module ActiveModel::MassAssignmentSecurity
Public Instance Methods
sanitize(klass, attributes, authorizer)
click to toggle source
Returns all attributes not denied by the authorizer.
@param [Class] klass
Model class
@param [Hash{Symbol,String,::DataMapper::Property,::DataMapper::Relationship=>Object}] attributes
Names and values of attributes to sanitize.
@param [#deny?] authorizer
Usually a ActiveModel::MassAssignmentSecurity::PermissionSet responding to deny?
@return [Hash]
Sanitized hash of attributes.
# File lib/dm-rails/mass_assignment_security.rb, line 43 def sanitize(klass, attributes, authorizer) rejected = [] sanitized_attributes = attributes.reject do |key, value| key_name = key.name rescue key rejected << key_name if authorizer.deny?(key_name) end process_removed_attributes(klass, rejected) unless rejected.empty? sanitized_attributes end