module ActiveModel::MassAssignmentSecurity::Sanitizer

def debug_protected_attribute_removal(attributes, sanitized_attributes)

def debug_protected_attribute_removal(attributes, sanitized_attributes)
  removed_keys = attributes.keys - sanitized_attributes.keys
  warn!(removed_keys) if removed_keys.any?
end

def sanitize(attributes)

Returns all attributes not denied by the authorizer.

def sanitize(attributes)
  sanitized_attributes = attributes.reject { |key, value| deny?(key) }
  debug_protected_attribute_removal(attributes, sanitized_attributes)
  sanitized_attributes
end

def warn!(attrs)

def warn!(attrs)
  self.logger.debug "WARNING: Can't mass-assign protected attributes: #{attrs.join(', ')}" if self.logger
end

Instance Methods

Defined in

lib/active_model/mass_assignment_security/sanitizer.rb