The attr_readable Plugin for Ruby on Rails let’s you define and control read access to individual attributes of an ActiveRecord.
The attr_readable plugin’s design goal is to provide a mechanism for role-based authorizing access to individual attributes of an ActiveRecord, where the mechanism closely resembles the interface of the mass-assignment access control provided by Rails.
The exepression attr_readable can be used inside the class defintion of an ActiveRecord to provide a list of readable attributes. The list can be appended with a specification of the role that should be granted read access:
attr_readable :attribute_1, :attribute_2, :as => :user
Arbitrary symbols area accetable as roles. If no role is provided, then :default is used.
attr_readable :attribute # same as using :as => :default
It’s possible to set attribute accessibility for several roles at once by passing several role-symbols in an array.
class Model < ActiveRecord::Base attr_readable :id, :name, :as => [ :default, :user, :admin ] end
would have the same result as
class Model < ActiveRecord::Base attr_readable :id, :name, :as => :default attr_readable :id, :name, :as => :user attr_readable :id, :name, :as => :admin end
In both the above examples only the attributes :id and :name are marked as readable for the three specified roles. Please note, an unkown role has access to no attributes by default.
You can access the list of attributes readable by a apecific role using the accessor method readable_attributes(role).
Model.readable_attributes(:admin) # => [ :id, :name ] Model.readable_attributes(:other_role) # => [ ]
Besides this mechanism to manage a list of readable attributes for several roles, the module provides several methods for sanitizing instances of the ActiveRecord according to the specified rules. Most important is the instance method #sanitized_hash(role) that returns a hash of only the readable attributes and their values for a given role.
Examples:
instance = Model.create( :name => 'a_name', :other_attribute => 'a_value' ) instance.sanitized_hash(:admin) # => { :id => 1, :name => 'a_name' } instance.sanitized_hash(:other_role) # => { }
The module also provides two more class methods for sanitation:
-
sanitized_hash_from_model- Returns a sanitized hash for the specified instance of the model. -
sanitized_hash_from_hash- Returns a sanitzized hash created from the specified hash according to the readable attributes of the model.
Just call
rails plugin install git://github.com/wackadoo/attr_readable.git
inside your rails project. The plugin will be placed in vendor/plugins/ .
Copyright © 2011 Sascha Lange, released under MIT license