Sha256: 6b9690008954a163f581dff4f3af0a23b220ae03e957262a98bd58485a682a28

Contents?: true

Size: 1 KB

Versions: 6

Compression:

Stored size: 1 KB

Contents

module Searchgasm
  module Conditions
    # = Conditions Protection
    #
    # Adds protection from SQL injections. Just set protect = true and it will limit what kind of conditions it will accept.
    module Protection
      def self.included(klass)
        klass.class_eval do
          attr_reader :protect
          alias_method_chain :conditions=, :protection
        end
      end
      
      def conditions_with_protection=(conditions)
        unless conditions.is_a?(Hash)
          if protect?
            return if conditions.blank?
            raise(ArgumentError, "You can not pass SQL as conditions while the search is being protected, you can only pass a hash")
          end
        end
        
        self.conditions_without_protection = conditions
      end
      
      def protect=(value)
        associations.each { |name, obj| obj.protect = value }
        @protect = value
      end
      
      def protect?
        protect == true
      end
      alias_method :protected?, :protect?
    end
  end
end

Version data entries

6 entries across 6 versions & 1 rubygems

Version Path
searchgasm-1.4.0 lib/searchgasm/conditions/protection.rb
searchgasm-1.4.1 lib/searchgasm/conditions/protection.rb
searchgasm-1.5.3 lib/searchgasm/conditions/protection.rb
searchgasm-1.5.0 lib/searchgasm/conditions/protection.rb
searchgasm-1.5.1 lib/searchgasm/conditions/protection.rb
searchgasm-1.5.2 lib/searchgasm/conditions/protection.rb