Sha256: f930c931db52d6766d0f93c329662ac636622465cea967d5050de481838b4dd5
Contents?: true
Size: 1.2 KB
Versions: 4
Compression:
Stored size: 1.2 KB
Contents
# frozen_string_literal: true
module Devise
class ParameterFilter
def initialize(case_insensitive_keys, strip_whitespace_keys)
@case_insensitive_keys = case_insensitive_keys || []
@strip_whitespace_keys = strip_whitespace_keys || []
end
def filter(conditions)
conditions = stringify_params(conditions.dup)
conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :downcase, @case_insensitive_keys))
conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :strip, @strip_whitespace_keys))
conditions
end
def filtered_hash_by_method_for_given_keys(conditions, method, condition_keys)
condition_keys.each do |k|
value = conditions[k]
conditions[k] = value.send(method) if value.respond_to?(method)
end
conditions
end
# Force keys to be string to avoid injection on mongoid related database.
def stringify_params(conditions)
return conditions unless conditions.is_a?(Hash)
conditions.each do |k, v|
conditions[k] = v.to_s if param_requires_string_conversion?(v)
end
end
private
def param_requires_string_conversion?(value)
true
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems
| Version | Path |
|---|---|
| devise-4.4.3 | lib/devise/parameter_filter.rb |
| devise-4.4.2 | lib/devise/parameter_filter.rb |
| devise-4.4.1 | lib/devise/parameter_filter.rb |
| devise-4.4.0 | lib/devise/parameter_filter.rb |