Is there a way to write a DSL which limits the access by a user? Since
this
is Ruby, they could write any arbitrary expression such as
MyModel.delete_all
My users would not do this on purpose, but perhaps by accident.
I have read some about Sandboxes, but don’t see how it would
prevent something like this.
Thanks in advance,
Don Mc
On Mar 26, 10:10 am, “Don.Mc” [email protected] wrote:
Is there a way to write a DSL which limits the access by a user? Since
this
is Ruby, they could write any arbitrary expression such as
MyModel.delete_allMy users would not do this on purpose, but perhaps by accident.
I have read some about Sandboxes, but don’t see how it would
prevent something like this.
Sandboxes can be created by setting the Safe Level for your
application. Ruby has a variable $SAFE which controls the Safe Level.
To create a sandbox, set up your enviroment using the default Safe
Level (0) and then raise the Safe Level to 4, the highest level. At
Safe Level 4 there can be no subsequent changes to the environment.
This may be more than you want and may limit the effectiveness of your
DSL. Try it out – see if will work for you.
Dale,
Thanks! That is exactly what I needed.
Regards,
Don McClean
On Mar 26, 10:26 am, “Dale M.” [email protected]
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs