public
Created

Security Article Part 2 - 5

  • Download Gist
user.rb
Ruby
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
# Migration
create_table :users do |t|
t.boolean :can_do_dangerous_things, null: false
#...
t.timestamps
end
 
class User < ActiveRecord::Base
# Blacklisting attribute
attr_protected :can_do_dangerous_things
before_create do
return true if @permissions_set
self.permissions = {
:can_do_dangerous_things => false
#...
}
true
end
def permissions=(hash)
self.can_do_dangerous_things = hash[:can_do_dangerous_things]
#...
@permissions_set = true
end
end

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.