class Hoodoo::ActiveRecord::Secure::SecurityHelper
Help build security exemption Procs to pass into Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with
via its options Hash. The following extends an example given in the documentation (at the time of writing here) for the underlying implementation method Hoodoo::ActiveRecord::Secure::ClassMethods#secure
:
class Audit < ActiveRecord::Base include Hoodoo::ActiveRecord::Secure secure_with( { :creating_caller_uuid => :authorised_caller_uuids }, { :exemptions => Hoodoo::ActiveRecord::Secure::SecurityHelper::includes_wildcard( '*' ) } ) end
Note that the Hoodoo::ActiveRecord::Secure
module includes some belper constants to aid brevity for common cases such as the single value #eql?
or enumerable #include?
matchers checking for a ‘*’ as an indiscriminate wildcard - see for example Hoodoo::ActiveRecord::Secure::ENUMERABLE_INCLUDES_STAR.
Public Class Methods
Match a given wildcard, typically a String, to a single value via #eql?
.
wildcard_value
-
Wildcard value to match, e.g.
'*'
.
Returns a Proc suitable for passing to the :exemptions
option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with
.
# File lib/hoodoo/active/active_record/security_helper.rb, line 52 def self.eqls_wildcard( wildcard_value ) Proc.new do | security_value | security_value.eql?( wildcard_value ) rescue false end end
Match a given wildcard, typically a String, inside an Enumerable subclass via #include?
.
wildcard_value
-
Wildcard value to match, e.g.
'*'
.
Returns a Proc suitable for passing to the :exemptions
option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with
.
# File lib/hoodoo/active/active_record/security_helper.rb, line 66 def self.includes_wildcard( wildcard_value ) Proc.new do | security_values | security_values.is_a?( Enumerable ) && security_values.include?( wildcard_value ) rescue false end end
Match a given wildcard Regexp to a value via #match?
.
wildcard_value
-
Wildcard Regexp to use, e.g.
/.*/
. Strings are coerced to Regexps without any escaping but doing so reduces performance.
Returns a Proc suitable for passing to the :exemptions
option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with
.
# File lib/hoodoo/active/active_record/security_helper.rb, line 82 def self.matches_wildcard( wildcard_regexp ) wildcard_regexp = Regexp.new( wildcard_regexp ) unless wildcard_regexp.is_a?( Regexp ) Proc.new do | security_value | security_value.match?( wildcard_regexp ) rescue false end end
Match a given wildcard Regexp to any value in an enumerable object via iteration and #match?
. Exists with true
as soon as any match is made.
wildcard_value
-
Wildcard Regexp to use, e.g.
/.*/
. Strings are coerced to Regexps without any escaping but doing so reduces performance.
Returns a Proc suitable for passing to the :exemptions
option for Hoodoo::ActiveRecord::Secure::ClassMethods#secure_with
.
# File lib/hoodoo/active/active_record/security_helper.rb, line 101 def self.matches_wildcard_enumerable( wildcard_regexp ) match_proc = self.matches_wildcard( wildcard_regexp ) Proc.new do | security_values | begin security_values.any? do | security_value | match_proc.call( security_value ) end rescue false end end end