Ruby: All Your Method are Belong to Me

-
Ruby has a curious approach to protecting instance variables, constants, and private methods.

I've often heard Java programmers criticize Python because it doesn't enforce privacy in any way. Personally, I think that it'd be great if Python could be fully sandboxed like JavaScript can, but sandboxing is a completely separate topic. Preventing a programmer who works on my team from calling a method that I've named _private_method isn't all that interesting to me. If he sees the fact that I've named the method with a leading underscore, and he still feels the need to call it, so be it.

Ruby does provide private instance variables, constants, and private methods, but really, those are just suggestions.

For instance, if you override a constant, you just get a warning:
irb(main):001:0> A = 1
=> 1
irb(main):002:0> A = 2
(irb):2: warning: already initialized constant A
=> 2
irb(main):003:0> puts A
2
=> nil
If you have an object, and you want to call a private method, you can just inject a method into that object in order to get access to the private method:
class SuperSecret
  private
  def secret
    puts "Wombats!"
  end
end

obj = SuperSecret.new
begin
  puts obj.secret
rescue
  puts "Yep, it blocked me properly."  # Yep, it gets blocked.
end

def obj.hack_the_secret
  secret
end

obj.hack_the_secret                    # Prints "Wombats!"
You can use the same "inject a method" trick to get access to instance variables:
def obj.get_a
  @a
end
In no way am I criticizing Ruby for this behavior. As I said, I think it's a bad situation if you can't trust your team members. I just wanted to point out that in Ruby, the protection mechanisms are really just suggestions ;)

Comments

Anonymous said…
You can also use instance_eval to get at instance variables:

obj.instance_eval { @a }
10:31 PM
Tom said…
Or #send.

obj.send(:private_method)
8:12 AM
jjinux said…
Wow, even #send doesn't enforce the constraints? That's crazy ;)
3:12 AM
Anonymous said…
Well, given security constraints are not set you can call private java method (using reflection and setAccessible(boolean))
2:48 PM
Anonymous said…
The intent in 1.9 is supposedly to switch it so that send does respect private vs non-private, and a different version (I think last I checked it was __send__) does not. The clearest way to get an instance variable, by the way, is instance_variable_get:

obj.instance_variable_get :@a

Similarly, you can set them via instance_variable_set. It turns out that the approach that it is `just a suggestion' is a common one in Ruby: show convention, but allow the programmer the flexibility to achieve what they want without getting in the way. In short, trust the programmer. This is a concept that is completely alien to Java's approach -- and that's why Java is usually better suited to the so-called `enterprise', where you often meet subpar coders who would blow entire cities up accidentally if they had the flexibility that Ruby provides.
5:30 PM
jjinux said…
> Well, given security constraints are not set you can call private java method (using reflection and setAccessible(boolean))

That's so awesome ;) Thanks for the comment!
4:22 PM
jjinux said…
> In short, trust the programmer.

I agree. Thanks for the comment ;)
4:23 PM
Josh Peters said…
private, protected, and public have a purpose: they keep folks away from the unstable parts of your API.

It's a very, very good thing to have a means by which you can keep programmers from inadvertently depending on what should be refactorable. That's what we're doing when we declare something private, we're saying "it may go away in a .x revision"
3:13 PM
Post a Comment