmentSecurity
::
Error
.
new
(
attr
s
)
def
process_removed_attribute
(
attr
)
return
if
insensitive_attributes
.
include?
(
attr
)
raise
ActiveModel
::
MassAssignmentSecurity
::
Error
.
new
(
attr
)
end
def
insensitive_attributes
[
'id'
]
@insensitive_attributes
||=
[
'id'
]
end
end
class
Error
<
StandardError
def
initialize
(
attr
s
)
super
(
"Can't mass-assign protected attribute
s:
#{
attrs
.
join
(
', '
)
}
"
)
def
initialize
(
attr
)
super
(
"Can't mass-assign protected attribute
:
#{
attr
}
"
)
end
end
end
...
...
activemodel/test/cases/mass_assignment_security_test.rb
浏览文件 @
cc1c4acc
...
...
@@ -4,7 +4,7 @@
class
CustomSanitizer
<
ActiveModel
::
MassAssignmentSecurity
::
Sanitizer
def
process_removed_attribute
s
(
attrs
)
def
process_removed_attribute
(
attr
)
raise
StandardError
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录