active_attr 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of active_attr might be problematic. Click here for more details.
- data/.travis.yml +11 -1
- data/CHANGELOG.md +9 -0
- data/Gemfile +4 -6
- data/README.md +29 -11
- data/active_attr.gemspec +3 -3
- data/gemfiles/rails_3_2.gemfile +11 -0
- data/gemfiles/rails_head.gemfile +3 -0
- data/lib/active_attr.rb +0 -1
- data/lib/active_attr/mass_assignment.rb +30 -2
- data/lib/active_attr/matchers/have_attribute_matcher.rb +17 -4
- data/lib/active_attr/model.rb +2 -2
- data/lib/active_attr/typecasting/big_decimal_typecaster.rb +2 -0
- data/lib/active_attr/typecasting/date_typecaster.rb +1 -1
- data/lib/active_attr/version.rb +1 -1
- data/spec/functional/active_attr/attribute_defaults_spec.rb +12 -12
- data/spec/functional/active_attr/attributes_spec.rb +12 -12
- data/spec/functional/active_attr/chainable_initialization_spec.rb +3 -3
- data/spec/functional/active_attr/mass_assignment_spec.rb +125 -0
- data/spec/functional/active_attr/matchers/have_attribute_matcher_spec.rb +147 -66
- data/spec/functional/active_attr/model_spec.rb +27 -19
- data/spec/functional/active_attr/serialization_spec.rb +5 -5
- data/spec/functional/active_attr/typecasted_attributes_spec.rb +45 -45
- data/spec/support/mass_assignment_shared_examples.rb +12 -12
- data/spec/unit/active_attr/attribute_defaults_spec.rb +6 -6
- data/spec/unit/active_attr/attribute_definition_spec.rb +6 -6
- data/spec/unit/active_attr/attributes_spec.rb +38 -38
- data/spec/unit/active_attr/logger_spec.rb +16 -16
- data/spec/unit/active_attr/mass_assignment_spec.rb +1 -1
- data/spec/unit/active_attr/matchers_spec.rb +3 -4
- data/spec/unit/active_attr/query_attributes_spec.rb +75 -75
- data/spec/unit/active_attr/typecasted_attributes_spec.rb +10 -10
- data/spec/unit/active_attr/typecasting/big_decimal_typecaster_spec.rb +9 -7
- data/spec/unit/active_attr/typecasting/boolean_typecaster_spec.rb +27 -25
- data/spec/unit/active_attr/typecasting/date_time_typecaster_spec.rb +12 -10
- data/spec/unit/active_attr/typecasting/date_typecaster_spec.rb +14 -12
- data/spec/unit/active_attr/typecasting/float_typecaster_spec.rb +6 -4
- data/spec/unit/active_attr/typecasting/integer_typecaster_spec.rb +8 -6
- data/spec/unit/active_attr/typecasting/object_typecaster_spec.rb +3 -1
- data/spec/unit/active_attr/typecasting/string_typecaster_spec.rb +5 -3
- data/spec/unit/active_attr/typecasting_spec.rb +3 -5
- data/spec/unit/active_attr/version_spec.rb +5 -5
- metadata +20 -17
- data/lib/active_attr/mass_assignment_security.rb +0 -54
- data/spec/functional/active_attr/mass_assignment_security_spec.rb +0 -45
- data/spec/unit/active_attr/mass_assignment_security_spec.rb +0 -67
|
@@ -4,10 +4,12 @@ require "active_attr/typecasting/object_typecaster"
|
|
|
4
4
|
module ActiveAttr
|
|
5
5
|
module Typecasting
|
|
6
6
|
describe ObjectTypecaster do
|
|
7
|
+
subject(:typecaster) { described_class.new }
|
|
8
|
+
|
|
7
9
|
describe "#call" do
|
|
8
10
|
it "returns the original object for any object" do
|
|
9
11
|
value = mock
|
|
10
|
-
|
|
12
|
+
typecaster.call(value).should equal value
|
|
11
13
|
end
|
|
12
14
|
end
|
|
13
15
|
end
|
|
@@ -5,18 +5,20 @@ require "active_support/basic_object"
|
|
|
5
5
|
module ActiveAttr
|
|
6
6
|
module Typecasting
|
|
7
7
|
describe StringTypecaster do
|
|
8
|
+
subject(:typecaster) { described_class.new }
|
|
9
|
+
|
|
8
10
|
describe "#call" do
|
|
9
11
|
it "returns the original string for a String" do
|
|
10
12
|
value = "abc"
|
|
11
|
-
|
|
13
|
+
typecaster.call(value).should equal value
|
|
12
14
|
end
|
|
13
15
|
|
|
14
16
|
it "casts nil to an empty String" do
|
|
15
|
-
|
|
17
|
+
typecaster.call(nil).should eql ""
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
it "returns the string version of a Symbol" do
|
|
19
|
-
|
|
21
|
+
typecaster.call(:value).should eql "value"
|
|
20
22
|
end
|
|
21
23
|
end
|
|
22
24
|
end
|
|
@@ -3,7 +3,7 @@ require "active_attr/typecasting"
|
|
|
3
3
|
|
|
4
4
|
module ActiveAttr
|
|
5
5
|
describe Typecasting do
|
|
6
|
-
subject { model_class.new }
|
|
6
|
+
subject(:model) { model_class.new }
|
|
7
7
|
|
|
8
8
|
let :model_class do
|
|
9
9
|
Class.new do
|
|
@@ -13,11 +13,11 @@ module ActiveAttr
|
|
|
13
13
|
|
|
14
14
|
describe "#typecast_attribute" do
|
|
15
15
|
it "raises an ArgumentError when a nil type is given" do
|
|
16
|
-
expect {
|
|
16
|
+
expect { model.typecast_attribute(nil, "foo") }.to raise_error(ArgumentError, "a typecaster must be given")
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
it "raises an ArgumentError when the given typecaster argument does not respond to #call" do
|
|
20
|
-
expect {
|
|
20
|
+
expect { model.typecast_attribute(Object.new, "foo") }.to raise_error(ArgumentError, "a typecaster must be given")
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
it "returns the original value when the value is nil" do
|
|
@@ -26,8 +26,6 @@ module ActiveAttr
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
describe "#typecaster_for" do
|
|
29
|
-
let(:model) { model_class.new }
|
|
30
|
-
|
|
31
29
|
it "returns BigDecimalTypecaster for BigDecimal" do
|
|
32
30
|
model.typecaster_for(BigDecimal).should be_a_kind_of Typecasting::BigDecimalTypecaster
|
|
33
31
|
end
|
|
@@ -9,10 +9,10 @@ module ActiveAttr
|
|
|
9
9
|
|
|
10
10
|
describe "is compliant with Semantic Versioning <http://semver.org/>" do
|
|
11
11
|
let(:gem_version) { Gem::Version.new VERSION }
|
|
12
|
-
subject { gem_version }
|
|
12
|
+
subject(:version) { gem_version }
|
|
13
13
|
|
|
14
|
-
it {
|
|
15
|
-
it {
|
|
14
|
+
it { version.should have_at_least(3).segments }
|
|
15
|
+
it { version.should have_at_most(5).segments }
|
|
16
16
|
|
|
17
17
|
describe "major version" do
|
|
18
18
|
subject { gem_version.segments[0] }
|
|
@@ -33,10 +33,10 @@ module ActiveAttr
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
describe "pre-release version" do
|
|
36
|
-
subject { VERSION.split(".")[3] }
|
|
36
|
+
subject(:pre_release_version) { VERSION.split(".")[3] }
|
|
37
37
|
|
|
38
38
|
it "is nil or starts with a letter and is alphanumeric" do
|
|
39
|
-
(
|
|
39
|
+
(pre_release_version.nil? || pre_release_version =~ /^[A-Za-z][0-9A-Za-z]*?/).should be_true
|
|
40
40
|
end
|
|
41
41
|
end
|
|
42
42
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: active_attr
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.8.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2013-05-02 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activemodel
|
|
@@ -82,7 +82,7 @@ dependencies:
|
|
|
82
82
|
version: '2.2'
|
|
83
83
|
- - <
|
|
84
84
|
- !ruby/object:Gem::Version
|
|
85
|
-
version: '
|
|
85
|
+
version: '5.0'
|
|
86
86
|
type: :development
|
|
87
87
|
prerelease: false
|
|
88
88
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -93,23 +93,29 @@ dependencies:
|
|
|
93
93
|
version: '2.2'
|
|
94
94
|
- - <
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: '
|
|
96
|
+
version: '5.0'
|
|
97
97
|
- !ruby/object:Gem::Dependency
|
|
98
98
|
name: rake
|
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
|
100
100
|
none: false
|
|
101
101
|
requirements:
|
|
102
|
-
- -
|
|
102
|
+
- - ! '>='
|
|
103
103
|
- !ruby/object:Gem::Version
|
|
104
104
|
version: 0.9.0
|
|
105
|
+
- - <
|
|
106
|
+
- !ruby/object:Gem::Version
|
|
107
|
+
version: '10.1'
|
|
105
108
|
type: :development
|
|
106
109
|
prerelease: false
|
|
107
110
|
version_requirements: !ruby/object:Gem::Requirement
|
|
108
111
|
none: false
|
|
109
112
|
requirements:
|
|
110
|
-
- -
|
|
113
|
+
- - ! '>='
|
|
111
114
|
- !ruby/object:Gem::Version
|
|
112
115
|
version: 0.9.0
|
|
116
|
+
- - <
|
|
117
|
+
- !ruby/object:Gem::Version
|
|
118
|
+
version: '10.1'
|
|
113
119
|
- !ruby/object:Gem::Dependency
|
|
114
120
|
name: rspec
|
|
115
121
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -117,7 +123,7 @@ dependencies:
|
|
|
117
123
|
requirements:
|
|
118
124
|
- - ~>
|
|
119
125
|
- !ruby/object:Gem::Version
|
|
120
|
-
version: '2.
|
|
126
|
+
version: '2.11'
|
|
121
127
|
type: :development
|
|
122
128
|
prerelease: false
|
|
123
129
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -125,7 +131,7 @@ dependencies:
|
|
|
125
131
|
requirements:
|
|
126
132
|
- - ~>
|
|
127
133
|
- !ruby/object:Gem::Version
|
|
128
|
-
version: '2.
|
|
134
|
+
version: '2.11'
|
|
129
135
|
- !ruby/object:Gem::Dependency
|
|
130
136
|
name: tzinfo
|
|
131
137
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -164,6 +170,7 @@ files:
|
|
|
164
170
|
- active_attr.gemspec
|
|
165
171
|
- gemfiles/rails_3_0.gemfile
|
|
166
172
|
- gemfiles/rails_3_1.gemfile
|
|
173
|
+
- gemfiles/rails_3_2.gemfile
|
|
167
174
|
- gemfiles/rails_head.gemfile
|
|
168
175
|
- lib/active_attr.rb
|
|
169
176
|
- lib/active_attr/attribute_defaults.rb
|
|
@@ -176,7 +183,6 @@ files:
|
|
|
176
183
|
- lib/active_attr/error.rb
|
|
177
184
|
- lib/active_attr/logger.rb
|
|
178
185
|
- lib/active_attr/mass_assignment.rb
|
|
179
|
-
- lib/active_attr/mass_assignment_security.rb
|
|
180
186
|
- lib/active_attr/matchers.rb
|
|
181
187
|
- lib/active_attr/matchers/have_attribute_matcher.rb
|
|
182
188
|
- lib/active_attr/model.rb
|
|
@@ -201,7 +207,7 @@ files:
|
|
|
201
207
|
- spec/functional/active_attr/attribute_defaults_spec.rb
|
|
202
208
|
- spec/functional/active_attr/attributes_spec.rb
|
|
203
209
|
- spec/functional/active_attr/chainable_initialization_spec.rb
|
|
204
|
-
- spec/functional/active_attr/
|
|
210
|
+
- spec/functional/active_attr/mass_assignment_spec.rb
|
|
205
211
|
- spec/functional/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
206
212
|
- spec/functional/active_attr/model_spec.rb
|
|
207
213
|
- spec/functional/active_attr/query_attributes_spec.rb
|
|
@@ -220,7 +226,6 @@ files:
|
|
|
220
226
|
- spec/unit/active_attr/dangerous_attribute_error_spec.rb
|
|
221
227
|
- spec/unit/active_attr/error_spec.rb
|
|
222
228
|
- spec/unit/active_attr/logger_spec.rb
|
|
223
|
-
- spec/unit/active_attr/mass_assignment_security_spec.rb
|
|
224
229
|
- spec/unit/active_attr/mass_assignment_spec.rb
|
|
225
230
|
- spec/unit/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
226
231
|
- spec/unit/active_attr/matchers_spec.rb
|
|
@@ -253,7 +258,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
253
258
|
version: '0'
|
|
254
259
|
segments:
|
|
255
260
|
- 0
|
|
256
|
-
hash:
|
|
261
|
+
hash: 712620086539529581
|
|
257
262
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
258
263
|
none: false
|
|
259
264
|
requirements:
|
|
@@ -262,10 +267,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
262
267
|
version: '0'
|
|
263
268
|
segments:
|
|
264
269
|
- 0
|
|
265
|
-
hash:
|
|
270
|
+
hash: 712620086539529581
|
|
266
271
|
requirements: []
|
|
267
272
|
rubyforge_project:
|
|
268
|
-
rubygems_version: 1.8.
|
|
273
|
+
rubygems_version: 1.8.25
|
|
269
274
|
signing_key:
|
|
270
275
|
specification_version: 3
|
|
271
276
|
summary: What ActiveModel left out
|
|
@@ -273,7 +278,7 @@ test_files:
|
|
|
273
278
|
- spec/functional/active_attr/attribute_defaults_spec.rb
|
|
274
279
|
- spec/functional/active_attr/attributes_spec.rb
|
|
275
280
|
- spec/functional/active_attr/chainable_initialization_spec.rb
|
|
276
|
-
- spec/functional/active_attr/
|
|
281
|
+
- spec/functional/active_attr/mass_assignment_spec.rb
|
|
277
282
|
- spec/functional/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
278
283
|
- spec/functional/active_attr/model_spec.rb
|
|
279
284
|
- spec/functional/active_attr/query_attributes_spec.rb
|
|
@@ -292,7 +297,6 @@ test_files:
|
|
|
292
297
|
- spec/unit/active_attr/dangerous_attribute_error_spec.rb
|
|
293
298
|
- spec/unit/active_attr/error_spec.rb
|
|
294
299
|
- spec/unit/active_attr/logger_spec.rb
|
|
295
|
-
- spec/unit/active_attr/mass_assignment_security_spec.rb
|
|
296
300
|
- spec/unit/active_attr/mass_assignment_spec.rb
|
|
297
301
|
- spec/unit/active_attr/matchers/have_attribute_matcher_spec.rb
|
|
298
302
|
- spec/unit/active_attr/matchers_spec.rb
|
|
@@ -311,4 +315,3 @@ test_files:
|
|
|
311
315
|
- spec/unit/active_attr/typecasting_spec.rb
|
|
312
316
|
- spec/unit/active_attr/unknown_attribute_error_spec.rb
|
|
313
317
|
- spec/unit/active_attr/version_spec.rb
|
|
314
|
-
has_rdoc:
|
|
@@ -1,54 +0,0 @@
|
|
|
1
|
-
require "active_attr/mass_assignment"
|
|
2
|
-
require "active_support/concern"
|
|
3
|
-
require "active_model"
|
|
4
|
-
|
|
5
|
-
module ActiveAttr
|
|
6
|
-
# MassAssignmentSecurity allows you to bulk set and update a blacklist or
|
|
7
|
-
# whitelist of attributes
|
|
8
|
-
#
|
|
9
|
-
# Including MassAssignmentSecurity extends all {ActiveAttr::MassAssignment}
|
|
10
|
-
# methods to honor any declared attribute permissions.
|
|
11
|
-
#
|
|
12
|
-
# @example Usage
|
|
13
|
-
# class Person
|
|
14
|
-
# include ActiveAttr::MassAssignmentSecurity
|
|
15
|
-
# end
|
|
16
|
-
#
|
|
17
|
-
# @since 0.3.0
|
|
18
|
-
module MassAssignmentSecurity
|
|
19
|
-
extend ActiveSupport::Concern
|
|
20
|
-
include MassAssignment
|
|
21
|
-
include ActiveModel::MassAssignmentSecurity
|
|
22
|
-
|
|
23
|
-
# Mass update a model's attributes, honoring attribute permissions
|
|
24
|
-
#
|
|
25
|
-
# @param (see MassAssignment#assign_attributes)
|
|
26
|
-
# @param [Hash, #[]] options Options that affect mass assignment
|
|
27
|
-
#
|
|
28
|
-
# @option options [Symbol] :as (:default) Mass assignment role
|
|
29
|
-
# @option options [true, false] :without_protection (false) Bypass mass
|
|
30
|
-
# assignment security if true
|
|
31
|
-
#
|
|
32
|
-
# @since 0.3.0
|
|
33
|
-
def assign_attributes(new_attributes, options={})
|
|
34
|
-
if new_attributes && !options[:without_protection]
|
|
35
|
-
mass_assignment_role = options[:as] || :default
|
|
36
|
-
new_attributes = sanitize_for_mass_assignment_with_or_without_role new_attributes, mass_assignment_role
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
super
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
private
|
|
43
|
-
|
|
44
|
-
# Rails 3.0 has no roles support in mass assignment
|
|
45
|
-
# @since 0.7.0
|
|
46
|
-
def sanitize_for_mass_assignment_with_or_without_role(new_attributes, mass_assignment_role)
|
|
47
|
-
if method(:sanitize_for_mass_assignment).arity.abs > 1
|
|
48
|
-
sanitize_for_mass_assignment new_attributes, mass_assignment_role
|
|
49
|
-
else
|
|
50
|
-
sanitize_for_mass_assignment new_attributes
|
|
51
|
-
end
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
end
|
|
@@ -1,45 +0,0 @@
|
|
|
1
|
-
require "spec_helper"
|
|
2
|
-
require "active_attr/mass_assignment_security"
|
|
3
|
-
|
|
4
|
-
module ActiveAttr
|
|
5
|
-
describe MassAssignmentSecurity, :mass_assignment do
|
|
6
|
-
context "integrating with strong_parameters", :active_model_version => "~> 3.2.0" do
|
|
7
|
-
subject { model_class }
|
|
8
|
-
|
|
9
|
-
before do
|
|
10
|
-
require "strong_parameters"
|
|
11
|
-
|
|
12
|
-
model_class.class_eval do
|
|
13
|
-
include ActiveAttr::MassAssignmentSecurity
|
|
14
|
-
include ActiveModel::ForbiddenAttributesProtection
|
|
15
|
-
attr_accessor :age
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
shared_examples "strong mass assignment method", :strong_mass_assignment_method => true do
|
|
20
|
-
it "raises if provided parameters when none are permitted" do
|
|
21
|
-
expect { mass_assign_attributes(ActionController::Parameters.new(:age => 21)) }.to raise_error ActiveModel::ForbiddenAttributes
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
it "sets a permitted parameter" do
|
|
25
|
-
person = mass_assign_attributes(ActionController::Parameters.new(:age => 21).permit(:age))
|
|
26
|
-
person.age.should == 21
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
it "does not set forbidden parameters" do
|
|
30
|
-
person = mass_assign_attributes(ActionController::Parameters.new(:age => 21).permit(:first_name))
|
|
31
|
-
person.age.should be_nil
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
it "continues to set normal attributes" do
|
|
35
|
-
person = mass_assign_attributes(:age => 21)
|
|
36
|
-
person.age.should == 21
|
|
37
|
-
end
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
describe "#assign_attributes", :assign_attributes, :strong_mass_assignment_method
|
|
41
|
-
describe "#attributes=", :attributes=, :strong_mass_assignment_method
|
|
42
|
-
describe "#initialize", :initialize, :strong_mass_assignment_method
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
end
|
|
@@ -1,67 +0,0 @@
|
|
|
1
|
-
require "spec_helper"
|
|
2
|
-
require "active_attr/mass_assignment_security"
|
|
3
|
-
|
|
4
|
-
module ActiveAttr
|
|
5
|
-
describe MassAssignmentSecurity, :mass_assignment do
|
|
6
|
-
subject { model_class }
|
|
7
|
-
|
|
8
|
-
before do
|
|
9
|
-
model_class.class_eval do
|
|
10
|
-
include MassAssignmentSecurity
|
|
11
|
-
attr_accessor :age
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
shared_examples "secure mass assignment method", :secure_mass_assignment_method => true do
|
|
16
|
-
include_examples "mass assignment method"
|
|
17
|
-
|
|
18
|
-
it "ignores assigning an attribute protected by role-based security", :active_model_version => ">= 3.1.0" do
|
|
19
|
-
person = mass_assign_attributes(:age => 21)
|
|
20
|
-
person.age.should be_nil
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
it "ignores assigning a protected attribute" do
|
|
24
|
-
person = mass_assign_attributes(:first_name => "Chris")
|
|
25
|
-
person.age.should be_nil
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
shared_examples "secure mass assignment method with options", :secure_mass_assignment_method_with_options => true do
|
|
30
|
-
it "supports role-based mass assignment security", :active_model_version => ">= 3.1.0" do
|
|
31
|
-
person = mass_assign_attributes_with_options({ :age => 21 }, :as => :admin)
|
|
32
|
-
person.age.should == 21
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
it "skips security if passed the :without_protection option" do
|
|
36
|
-
person = mass_assign_attributes_with_options({ :age => 21 }, :without_protection => true)
|
|
37
|
-
person.age.should == 21
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
context "white listing attributes" do
|
|
42
|
-
before do
|
|
43
|
-
model_class.class_eval do
|
|
44
|
-
attr_accessible :first_name, :last_name, :name
|
|
45
|
-
attr_accessible :age, :as => :admin
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
describe "#assign_attributes", :assign_attributes, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
50
|
-
describe "#attributes=", :attributes=, :secure_mass_assignment_method
|
|
51
|
-
describe "#initialize", :initialize, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
context "black listing attributes" do
|
|
55
|
-
before do
|
|
56
|
-
model_class.class_eval do
|
|
57
|
-
attr_protected :age
|
|
58
|
-
attr_protected :as => :admin
|
|
59
|
-
end
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
describe "#assign_attributes", :assign_attributes, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
63
|
-
describe "#attributes=", :attributes=, :secure_mass_assignment_method
|
|
64
|
-
describe "#initialize", :initialize, :secure_mass_assignment_method, :secure_mass_assignment_method_with_options
|
|
65
|
-
end
|
|
66
|
-
end
|
|
67
|
-
end
|