RubyGems - accessible_for - Versions diffs - 0.2.1 → 0.3.0 - Mend

accessible_for 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

data/README.markdown +31 -27
data/lib/accessible_for.rb +20 -4
data/lib/mass_assignment_backport.rb +4 -18
data/test/accessible_for_test.rb +22 -0
data/test/mass_assignment_test.rb +12 -2
metadata +1 -1

data/README.markdown CHANGED

@@ -17,21 +17,20 @@ called accessible_for. They provide identical functionality.
 # Usage
-## ActiveModel-workalike API
-    require 'mass_assignment_backport'
+This is primarily intended for use in controller code. It should be possible
+to use this with an ActiveRecord model as well, provided you use the
+accessible_for API (to avoid name conflicts).
-    class TacoShop < Controller
-      include MassAssignmentBackport
+## accessible_for API
-      # when no role is specified, :default is used
-      attr_accessible :rating
+    require 'accessible_for'
-      # you can specify multiple roles
-      attr_accessible :filling, :topping, :as => [:default, :manager]
+    class TacoShop < Controller
+      include AccessibleFor
-      # and add to existing roles
-      attr_accessible :price, :as => :manager
+      # there are no implicit roles and you can declare only one group at a time
+      accessible_for :default => [ :filling, :topping, :rating ]
+      accessible_for :manager => [ :filling, :topping, :price ]
       def update
         Taco.find(params[:id]).update_attributes!(taco_params)
@@ -40,22 +39,31 @@ called accessible_for. They provide identical functionality.
       protected
       def taco_params
-        # use sanitize_for_mass_assignment to build a safe hash given a role.
-        # when nothing/nil is passed for the role, :default is used
-        sanitize_for_mass_assignment params[:taco], current_user.manager? ? :manager : nil
+        # use sanitize_for(role, params) to build a safe hash
+        # again, there is no implicit role
+        if current_user.manager?
+          sanitize_for :manager, params[:taco]
+        else
+          sanitize_for :default, params[:taco]
+        end
       end
     end
-## accessible_for API
+## ActiveModel-workalike API
-    require 'accessible_for'
+    require 'mass_assignment_backport'
     class TacoShop < Controller
-      include AccessibleFor
+      include MassAssignmentBackport
-      # there are no implicit roles and you can declare only one group at a time
-      accessible_for :default => [ :filling, :topping, :rating ]
-      accessible_for :manager => [ :filling, :topping, :price ]
+      # when no role is specified, :default is used
+      attr_accessible :rating
+      # you can specify multiple roles
+      attr_accessible :filling, :topping, :as => [:default, :manager]
+      # and add to existing roles
+      attr_accessible :price, :as => :manager
       def update
         Taco.find(params[:id]).update_attributes!(taco_params)
@@ -64,13 +72,9 @@ called accessible_for. They provide identical functionality.
       protected
       def taco_params
-        # use sanitize_for(role, params) to build a safe hash
-        # again, there is no implicit role
-        if current_user.manager?
-          sanitize_for :manager, params[:taco]
-        else
-          sanitize_for :default, params[:taco]
-        end
+        # use sanitize_for_mass_assignment to build a safe hash given a role.
+        # when nothing/nil is passed for the role, :default is used
+        sanitize_for_mass_assignment params[:taco], current_user.manager? ? :manager : nil
       end
     end

data/lib/accessible_for.rb CHANGED

@@ -1,23 +1,39 @@
 require 'mass_assignment_backport'
 module AccessibleFor
-  VERSION = "0.2.1"
+  VERSION = "0.3.0"
   def self.included(mod)
-    mod.send :include, MassAssignmentBackport
     mod.extend ClassMethods
   end
   module ClassMethods
+    attr_accessor :_accessible_attributes
     def accessible_for params
       params.each do |role, attrs|
-        attr_accessible *([attrs].flatten.push(:as => role))
+        self._accessible_attributes ||= {}
+        [role].flatten.each do |name|
+          self._accessible_attributes[name] ||= []
+          self._accessible_attributes[name] += [attrs].flatten
+        end
       end
     end
   end
   def sanitize_for role, values
-    sanitize_for_mass_assignment values, role
+    return nil if values.nil?
+    if !self.class._accessible_attributes || self.class._accessible_attributes[role].nil?
+      return {}
+    end
+    {}.tap do |result|
+      values.each do |k, v|
+        if self.class._accessible_attributes[role].include?(k.to_sym)
+          yield k, v if block_given?
+          result[k] = v
+        end
+      end
+    end
   end
 end

data/lib/mass_assignment_backport.rb CHANGED

@@ -1,18 +1,15 @@
 module MassAssignmentBackport
   def self.included(mod)
+    mod.send :include, AccessibleFor
     mod.extend ClassMethods
   end
   module ClassMethods
-    attr_accessor :_accessible_attributes
     def attr_accessible *args
       options = args.last.kind_of?(Hash) ? args.pop : {}
       role = options[:as] || :default
-      self._accessible_attributes ||= {}
-      [role].flatten.each do |name|
-        self._accessible_attributes[name] = accessible_attributes(name) + args
-      end
+      accessible_for role => args
     end
     def accessible_attributes role=:default
@@ -20,19 +17,8 @@ module MassAssignmentBackport
     end
   end
-  def sanitize_for_mass_assignment values, role=:default
-    return nil if values.nil?
-    if !self.class._accessible_attributes || self.class._accessible_attributes[role].nil?
-      return values
-    end
-    {}.tap do |result|
-      values.each do |k, v|
-        if self.class._accessible_attributes[role].include?(k.to_sym)
-          yield k, v if block_given?
-          result[k] = v
-        end
-      end
-    end
+  def sanitize_for_mass_assignment values, role=:default, &block
+    sanitize_for role, values, &block
   end
 end

data/test/accessible_for_test.rb CHANGED

@@ -5,6 +5,19 @@ class AccessibleForTest < MiniTest::Unit::TestCase
   accessible_for :default => :topping
   accessible_for :manager => [:price, :topping]
+  def test_nil_params
+    assert_nil sanitize_for(:default, nil)
+  end
+  def test_block_form
+    result = {}
+    sanitize_for(:default, :topping => 'salsa', :price => 123, :extra => 'foo') do |k,v|
+      result[k] = v
+    end
+    assert result.has_key?(:topping), "block gets accessible key"
+    assert !result.has_key?(:price),  "block does not get inaccessible key"
+  end
   def test_accessible_default
     default = sanitize_for :default, :topping => 'salsa', :price => 123, :extra => 'foo'
     assert default.has_key?(:topping), "default gets accessible key"
@@ -19,6 +32,15 @@ class AccessibleForTest < MiniTest::Unit::TestCase
     assert !manager.has_key?(:extra),  "role does not get extra key"
   end
+  class UnspecifiedTest
+    include MassAssignmentBackport
+  end
+  def test_unspecified_strips_values
+    unspec = UnspecifiedTest.new
+    assert_equal({}, unspec.sanitize_for(:default, :foo => :bar, :baz => :wubbo))
+  end
   class SubTest
     include AccessibleFor
     accessible_for :default => :toasted

data/test/mass_assignment_test.rb CHANGED

@@ -8,6 +8,16 @@ class MassAssignmentTest < MiniTest::Unit::TestCase
   def test_nil_params
     assert_nil sanitize_for_mass_assignment(nil)
   end
+  def test_block_form
+    result = {}
+    sanitize_for_mass_assignment(:topping => 'salsa', :price => 123, :extra => 'foo') do |k,v|
+      result[k] = v
+    end
+    assert result.has_key?(:topping), "block gets accessible key"
+    assert !result.has_key?(:price),  "block does not get inaccessible key"
+  end
   def test_accessible_default
     default = sanitize_for_mass_assignment :topping => 'salsa', :price => 123, :extra => 'foo'
     assert default.has_key?(:topping), "default gets accessible key"
@@ -26,9 +36,9 @@ class MassAssignmentTest < MiniTest::Unit::TestCase
     include MassAssignmentBackport
   end
-  def test_unspecified_passes_values
+  def test_unspecified_strips_values
     unspec = UnspecifiedTest.new
-    assert_equal({:foo => :bar, :baz => :wubbo }, unspec.sanitize_for_mass_assignment(:foo => :bar, :baz => :wubbo))
+    assert_equal({}, unspec.sanitize_for_mass_assignment(:foo => :bar, :baz => :wubbo))
   end
   class SubTest

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: accessible_for
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0
   prerelease:
 platform: ruby
 authors: