active_access¶ ↑
The ActiveAccess mixin makes it easy to limit access to ActiveModel and ActiveRecord attributes by declaring generated attribute accessor methods private.
Mixing the ActiveAcess::AttributeMethods
into a class that mixes in ActiveModel::AttributeMethods or is derived from ActiveRecord::Base adds the attr_private
and attr_private_writer
macros.
These macros change the behavior of define_attribute_methods
to declare generated attribute accessors private: attr_private
declares all accessors for an attribute private; attr_private_writer
declares only writer methods private.
ActiveAccess recognizes the following attribute reader method name patterns:
#name #name? #name_before_type_cast #name_changed? #name_change #name_was #_name
ActiveAccess recognizes the following attribute writer method name patterns:
#name= #name_will_change #reset_name!
Example¶ ↑
class Widget < ActiveRecord::Base include ActiveAccess::AttributeMethods attr_private_writer :read_me attr_private :secret end Widget.new.respond_to? :read_me # => true Widget.new.read_me = "new value" # raises NoMethodError Widget.new.respond_to? :secret # => false Widget.new.secret = "new value" # raises NoMethodError
Limitations¶ ↑
ActiveAccess only restricts access to named attribute accessors. Unnamed accessors such as ActiveRecord read_attribute
and write_attribute
as well as hash-style access are not restricted. Attribute aliases are also unrestricted.
ActiveRecord does not allow attributes with private writers to be initialized (i.e. passed as parameters to new
) or mass-assigned (passed as parameters to assign_attributes
or attributes=
).
Copyright¶ ↑
Copyright © 2012 Riley Lynch, Teleological Software, LLC. See LICENSE.txt for further details.