Skip to content
/ attr_readable Public

Rails-plugin that allows to specify read access to ActiveModel attributes in a similar way attr_accessible does for write access.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

wackadoo/attr_readable

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
lib/active_record
lib/active_record
 
 
test
test
 
 
.gitignore
.gitignore
 
 
MIT-LICENSE
MIT-LICENSE
 
 
README.rdoc
README.rdoc
 
 
Rakefile
Rakefile
 
 
init.rb
init.rb
 
 

Repository files navigation

attr_readable

The attr_readable Plugin for Ruby on Rails let’s you define and control read access to individual attributes of an ActiveRecord.

The attr_readable plugin’s design goal is to provide a mechanism for role-based authorizing access to individual attributes of an ActiveRecord, where the mechanism closely resembles the interface of the mass-assignment access control provided by Rails.

Usage

The exepression attr_readable can be used inside the class defintion of an ActiveRecord to provide a list of readable attributes. The list can be appended with a specification of the role that should be granted read access:

attr_readable :attribute_1, :attribute_2, :as => :user

Arbitrary symbols area accetable as roles. If no role is provided, then :default is used.

attr_readable :attribute   # same as using :as => :default

It’s possible to set attribute accessibility for several roles at once by passing several role-symbols in an array.

class Model < ActiveRecord::Base
  attr_readable :id, :name, :as => [ :default, :user, :admin ]
end

would have the same result as

class Model < ActiveRecord::Base
  attr_readable :id, :name, :as => :default
  attr_readable :id, :name, :as => :user
  attr_readable :id, :name, :as => :admin 
end

In both the above examples only the attributes :id and :name are marked as readable for the three specified roles. Please note, an unkown role has access to no attributes by default.

You can access the list of attributes readable by a apecific role using the accessor method readable_attributes(role).

Model.readable_attributes(:admin)        # => [ :id, :name ]
Model.readable_attributes(:other_role)   # => [ ]

Besides this mechanism to manage a list of readable attributes for several roles, the module provides several methods for sanitizing instances of the ActiveRecord according to the specified rules. Most important is the instance method #sanitized_hash(role) that returns a hash of only the readable attributes and their values for a given role.

Examples:

instance = Model.create( :name => 'a_name', :other_attribute => 'a_value' )
instance.sanitized_hash(:admin)        # => { :id => 1, :name => 'a_name' }
instance.sanitized_hash(:other_role)   # => { }

The module also provides two more class methods for sanitation:

  • sanitized_hash_from_model - Returns a sanitized hash for the specified instance of the model.

  • sanitized_hash_from_hash - Returns a sanitzized hash created from the specified hash according to the readable attributes of the model.

Installation

Just call

rails plugin install git://github.com/wackadoo/attr_readable.git

inside your rails project. The plugin will be placed in vendor/plugins/ .

Copyright © 2011 Sascha Lange, released under MIT license

About

Rails-plugin that allows to specify read access to ActiveModel attributes in a similar way attr_accessible does for write access.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

34 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages