attribute_ext 1.0

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,4 @@
1
+ *.gem
2
+ .bundle
3
+ Gemfile.lock
4
+ pkg/*
data/.project ADDED
@@ -0,0 +1,18 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <projectDescription>
3
+ <name>attribute_ext</name>
4
+ <comment></comment>
5
+ <projects>
6
+ </projects>
7
+ <buildSpec>
8
+ <buildCommand>
9
+ <name>com.aptana.ide.core.unifiedBuilder</name>
10
+ <arguments>
11
+ </arguments>
12
+ </buildCommand>
13
+ </buildSpec>
14
+ <natures>
15
+ <nature>com.aptana.ruby.core.rubynature</nature>
16
+ <nature>com.aptana.projects.webnature</nature>
17
+ </natures>
18
+ </projectDescription>
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "http://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in attribute_ext.gemspec
4
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,187 @@
1
+ Apache License
2
+ Version 2.0, January 2004
3
+ http://www.apache.org/licenses/
4
+
5
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6
+
7
+ 1. Definitions.
8
+
9
+ "License" shall mean the terms and conditions for use, reproduction,
10
+ and distribution as defined by Sections 1 through 9 of this document.
11
+
12
+ "Licensor" shall mean the copyright owner or entity authorized by
13
+ the copyright owner that is granting the License.
14
+
15
+ "Legal Entity" shall mean the union of the acting entity and all
16
+ other entities that control, are controlled by, or are under common
17
+ control with that entity. For the purposes of this definition,
18
+ "control" means (i) the power, direct or indirect, to cause the
19
+ direction or management of such entity, whether by contract or
20
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
21
+ outstanding shares, or (iii) beneficial ownership of such entity.
22
+
23
+ "You" (or "Your") shall mean an individual or Legal Entity
24
+ exercising permissions granted by this License.
25
+
26
+ "Source" form shall mean the preferred form for making modifications,
27
+ including but not limited to software source code, documentation
28
+ source, and configuration files.
29
+
30
+ "Object" form shall mean any form resulting from mechanical
31
+ transformation or translation of a Source form, including but
32
+ not limited to compiled object code, generated documentation,
33
+ and conversions to other media types.
34
+
35
+ "Work" shall mean the work of authorship, whether in Source or
36
+ Object form, made available under the License, as indicated by a
37
+ copyright notice that is included in or attached to the work
38
+ (an example is provided in the Appendix below).
39
+
40
+ "Derivative Works" shall mean any work, whether in Source or Object
41
+ form, that is based on (or derived from) the Work and for which the
42
+ editorial revisions, annotations, elaborations, or other modifications
43
+ represent, as a whole, an original work of authorship. For the purposes
44
+ of this License, Derivative Works shall not include works that remain
45
+ separable from, or merely link (or bind by name) to the interfaces of,
46
+ the Work and Derivative Works thereof.
47
+
48
+ "Contribution" shall mean any work of authorship, including
49
+ the original version of the Work and any modifications or additions
50
+ to that Work or Derivative Works thereof, that is intentionally
51
+ submitted to Licensor for inclusion in the Work by the copyright owner
52
+ or by an individual or Legal Entity authorized to submit on behalf of
53
+ the copyright owner. For the purposes of this definition, "submitted"
54
+ means any form of electronic, verbal, or written communication sent
55
+ to the Licensor or its representatives, including but not limited to
56
+ communication on electronic mailing lists, source code control systems,
57
+ and issue tracking systems that are managed by, or on behalf of, the
58
+ Licensor for the purpose of discussing and improving the Work, but
59
+ excluding communication that is conspicuously marked or otherwise
60
+ designated in writing by the copyright owner as "Not a Contribution."
61
+
62
+ "Contributor" shall mean Licensor and any individual or Legal Entity
63
+ on behalf of whom a Contribution has been received by Licensor and
64
+ subsequently incorporated within the Work.
65
+
66
+ 2. Grant of Copyright License. Subject to the terms and conditions of
67
+ this License, each Contributor hereby grants to You a perpetual,
68
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69
+ copyright license to reproduce, prepare Derivative Works of,
70
+ publicly display, publicly perform, sublicense, and distribute the
71
+ Work and such Derivative Works in Source or Object form.
72
+
73
+ 3. Grant of Patent License. Subject to the terms and conditions of
74
+ this License, each Contributor hereby grants to You a perpetual,
75
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76
+ (except as stated in this section) patent license to make, have made,
77
+ use, offer to sell, sell, import, and otherwise transfer the Work,
78
+ where such license applies only to those patent claims licensable
79
+ by such Contributor that are necessarily infringed by their
80
+ Contribution(s) alone or by combination of their Contribution(s)
81
+ with the Work to which such Contribution(s) was submitted. If You
82
+ institute patent litigation against any entity (including a
83
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
84
+ or a Contribution incorporated within the Work constitutes direct
85
+ or contributory patent infringement, then any patent licenses
86
+ granted to You under this License for that Work shall terminate
87
+ as of the date such litigation is filed.
88
+
89
+ 4. Redistribution. You may reproduce and distribute copies of the
90
+ Work or Derivative Works thereof in any medium, with or without
91
+ modifications, and in Source or Object form, provided that You
92
+ meet the following conditions:
93
+
94
+ (a) You must give any other recipients of the Work or
95
+ Derivative Works a copy of this License; and
96
+
97
+ (b) You must cause any modified files to carry prominent notices
98
+ stating that You changed the files; and
99
+
100
+ (c) You must retain, in the Source form of any Derivative Works
101
+ that You distribute, all copyright, patent, trademark, and
102
+ attribution notices from the Source form of the Work,
103
+ excluding those notices that do not pertain to any part of
104
+ the Derivative Works; and
105
+
106
+ (d) If the Work includes a "NOTICE" text file as part of its
107
+ distribution, then any Derivative Works that You distribute must
108
+ include a readable copy of the attribution notices contained
109
+ within such NOTICE file, excluding those notices that do not
110
+ pertain to any part of the Derivative Works, in at least one
111
+ of the following places: within a NOTICE text file distributed
112
+ as part of the Derivative Works; within the Source form or
113
+ documentation, if provided along with the Derivative Works; or,
114
+ within a display generated by the Derivative Works, if and
115
+ wherever such third-party notices normally appear. The contents
116
+ of the NOTICE file are for informational purposes only and
117
+ do not modify the License. You may add Your own attribution
118
+ notices within Derivative Works that You distribute, alongside
119
+ or as an addendum to the NOTICE text from the Work, provided
120
+ that such additional attribution notices cannot be construed
121
+ as modifying the License.
122
+
123
+ You may add Your own copyright statement to Your modifications and
124
+ may provide additional or different license terms and conditions
125
+ for use, reproduction, or distribution of Your modifications, or
126
+ for any such Derivative Works as a whole, provided Your use,
127
+ reproduction, and distribution of the Work otherwise complies with
128
+ the conditions stated in this License.
129
+
130
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
131
+ any Contribution intentionally submitted for inclusion in the Work
132
+ by You to the Licensor shall be under the terms and conditions of
133
+ this License, without any additional terms or conditions.
134
+ Notwithstanding the above, nothing herein shall supersede or modify
135
+ the terms of any separate license agreement you may have executed
136
+ with Licensor regarding such Contributions.
137
+
138
+ 6. Trademarks. This License does not grant permission to use the trade
139
+ names, trademarks, service marks, or product names of the Licensor,
140
+ except as required for reasonable and customary use in describing the
141
+ origin of the Work and reproducing the content of the NOTICE file.
142
+
143
+ 7. Disclaimer of Warranty. Unless required by applicable law or
144
+ agreed to in writing, Licensor provides the Work (and each
145
+ Contributor provides its Contributions) on an "AS IS" BASIS,
146
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147
+ implied, including, without limitation, any warranties or conditions
148
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149
+ PARTICULAR PURPOSE. You are solely responsible for determining the
150
+ appropriateness of using or redistributing the Work and assume any
151
+ risks associated with Your exercise of permissions under this License.
152
+
153
+ 8. Limitation of Liability. In no event and under no legal theory,
154
+ whether in tort (including negligence), contract, or otherwise,
155
+ unless required by applicable law (such as deliberate and grossly
156
+ negligent acts) or agreed to in writing, shall any Contributor be
157
+ liable to You for damages, including any direct, indirect, special,
158
+ incidental, or consequential damages of any character arising as a
159
+ result of this License or out of the use or inability to use the
160
+ Work (including but not limited to damages for loss of goodwill,
161
+ work stoppage, computer failure or malfunction, or any and all
162
+ other commercial damages or losses), even if such Contributor
163
+ has been advised of the possibility of such damages.
164
+
165
+ 9. Accepting Warranty or Additional Liability. While redistributing
166
+ the Work or Derivative Works thereof, You may choose to offer,
167
+ and charge a fee for, acceptance of support, warranty, indemnity,
168
+ or other liability obligations and/or rights consistent with this
169
+ License. However, in accepting such obligations, You may act only
170
+ on Your own behalf and on Your sole responsibility, not on behalf
171
+ of any other Contributor, and only if You agree to indemnify,
172
+ defend, and hold each Contributor harmless for any liability
173
+ incurred by, or claims asserted against, such Contributor by reason
174
+ of your accepting any such warranty or additional liability.
175
+
176
+ END OF TERMS AND CONDITIONS
177
+
178
+ APPENDIX: How to apply the Apache License to your work.
179
+
180
+ To apply the Apache License to your work, attach the following
181
+ boilerplate notice, with the fields enclosed by brackets "[]"
182
+ replaced with your own identifying information. (Don't include
183
+ the brackets!) The text should be enclosed in the appropriate
184
+ comment syntax for the file format. We also recommend that a
185
+ file or class name and description of purpose be included on the
186
+ same "printed page" as the copyright notice for easier
187
+ identification within third-party archives.
data/README.md ADDED
@@ -0,0 +1,98 @@
1
+
2
+ AttributeExt
3
+ ============
4
+
5
+ Copyright (C) 2011 Jan Graichen
6
+
7
+ AttributeExt provides additional access control for rails model attributes.
8
+ It contains two modules one to protect attributes from mass assignment and one
9
+ to hide attributes when serializing models.
10
+
11
+ Changelog
12
+ ---------
13
+
14
+ Sep 1, 2011
15
+
16
+ HiddenAttributes works on included model when serializing to json by hooking
17
+ into serializable_hash now. Therefore it is possible to hide attributes when
18
+ serializing to hash via serializable_hash method too.
19
+ But by default rules will not be checked on serializable_hash, you have to
20
+ add `:on_hash => true` to hide_attributes to enabled it for this rule.
21
+
22
+ Update: SafeAttributes works now with Rails 3.1 mass_assignment_authorizer that
23
+ provides a role and pass this role to if and unless blocks as second
24
+ parameter. Not tested but should also work with old mass_assignment_authorizer.
25
+
26
+
27
+ AttributeExt::HiddenAttributes
28
+ ------------------------------
29
+
30
+ Hides attributes when converting model to XML or JSON. Attributes can be
31
+ dynamically hidden using if or unless Procs.
32
+
33
+ Examples:
34
+
35
+ Only shows API access key when user has API access.
36
+
37
+ class User < ActiveRecord::Base
38
+ hide_attributes :api_access_key, :unless => Proc.new { |user| user.api_access? }
39
+ end
40
+
41
+ Always hide password hash and password salt. Hide email if user do not want to
42
+ show his email.
43
+
44
+ class User < ActiveRecord::Base
45
+ hide_attributes :password_hash, :password_salt
46
+ hide_attributes :email, :if => Proc.new { |user| user.hide_email? }
47
+ end
48
+
49
+
50
+ Additional options are available in if and unless blocks:
51
+
52
+ Only hide email when serialzing to json.
53
+
54
+ class User < ActiveRecord::Base
55
+ hide_attributes :email, :if => Proc.new { |user, format| format == :json }
56
+ end
57
+
58
+ Hide user_id if associated user model will be included. This rule will also
59
+ apply when calling serializable_hash.
60
+
61
+ class Event < ActiveRecord::Base
62
+ belongs_to :user
63
+ hide_attributes :user_id, :on_hash => true, :if => Proc.new { |event, format, opts| opts[:include].include?(:user) }
64
+ end
65
+
66
+
67
+ AttributeExt::SafeAttributes
68
+ ----------------------------
69
+
70
+ Protects attributes from mass assignment using rails mass assignment authorizer.
71
+ Also support Proc blocks.
72
+
73
+ Examples:
74
+
75
+ Never allow mass assignment for attribute.
76
+
77
+ class User < ActiveRecord::Base
78
+ safe_attributes :attribute
79
+ end
80
+
81
+ Attributes 'login', 'admin' and 'status' can only be mass assigned if current
82
+ user is an admin.
83
+
84
+ class User < ActiveRecord::Base
85
+ safe_attributes :login, :admin, :status, :if => Proc.new { User.current.admin? }
86
+ end
87
+
88
+ Message text can not be mass assigned when post is locked.
89
+
90
+ class Message < ActiveRecord::Base
91
+ safe_attributes :text, :unless => Proc.new { |msg| msg.locked? }
92
+ end
93
+
94
+ License
95
+ -------
96
+
97
+ AttributeExt is licensed under the Apache License, Version 2.0.
98
+ See LICENSE for more information.
data/Rakefile ADDED
@@ -0,0 +1,2 @@
1
+ require 'rake'
2
+ require 'bundler/gem_tasks'
@@ -0,0 +1,19 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+
4
+ Gem::Specification.new do |s|
5
+ s.name = "attribute_ext"
6
+ s.version = "1.0"
7
+ s.authors = ["Jan Graichen"]
8
+ s.email = ["jan.graichen@altimos.de"]
9
+ s.homepage = "https://github.com/jgraichen/attribute_ext"
10
+ s.summary = %q{AttributeExt provides additional access control for rails model attributes.}
11
+ s.description = %q{AttributeExt provides additional access control for rails model attributes.}
12
+
13
+ s.rubyforge_project = "attribute_ext"
14
+
15
+ s.files = `git ls-files`.split("\n")
16
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
17
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
18
+ s.require_paths = ["lib"]
19
+ end
data/init.rb ADDED
@@ -0,0 +1,2 @@
1
+
2
+ require 'attribute_ext'
@@ -0,0 +1,79 @@
1
+ module AttributeExt
2
+ module HiddenAttributes
3
+ def self.included(base)
4
+ base.extend(ClassMethods)
5
+ base.alias_method_chain :to_xml, :hidden_attrs
6
+ base.alias_method_chain :as_json, :hidden_attrs
7
+ base.alias_method_chain :serializable_hash, :hidden_attrs
8
+ end
9
+
10
+ module ClassMethods
11
+ def hide_attributes(*attrs)
12
+ @hidden_attributes ||= []
13
+ if attrs.empty?
14
+ @hidden_attributes
15
+ else
16
+ options = attrs.last.is_a?(Hash) ? attrs.pop : {}
17
+ @hidden_attributes << [attrs, options]
18
+ end
19
+ end
20
+ end
21
+
22
+ def to_xml_with_hidden_attrs(options = nil, &block)
23
+ options ||= {}
24
+ options[:except] = [] unless options[:except].is_a?(Array)
25
+ options[:except] += hidden_attribute_names(:xml, options)
26
+
27
+ to_xml_without_hidden_attrs(options)
28
+ end
29
+
30
+ def as_json_with_hidden_attrs(options = nil, &block)
31
+ options ||= {}
32
+ options[:except] = [] unless options[:except].is_a?(Array)
33
+ options[:except] += hidden_attribute_names(:json, options)
34
+ options[:hidden_attributes_json_export] = true
35
+
36
+ as_json_without_hidden_attrs(options)
37
+ end
38
+
39
+ def serializable_hash_with_hidden_attrs(options = nil)
40
+ options ||= {}
41
+ options[:except] = [] unless options[:except].is_a?(Array)
42
+ if options[:hidden_attributes_json_export]
43
+ options[:except] += hidden_attribute_names(:json, options)
44
+ else
45
+ options[:except] += hidden_attribute_names(:hash, options)
46
+ end
47
+
48
+ serializable_hash_without_hidden_attrs(options)
49
+ end
50
+
51
+ private
52
+
53
+ def hidden_attribute_names(format, options)
54
+ names = []
55
+
56
+ self.class.hide_attributes.collect do |attrs, opts|
57
+ if (format != :hash or opts[:on_hash]) && # only apply rules on hashs when wanted
58
+ (opts[:if].nil? or hidden_attr_call_block(opts[:if], format, options)) && # if block
59
+ (opts[:unless].nil? or !hidden_attr_call_block(opts[:unless], format, options)) # unless block
60
+ names += attrs.collect(&:to_s)
61
+ end
62
+ end
63
+ names.uniq
64
+ end
65
+
66
+ def hidden_attr_call_block(block, format, opts)
67
+ case block.arity
68
+ when 0
69
+ return block.call
70
+ when 1
71
+ return block.call(self)
72
+ when 2
73
+ return block.call(self, format)
74
+ else
75
+ return block.call(self, format, opts)
76
+ end
77
+ end
78
+ end
79
+ end
@@ -0,0 +1,49 @@
1
+ module AttributeExt
2
+ module SafeAttributes
3
+ def self.included(base)
4
+ base.extend(ClassMethods)
5
+ end
6
+
7
+ module ClassMethods
8
+ def safe_attributes(*attrs)
9
+ @safe_attributes ||= []
10
+ if attrs.empty?
11
+ @safe_attributes
12
+ else
13
+ options = attrs.last.is_a?(Hash) ? attrs.pop : {}
14
+ @safe_attributes << [attrs, options]
15
+ end
16
+ end
17
+ end
18
+
19
+ def safe_attribute_names(role = :default)
20
+ names = []
21
+ self.class.safe_attributes.collect do |attrs, options|
22
+ if (options[:if].nil? || safe_attrs_call_block(options[:if], role)) && # if
23
+ (options[:unless].nil? || !safe_attrs_call_block(options[:unless], role)) # unless
24
+ names += attrs.collect(&:to_s)
25
+ end
26
+ end
27
+ names.uniq
28
+ end
29
+
30
+ def safe_attrs_call_block(block, role)
31
+ case block.arity
32
+ when 0
33
+ return block.call
34
+ when 1
35
+ return block.call(self)
36
+ else
37
+ return block.call(self, role)
38
+ end
39
+ end
40
+
41
+ def mass_assignment_authorizer(role = nil)
42
+ if role.nil?
43
+ super + safe_attribute_names(:default)
44
+ else
45
+ super(role) + safe_attribute_names(role)
46
+ end
47
+ end
48
+ end
49
+ end
@@ -0,0 +1,6 @@
1
+
2
+ require 'attribute_ext/hidden_attributes'
3
+ require 'attribute_ext/safe_attributes'
4
+
5
+ ActiveRecord::Base.send :include, AttributeExt::HiddenAttributes
6
+ ActiveRecord::Base.send :include, AttributeExt::SafeAttributes
metadata ADDED
@@ -0,0 +1,75 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: attribute_ext
3
+ version: !ruby/object:Gem::Version
4
+ hash: 15
5
+ prerelease:
6
+ segments:
7
+ - 1
8
+ - 0
9
+ version: "1.0"
10
+ platform: ruby
11
+ authors:
12
+ - Jan Graichen
13
+ autorequire:
14
+ bindir: bin
15
+ cert_chain: []
16
+
17
+ date: 2011-09-16 00:00:00 Z
18
+ dependencies: []
19
+
20
+ description: AttributeExt provides additional access control for rails model attributes.
21
+ email:
22
+ - jan.graichen@altimos.de
23
+ executables: []
24
+
25
+ extensions: []
26
+
27
+ extra_rdoc_files: []
28
+
29
+ files:
30
+ - .gitignore
31
+ - .project
32
+ - Gemfile
33
+ - LICENSE
34
+ - README.md
35
+ - Rakefile
36
+ - attribute_ext.gemspec
37
+ - init.rb
38
+ - lib/attribute_ext.rb
39
+ - lib/attribute_ext/hidden_attributes.rb
40
+ - lib/attribute_ext/safe_attributes.rb
41
+ homepage: https://github.com/jgraichen/attribute_ext
42
+ licenses: []
43
+
44
+ post_install_message:
45
+ rdoc_options: []
46
+
47
+ require_paths:
48
+ - lib
49
+ required_ruby_version: !ruby/object:Gem::Requirement
50
+ none: false
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ hash: 3
55
+ segments:
56
+ - 0
57
+ version: "0"
58
+ required_rubygems_version: !ruby/object:Gem::Requirement
59
+ none: false
60
+ requirements:
61
+ - - ">="
62
+ - !ruby/object:Gem::Version
63
+ hash: 3
64
+ segments:
65
+ - 0
66
+ version: "0"
67
+ requirements: []
68
+
69
+ rubyforge_project: attribute_ext
70
+ rubygems_version: 1.8.6
71
+ signing_key:
72
+ specification_version: 3
73
+ summary: AttributeExt provides additional access control for rails model attributes.
74
+ test_files: []
75
+