active_attr 0.7.0 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of active_attr might be problematic. Click here for more details.
- data/.travis.yml +11 -1
- data/CHANGELOG.md +9 -0
- data/Gemfile +4 -6
- data/README.md +29 -11
- data/active_attr.gemspec +3 -3
- data/gemfiles/rails_3_2.gemfile +11 -0
- data/gemfiles/rails_head.gemfile +3 -0
- data/lib/active_attr.rb +0 -1
- data/lib/active_attr/mass_assignment.rb +30 -2
- data/lib/active_attr/matchers/have_attribute_matcher.rb +17 -4
- data/lib/active_attr/model.rb +2 -2
- data/lib/active_attr/typecasting/big_decimal_typecaster.rb +2 -0
- data/lib/active_attr/typecasting/date_typecaster.rb +1 -1
- data/lib/active_attr/version.rb +1 -1
- data/spec/functional/active_attr/attribute_defaults_spec.rb +12 -12
- data/spec/functional/active_attr/attributes_spec.rb +12 -12
- data/spec/functional/active_attr/chainable_initialization_spec.rb +3 -3
- data/spec/functional/active_attr/mass_assignment_spec.rb +125 -0
- data/spec/functional/active_attr/matchers/have_attribute_matcher_spec.rb +147 -66
- data/spec/functional/active_attr/model_spec.rb +27 -19
- data/spec/functional/active_attr/serialization_spec.rb +5 -5
- data/spec/functional/active_attr/typecasted_attributes_spec.rb +45 -45
- data/spec/support/mass_assignment_shared_examples.rb +12 -12
- data/spec/unit/active_attr/attribute_defaults_spec.rb +6 -6
- data/spec/unit/active_attr/attribute_definition_spec.rb +6 -6
- data/spec/unit/active_attr/attributes_spec.rb +38 -38
- data/spec/unit/active_attr/logger_spec.rb +16 -16
- data/spec/unit/active_attr/mass_assignment_spec.rb +1 -1
- data/spec/unit/active_attr/matchers_spec.rb +3 -4
- data/spec/unit/active_attr/query_attributes_spec.rb +75 -75
- data/spec/unit/active_attr/typecasted_attributes_spec.rb +10 -10
- data/spec/unit/active_attr/typecasting/big_decimal_typecaster_spec.rb +9 -7
- data/spec/unit/active_attr/typecasting/boolean_typecaster_spec.rb +27 -25
- data/spec/unit/active_attr/typecasting/date_time_typecaster_spec.rb +12 -10
- data/spec/unit/active_attr/typecasting/date_typecaster_spec.rb +14 -12
- data/spec/unit/active_attr/typecasting/float_typecaster_spec.rb +6 -4
- data/spec/unit/active_attr/typecasting/integer_typecaster_spec.rb +8 -6
- data/spec/unit/active_attr/typecasting/object_typecaster_spec.rb +3 -1
- data/spec/unit/active_attr/typecasting/string_typecaster_spec.rb +5 -3
- data/spec/unit/active_attr/typecasting_spec.rb +3 -5
- data/spec/unit/active_attr/version_spec.rb +5 -5
- metadata +20 -17
- data/lib/active_attr/mass_assignment_security.rb +0 -54
- data/spec/functional/active_attr/mass_assignment_security_spec.rb +0 -45
- data/spec/unit/active_attr/mass_assignment_security_spec.rb +0 -67
|
@@ -4,10 +4,12 @@ require "active_attr/typecasting/object_typecaster"
|
|
|
4
4
|
module ActiveAttr
|
|
5
5
|
module Typecasting
|
|
6
6
|
describe ObjectTypecaster do
|
|
7
|
+
subject(:typecaster) { described_class.new }
|
|
8
|
+
|
|
7
9
|
describe "#call" do
|
|
8
10
|
it "returns the original object for any object" do
|
|
9
11
|
value = mock
|
|
10
|
-
|
|
12
|
+
typecaster.call(value).should equal value
|
|
11
13
|
end
|
|
12
14
|
end
|
|
13
15
|
end
|
|
@@ -5,18 +5,20 @@ require "active_support/basic_object"
|
|
|
5
5
|
module ActiveAttr
|
|
6
6
|
module Typecasting
|
|
7
7
|
describe StringTypecaster do
|
|
8
|
+
subject(:typecaster) { described_class.new }
|
|
9
|
+
|
|
8
10
|
describe "#call" do
|
|
9
11
|
it "returns the original string for a String" do
|
|
10
12
|
value = "abc"
|
|
11
|
-
|
|
13
|
+
typecaster.call(value).should equal value
|
|
12
14
|
end
|
|
13
15
|
|
|
14
16
|
it "casts nil to an empty String" do
|
|
15
|
-
|
|
17
|
+
typecaster.call(nil).should eql ""
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
it "returns the string version of a Symbol" do
|
|
19
|
-
|
|
21
|
+
typecaster.call(:value).should eql "value"
|
|
20
22
|
end
|
|
21
23
|
end
|
|
22
24
|
end
|
|
@@ -3,7 +3,7 @@ require "active_attr/typecasting"
|
|
|
3
3
|
|
|
4
4
|
module ActiveAttr
|
|
5
5
|
describe Typecasting do
|
|
6
|
-
subject { model_class.new }
|
|
6
|
+
subject(:model) { model_class.new }
|
|
7
7
|
|
|
8
8
|
let :model_class do
|
|
9
9
|
Class.new do
|
|
@@ -13,11 +13,11 @@ module ActiveAttr
|
|
|
13
13
|
|
|
14
14
|
describe "#typecast_attribute" do
|
|
15
15
|
it "raises an ArgumentError when a nil type is given" do
|
|
16
|
-
expect {
|
|
16
|
+
expect { model.typecast_attribute(nil, "foo") }.to raise_error(ArgumentError, "a typecaster must be given")
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
it "raises an ArgumentError when the given typecaster argument does not respond to #call" do
|
|
20
|
-
expect {
|
|
20
|
+
expect { model.typecast_attribute(Object.new, "foo") }.to raise_error(ArgumentError, "a typecaster must be given")
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
it "returns the original value when the value is nil" do
|
|
@@ -26,8 +26,6 @@ module ActiveAttr
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
describe "#typecaster_for" do
|
|
29
|
-
let(:model) { model_class.new }
|
|
30
|
-
|
|
31
29
|
it "returns BigDecimalTypecaster for BigDecimal" do
|
|
32
30
|
model.typecaster_for(BigDecimal).should be_a_kind_of Typecasting::BigDecimalTypecaster
|
|
33
31
|
end
|
|
@@ -9,10 +9,10 @@ module ActiveAttr
|
|
|
9
9
|
|
|
10
10
|
describe "is compliant with Semantic Versioning <http://semver.org/>" do
|
|
11
11
|
let(:gem_version) { Gem::Version.new VERSION }
|
|
12
|
-
subject { gem_version }
|
|
12
|
+
subject(:version) { gem_version }
|
|
13
13
|
|
|
14
|
-
it {
|
|
15
|
-
it {
|
|
14
|
+
it { version.should have_at_least(3).segments }
|
|
15
|
+
it { version.should have_at_most(5).segments }
|
|
16
16
|
|
|
17
17
|
describe "major version" do
|
|
18
18
|
subject { gem_version.segments[0] }
|
|
@@ -33,10 +33,10 @@ module ActiveAttr
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
describe "pre-release version" do
|
|
36
|
-
subject { VERSION.split(".")[3] }
|
|
36
|
+
subject(:pre_release_version) { VERSION.split(".")[3] }
|
|
37
37
|
|
|
38
38
|
it "is nil or starts with a letter and is alphanumeric" do
|
|
39
|
-
(
|
|
39
|
+
(pre_release_version.nil? || pre_release_version =~ /^[A-Za-z][0-9A-Za-z]*?/).should be_true
|
|
40
40
|
end
|
|
41
41
|
end
|
|
42
42
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: active_attr
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.8.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2013-05-02 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activemodel
|
|
@@ -82,7 +82,7 @@ dependencies:
|
|
|
82
82
|
version: '2.2'
|
|
83
83
|
- - <
|
|
84
84
|
- !ruby/object:Gem::Version
|
|
85
|
-
version: '
|
|
85
|
+
version: '5.0'
|
|
86
86
|
type: :development
|
|
87
87
|
prerelease: false
|
|
88
88
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -93,23 +93,29 @@ dependencies:
|
|
|
93
93
|
version: '2.2'
|
|
94
94
|
- - <
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: '
|
|
96
|
+
version: '5.0'
|
|
97
97
|
- !ruby/object:Gem::Dependency
|
|
98
98
|
name: rake
|
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
|
100
100
|
none: false
|
|
101
101
|
requirements:
|
|
102
|
-
- -
|
|
102
|
+
- - ! '>='
|
|
103
103
|
- !ruby/object:Gem::Version
|
|
104
104
|
version: 0.9.0
|
|
105
|
+
- - <
|
|
106
|
+
- !ruby/object:Gem::Version
|
|
107
|
+
version: '10.1'
|
|
105
108
|
type: :development
|
|
106
109
|
prerelease: false
|
|
107
110
|
version_requirements: !ruby/object:Gem::Requirement
|
|
108
111
|
none: false
|
|
109
112
|
requirements:
|
|
110
|
-
- -
|
|
113
|
+
- - ! '>='
|
|
111
114
|
- !ruby/object:Gem::Version
|
|
112
115
|
version: 0.9.0
|
|
116
|
+
- - <
|
|
117
|
+
- !ruby/object:Gem::Version
|
|
118
|
+
version: '10.1'
|
|
113
119
|
- !ruby/object:Gem::Dependency
|
|
114
120
|
name: rspec
|
|
115
121
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -117,7 +123,7 @@ dependencies:
|
|
|
117
123
|
requirements:
|
|
118
124
|
- - ~>
|
|
119
125
|
- !ruby/object:Gem::Version
|
|
120
|
-
version: '2.
|
|
126
|
+
version: '2.11'
|
|
121
127
|
type: :development
|
|
122
128
|
prerelease: false
|
|
123
129
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -125,7 +131,7 @@ dependencies:
|
|
|
125
131
|
requirements:
|
|
126
132
|
- - ~>
|
|
127
133
|
- !ruby/object:Gem::Version
|
|
128
|
-
version: '2.
|
|
134
|
+
version: '2.11'
|
|
129
135
|
- !ruby/object:Gem::Dependency
|
|
130
136
|
name: tzinfo
|
|
131
137
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -164,6 +170,7 @@ files:
|
|
|
164
170
|
- active_attr.gemspec
|
|
165
171
|
- gemfiles/rails_3_0.gemfile
|
|
166
172
|
- gemfiles/rails_3_1.gemfile
|
|
173
|
+
- gemfiles/rails_3_2.gemfile
|
|
167
174
|
- gemfiles/rails_head.gemfile
|
|
168
175
|
- lib/active_attr.rb
|
|
169
176
|
- lib/active_attr/attribute_defaults.rb
|
|
@@ -176,7 +183,6 @@ files:
|
|
|
176
183
|
- lib/active_attr/error.rb
|
|
177
184
|
- lib/active_attr/logger.rb
|
|
178
185
|
- lib/active_attr/mass_assignment.rb
|
|
179
|
-
- lib/active_attr/mass_assignment_security.rb
|
|
180
186
|
- lib/active_attr/matchers.rb
|
|
181
187
|
- lib/active_attr/matchers/have_attribute_matcher.rb
|
|
182
188
|
- lib/active_attr/model.rb
|
|
@@ -201,7 +207,7 @@ files:
|
|
|
201
207
|
- spec/functional/active_attr/attribute_defaults_spec.rb
|
|
202
208
|
- spec/functional/active_attr/attributes_spec.rb
|
|
203
209
|
- spec/functional/active_attr/chainable_initialization_spec.rb
|
|
204
|
-
- spec/functional/active_attr/
|
|
210
|
+
- spec/functional/active_attr/mass_assignment_spec.rb
|
|
205
211
|
- spec/functional/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
206
212
|
- spec/functional/active_attr/model_spec.rb
|
|
207
213
|
- spec/functional/active_attr/query_attributes_spec.rb
|
|
@@ -220,7 +226,6 @@ files:
|
|
|
220
226
|
- spec/unit/active_attr/dangerous_attribute_error_spec.rb
|
|
221
227
|
- spec/unit/active_attr/error_spec.rb
|
|
222
228
|
- spec/unit/active_attr/logger_spec.rb
|
|
223
|
-
- spec/unit/active_attr/mass_assignment_security_spec.rb
|
|
224
229
|
- spec/unit/active_attr/mass_assignment_spec.rb
|
|
225
230
|
- spec/unit/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
226
231
|
- spec/unit/active_attr/matchers_spec.rb
|
|
@@ -253,7 +258,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
253
258
|
version: '0'
|
|
254
259
|
segments:
|
|
255
260
|
- 0
|
|
256
|
-
hash:
|
|
261
|
+
hash: 712620086539529581
|
|
257
262
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
258
263
|
none: false
|
|
259
264
|
requirements:
|
|
@@ -262,10 +267,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
262
267
|
version: '0'
|
|
263
268
|
segments:
|
|
264
269
|
- 0
|
|
265
|
-
hash:
|
|
270
|
+
hash: 712620086539529581
|
|
266
271
|
requirements: []
|
|
267
272
|
rubyforge_project:
|
|
268
|
-
rubygems_version: 1.8.
|
|
273
|
+
rubygems_version: 1.8.25
|
|
269
274
|
signing_key:
|
|
270
275
|
specification_version: 3
|
|
271
276
|
summary: What ActiveModel left out
|
|
@@ -273,7 +278,7 @@ test_files:
|
|
|
273
278
|
- spec/functional/active_attr/attribute_defaults_spec.rb
|
|
274
279
|
- spec/functional/active_attr/attributes_spec.rb
|
|
275
280
|
- spec/functional/active_attr/chainable_initialization_spec.rb
|
|
276
|
-
- spec/functional/active_attr/
|
|
281
|
+
- spec/functional/active_attr/mass_assignment_spec.rb
|
|
277
282
|
- spec/functional/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
278
283
|
- spec/functional/active_attr/model_spec.rb
|
|
279
284
|
- spec/functional/active_attr/query_attributes_spec.rb
|
|
@@ -292,7 +297,6 @@ test_files:
|
|
|
292
297
|
- spec/unit/active_attr/dangerous_attribute_error_spec.rb
|
|
293
298
|
- spec/unit/active_attr/error_spec.rb
|
|
294
299
|
- spec/unit/active_attr/logger_spec.rb
|
|
295
|
-
- spec/unit/active_attr/mass_assignment_security_spec.rb
|
|
296
300
|
- spec/unit/active_attr/mass_assignment_spec.rb
|
|
297
301
|
- spec/unit/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
298
302
|
- spec/unit/active_attr/matchers_spec.rb
|
|
@@ -311,4 +315,3 @@ test_files:
|
|
|
311
315
|
- spec/unit/active_attr/typecasting_spec.rb
|
|
312
316
|
- spec/unit/active_attr/unknown_attribute_error_spec.rb
|
|
313
317
|
- spec/unit/active_attr/version_spec.rb
|
|
314
|
-
has_rdoc:
|
|
@@ -1,54 +0,0 @@
|
|
|
1
|
-
require "active_attr/mass_assignment"
|
|
2
|
-
require "active_support/concern"
|
|
3
|
-
require "active_model"
|
|
4
|
-
|
|
5
|
-
module ActiveAttr
|
|
6
|
-
# MassAssignmentSecurity allows you to bulk set and update a blacklist or
|
|
7
|
-
# whitelist of attributes
|
|
8
|
-
#
|
|
9
|
-
# Including MassAssignmentSecurity extends all {ActiveAttr::MassAssignment}
|
|
10
|
-
# methods to honor any declared attribute permissions.
|
|
11
|
-
#
|
|
12
|
-
# @example Usage
|
|
13
|
-
# class Person
|
|
14
|
-
# include ActiveAttr::MassAssignmentSecurity
|
|
15
|
-
# end
|
|
16
|
-
#
|
|
17
|
-
# @since 0.3.0
|
|
18
|
-
module MassAssignmentSecurity
|
|
19
|
-
extend ActiveSupport::Concern
|
|
20
|
-
include MassAssignment
|
|
21
|
-
include ActiveModel::MassAssignmentSecurity
|
|
22
|
-
|
|
23
|
-
# Mass update a model's attributes, honoring attribute permissions
|
|
24
|
-
#
|
|
25
|
-
# @param (see MassAssignment#assign_attributes)
|
|
26
|
-
# @param [Hash, #[]] options Options that affect mass assignment
|
|
27
|
-
#
|
|
28
|
-
# @option options [Symbol] :as (:default) Mass assignment role
|
|
29
|
-
# @option options [true, false] :without_protection (false) Bypass mass
|
|
30
|
-
# assignment security if true
|
|
31
|
-
#
|
|
32
|
-
# @since 0.3.0
|
|
33
|
-
def assign_attributes(new_attributes, options={})
|
|
34
|
-
if new_attributes && !options[:without_protection]
|
|
35
|
-
mass_assignment_role = options[:as] || :default
|
|
36
|
-
new_attributes = sanitize_for_mass_assignment_with_or_without_role new_attributes, mass_assignment_role
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
super
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
private
|
|
43
|
-
|
|
44
|
-
# Rails 3.0 has no roles support in mass assignment
|
|
45
|
-
# @since 0.7.0
|
|
46
|
-
def sanitize_for_mass_assignment_with_or_without_role(new_attributes, mass_assignment_role)
|
|
47
|
-
if method(:sanitize_for_mass_assignment).arity.abs > 1
|
|
48
|
-
sanitize_for_mass_assignment new_attributes, mass_assignment_role
|
|
49
|
-
else
|
|
50
|
-
sanitize_for_mass_assignment new_attributes
|
|
51
|
-
end
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
end
|
|
@@ -1,45 +0,0 @@
|
|
|
1
|
-
require "spec_helper"
|
|
2
|
-
require "active_attr/mass_assignment_security"
|
|
3
|
-
|
|
4
|
-
module ActiveAttr
|
|
5
|
-
describe MassAssignmentSecurity, :mass_assignment do
|
|
6
|
-
context "integrating with strong_parameters", :active_model_version => "~> 3.2.0" do
|
|
7
|
-
subject { model_class }
|
|
8
|
-
|
|
9
|
-
before do
|
|
10
|
-
require "strong_parameters"
|
|
11
|
-
|
|
12
|
-
model_class.class_eval do
|
|
13
|
-
include ActiveAttr::MassAssignmentSecurity
|
|
14
|
-
include ActiveModel::ForbiddenAttributesProtection
|
|
15
|
-
attr_accessor :age
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
shared_examples "strong mass assignment method", :strong_mass_assignment_method => true do
|
|
20
|
-
it "raises if provided parameters when none are permitted" do
|
|
21
|
-
expect { mass_assign_attributes(ActionController::Parameters.new(:age => 21)) }.to raise_error ActiveModel::ForbiddenAttributes
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
it "sets a permitted parameter" do
|
|
25
|
-
person = mass_assign_attributes(ActionController::Parameters.new(:age => 21).permit(:age))
|
|
26
|
-
person.age.should == 21
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
it "does not set forbidden parameters" do
|
|
30
|
-
person = mass_assign_attributes(ActionController::Parameters.new(:age => 21).permit(:first_name))
|
|
31
|
-
person.age.should be_nil
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
it "continues to set normal attributes" do
|
|
35
|
-
person = mass_assign_attributes(:age => 21)
|
|
36
|
-
person.age.should == 21
|
|
37
|
-
end
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
describe "#assign_attributes", :assign_attributes, :strong_mass_assignment_method
|
|
41
|
-
describe "#attributes=", :attributes=, :strong_mass_assignment_method
|
|
42
|
-
describe "#initialize", :initialize, :strong_mass_assignment_method
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
end
|
|
@@ -1,67 +0,0 @@
|
|
|
1
|
-
require "spec_helper"
|
|
2
|
-
require "active_attr/mass_assignment_security"
|
|
3
|
-
|
|
4
|
-
module ActiveAttr
|
|
5
|
-
describe MassAssignmentSecurity, :mass_assignment do
|
|
6
|
-
subject { model_class }
|
|
7
|
-
|
|
8
|
-
before do
|
|
9
|
-
model_class.class_eval do
|
|
10
|
-
include MassAssignmentSecurity
|
|
11
|
-
attr_accessor :age
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
shared_examples "secure mass assignment method", :secure_mass_assignment_method => true do
|
|
16
|
-
include_examples "mass assignment method"
|
|
17
|
-
|
|
18
|
-
it "ignores assigning an attribute protected by role-based security", :active_model_version => ">= 3.1.0" do
|
|
19
|
-
person = mass_assign_attributes(:age => 21)
|
|
20
|
-
person.age.should be_nil
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
it "ignores assigning a protected attribute" do
|
|
24
|
-
person = mass_assign_attributes(:first_name => "Chris")
|
|
25
|
-
person.age.should be_nil
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
shared_examples "secure mass assignment method with options", :secure_mass_assignment_method_with_options => true do
|
|
30
|
-
it "supports role-based mass assignment security", :active_model_version => ">= 3.1.0" do
|
|
31
|
-
person = mass_assign_attributes_with_options({ :age => 21 }, :as => :admin)
|
|
32
|
-
person.age.should == 21
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
it "skips security if passed the :without_protection option" do
|
|
36
|
-
person = mass_assign_attributes_with_options({ :age => 21 }, :without_protection => true)
|
|
37
|
-
person.age.should == 21
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
context "white listing attributes" do
|
|
42
|
-
before do
|
|
43
|
-
model_class.class_eval do
|
|
44
|
-
attr_accessible :first_name, :last_name, :name
|
|
45
|
-
attr_accessible :age, :as => :admin
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
describe "#assign_attributes", :assign_attributes, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
50
|
-
describe "#attributes=", :attributes=, :secure_mass_assignment_method
|
|
51
|
-
describe "#initialize", :initialize, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
context "black listing attributes" do
|
|
55
|
-
before do
|
|
56
|
-
model_class.class_eval do
|
|
57
|
-
attr_protected :age
|
|
58
|
-
attr_protected :as => :admin
|
|
59
|
-
end
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
describe "#assign_attributes", :assign_attributes, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
63
|
-
describe "#attributes=", :attributes=, :secure_mass_assignment_method
|
|
64
|
-
describe "#initialize", :initialize, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
65
|
-
end
|
|
66
|
-
end
|
|
67
|
-
end
|