Closed ndguarino closed 3 years ago
Hey @ndguarino thanks for the PR. We already have a separate method to do exactly this — get_phi
(https://github.com/apsislabs/phi_attrs/blob/main/lib/phi_attrs/phi_record.rb#L116-L133). The reason that this is a separate method from allow_phi
with a block is to avoid an accidental return.
Take the following example:
def my_phi_safe_method
phi_record.allow_phi('wyatt', 'reason') do
phi_record.do_phi_sensitive_thing!
end
end
class PhiRecord
def do_phi_sensitive_thing!
@global_variable = self.birthday
end
end
Recognizing this is a pretty contrived example, the nature of ruby's default return means that, without it really being obvious, we've accidentally written my_phi_safe_method
to return the PHI attribute birthday
outside of a PHI context.