Sha256: 1ef25d70c8b2e8400e4396b109f99da7a8a8ef4b3695573158ed803d1c077724

Contents?: true

Size: 1.34 KB

Versions: 4

Compression:

Stored size: 1.34 KB

Contents

module Devise
  module Models
    # This module redefines properties_to_serialize in models for more
    # secure defaults. By default, it removes from the serializable model
    # all attributes whose writer or reader is *not* public. You can remove this default
    # by using :force_except and passing a new list of attributes you want
    # to exempt. All attributes given to :exclude will simply add names to
    # exempt to Devise internal list.
    module Serializable
      extend ActiveSupport::Concern

      def properties_to_serialize(options=nil)
        options ||= {}
        if options.key?(:force_except) || options.key?(:force_exclude)
          options[:exclude] = options.delete(:force_except) || options.delete(:force_exclude)
          super(options)
        else
          except = Array(options[:exclude]) + Array(options[:except])
          super(options.merge(:exclude => except + self.class.blacklist_keys))
        end
      end

      # Get back to DataMapper's #to_xml.
      def to_xml(*args)
        super
      end

      module ClassMethods
        # Returns keys that should be removed when serializing the record.
        def blacklist_keys
          @blacklist_keys ||= properties.select { |property| property.reader_visibility != :public || property.writer_visibility != :public }.map(&:name)
        end
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
dm-devise-2.0.1 lib/devise/orm/data_mapper/serializable.rb
dm-devise-2.0.0 lib/devise/orm/data_mapper/serializable.rb
dm-devise-1.5.0 lib/devise/orm/data_mapper/serializable.rb
dm-devise-1.5.0.beta lib/devise/orm/data_mapper/serializable.rb