module Skr::Concerns::JsonAttributeAccess::ClassMethods

Public Instance Methods

blacklist_json_attributes( *attributes ) click to toggle source

@param attributes [Array of symbols] attributes that are not safe for the API to set

# File lib/skr/concerns/json_attribute_access.rb, line 31
def blacklist_json_attributes( *attributes )
    options = attributes.extract_options!
    self.blacklisted_json_attributes ||= {}
    attributes.each{|attr| self.blacklisted_json_attributes[ attr.to_sym ] = options }
end
json_attr_accessor( *names ) click to toggle source

An attribute accessor that allows access from the API

# File lib/skr/concerns/json_attribute_access.rb, line 16
def json_attr_accessor( *names )
    names.each do | attr |
        attr_accessor attr
        whitelist_json_attributes attr
    end
end
json_attribute_is_allowed?(name, user = Skr::UserProxy.current) click to toggle source

An attribute is allowed if it's white listed or it's a valid attribute and not black listed @param name [Symbol] @param user [UserProxy,User] who is performing request

# File lib/skr/concerns/json_attribute_access.rb, line 41
def json_attribute_is_allowed?(name, user = Skr::UserProxy.current)
    return false unless user.can_write?(self, name)
    (self.whitelisted_json_attributes && self.whitelisted_json_attributes.has_key?( name.to_sym)) ||
        (
            self.attribute_names.include?( name.to_s ) &&
            ( self.blacklisted_json_attributes.nil? ||
              ! self.blacklisted_json_attributes.has_key?( name.to_sym )  )
        )
end
whitelist_json_attributes( *attributes ) click to toggle source

@param attributes [Array of symbols] attributes that are safe for the API to set

# File lib/skr/concerns/json_attribute_access.rb, line 24
def whitelist_json_attributes( *attributes )
    options = attributes.extract_options!
    self.whitelisted_json_attributes ||= {}
    attributes.each{|attr| self.whitelisted_json_attributes[ attr.to_sym ] = options }
end