class Devise::ParameterSanitizer

Public Class Methods

new(*) click to toggle source
Calls superclass method Devise::BaseSanitizer::new
# File lib/devise/parameter_sanitizer.rb, line 44
def initialize(*)
  super
  @permitted = Hash.new { |h,k| h[k] = attributes_for(k) }
end

Public Instance Methods

account_update() click to toggle source
# File lib/devise/parameter_sanitizer.rb, line 57
def account_update
  permit self.for(:account_update)
end
sign_in() click to toggle source
# File lib/devise/parameter_sanitizer.rb, line 49
def sign_in
  permit self.for(:sign_in)
end
sign_up() click to toggle source
# File lib/devise/parameter_sanitizer.rb, line 53
def sign_up
  permit self.for(:sign_up)
end

Private Instance Methods

attributes_for(kind) click to toggle source
# File lib/devise/parameter_sanitizer.rb, line 83
def attributes_for(kind)
  case kind
  when :sign_in
    auth_keys + [:password, :remember_me]
  when :sign_up
    auth_keys + [:password, :remember_me]
  when :account_update
    auth_keys + [:password, :current_password]
  end
end
auth_keys() click to toggle source
# File lib/devise/parameter_sanitizer.rb, line 94
def auth_keys
  @auth_keys ||= @resource_class.authentication_keys.respond_to?(:keys) ?
                   @resource_class.authentication_keys.keys : @resource_class.authentication_keys
end
default_for(kind) click to toggle source

Change for(kind) to return the values in the @permitted hash, allowing the developer to customize at runtime.

# File lib/devise/parameter_sanitizer.rb, line 71
def default_for(kind)
  @permitted[kind] || raise("No sanitizer provided for #{kind}")
end
default_sanitize(kind) click to toggle source
# File lib/devise/parameter_sanitizer.rb, line 75
def default_sanitize(kind)
  if respond_to?(kind, true)
    send(kind)
  else
    raise NotImplementedError, "Devise doesn't know how to sanitize parameters for #{kind}"
  end
end
permit(keys) click to toggle source

TODO: We do need to flatten so it works with strong_parameters gem. We should drop it once we move to Rails 4 only support.

# File lib/devise/parameter_sanitizer.rb, line 65
def permit(keys)
  default_params.permit(*Array(keys))
end