RubygemsResearch

Sha256: b3478930c5314c987c84e3abefa7a74a7456adb9dc23f22ffe0f6e08d2367db9

Contents?: true

Size: 669 Bytes

Versions: 8

Compression:

Stored size: 669 Bytes

module ResourcesController::Sorting
  private

  def load_collection_scope
    add_order_scope(super)
  end

  def add_order_scope(base_scope)
    if params[:sort_by].present?
      if params[:sort_by].include?(' ') || params[:sort_direction].include?(' ')
        raise "Possible SQL Injection attempt while trying to sort by #{params[:sort_by]} #{params[:sort_direction]}"
      end

      sort_direction = (params[:sort_direction] || :asc)

      if Rails.version < '4.0.0'
        base_scope.order("#{params[:sort_by]} #{sort_direction}")
      else
        base_scope.order(params[:sort_by] => sort_direction)
      end
    else
      base_scope
    end
  end
end

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
rails-add_ons-2.0.2	app/concerns/resources_controller/sorting.rb
rails-add_ons-2.0.1	app/concerns/resources_controller/sorting.rb
rails-add_ons-2.0.0	app/concerns/resources_controller/sorting.rb
rails-add_ons-1.5.2	app/concerns/resources_controller/sorting.rb
rails-add_ons-1.5.1	app/concerns/resources_controller/sorting.rb
rails-add_ons-1.5.0	app/concerns/resources_controller/sorting.rb
rails-add_ons-1.4.1	app/concerns/resources_controller/sorting.rb
rails-add_ons-1.4.0	app/concerns/resources_controller/sorting.rb