class Devise::ParameterFilter
Public Class Methods
new(case_insensitive_keys, strip_whitespace_keys)
click to toggle source
# File lib/devise/parameter_filter.rb, line 4 def initialize(case_insensitive_keys, strip_whitespace_keys) @case_insensitive_keys = case_insensitive_keys || [] @strip_whitespace_keys = strip_whitespace_keys || [] end
Public Instance Methods
filter(conditions)
click to toggle source
# File lib/devise/parameter_filter.rb, line 9 def filter(conditions) conditions = stringify_params(conditions.dup) conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :downcase, @case_insensitive_keys)) conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :strip, @strip_whitespace_keys)) conditions end
filtered_hash_by_method_for_given_keys(conditions, method, condition_keys)
click to toggle source
# File lib/devise/parameter_filter.rb, line 18 def filtered_hash_by_method_for_given_keys(conditions, method, condition_keys) condition_keys.each do |k| value = conditions[k] conditions[k] = value.send(method) if value.respond_to?(method) end conditions end
stringify_params(conditions)
click to toggle source
Force keys to be string to avoid injection on mongoid related database.
# File lib/devise/parameter_filter.rb, line 28 def stringify_params(conditions) return conditions unless conditions.is_a?(Hash) conditions.each do |k, v| conditions[k] = v.to_s if param_requires_string_conversion?(v) end end
Private Instance Methods
param_requires_string_conversion?(value)
click to toggle source
# File lib/devise/parameter_filter.rb, line 37 def param_requires_string_conversion?(value) true end