RubyGems - active_scaffold - Versions diffs - 3.4.41.1 → 3.4.42 - Mend

active_scaffold 3.4.41.1 → 3.4.42

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGELOG +5 -0
data/app/assets/javascripts/active_scaffold.js.erb +6 -4
data/lib/active_scaffold/active_record_permissions.rb +3 -3
data/lib/active_scaffold/bridges/paper_trail/actions.rb +1 -0
data/lib/active_scaffold/helpers/controller_helpers.rb +14 -6
data/lib/active_scaffold/helpers/list_column_helpers.rb +2 -1
data/lib/active_scaffold/helpers/pagination_helpers.rb +2 -1
data/lib/active_scaffold/version.rb +1 -1
data/test/test_helper.rb +1 -7
metadata +3 -45

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8cc95fb6ce6cdf8b75d9d0902ed04526d4fbb5cb
-  data.tar.gz: bc1b9ef7511e2f4080ddca03e80021e0b828d82c
+  metadata.gz: 5aecf180e9830138a0201706df7188764f0b9883
+  data.tar.gz: bdd48e47cb5e3e89d68b276c2b0d34b10ea5b672
 SHA512:
-  metadata.gz: 9ca94eb07308ac34be706a4f25be0c923215ce55938d38243faffe6c823735a708331cf97a1ae6cb5ed799836a893c4dbdb8c5597407c2864955c5b233dd26b6
-  data.tar.gz: d5d4c4c312dbe95c85055a4024066d7443902337cb97172c5ac6546e6a350338c0d934c57f9b3d0b2a74ec926eb8e180a762aae01cd2e31fa4019f2162d9e20f
+  metadata.gz: fb10543e6069522af0f3c29f478af48beb4576f8e4a5238c229b7d23bdf7abea0f668c8fdfb60dfd2aab150042ae9b9ee6c8e84feb5832863ebb5b056bb41abc
+  data.tar.gz: d535738279bf832a6c7af0a402187440ea7ac4898a7e14b3a0d3d5b636b47b060e2e71ce3c60433ca9aebb06abb285700a8fb771c677fe1ca231e34655b7b0c8

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,8 @@
+= 3.4.42
+- fix do_refresh_list on actions with GET route, it used :id and :action from request for sorting and pagination links
+- Fix for using jquery-ui-rails 6.0
+- Fix for protected and private authorized methods
 = 3.4.41.1
 - Fix issue with id_helpers and active_scaffold_sortable, caused by last security fix

data/app/assets/javascripts/active_scaffold.js.erb CHANGED Viewed

@@ -7,12 +7,14 @@
       require_asset "jquery-ui"
     elsif Jquery.const_defined? 'Ui'
       jquery_ui_prefix = Jquery::Ui::Rails::VERSION < '5.0.0' ? 'jquery.ui.' : 'jquery-ui/'
+      jquery_ui_widgets_prefix = Jquery::Ui::Rails::VERSION >= '6.0.0' ? '/widgets/' : ''
       require_asset "#{jquery_ui_prefix}core"
       require_asset "#{jquery_ui_prefix}effect"
-      require_asset "#{jquery_ui_prefix}sortable"
-      require_asset "#{jquery_ui_prefix}draggable"
-      require_asset "#{jquery_ui_prefix}droppable"
-      require_asset "#{jquery_ui_prefix}datepicker"
+      require_asset "#{jquery_ui_prefix}effects/effect-highlight" if Jquery::Ui::Rails::VERSION >= '6.0.0'
+      require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}sortable"
+      require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}draggable"
+      require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}droppable"
+      require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}datepicker"
     else
       jquery_ui = false
     end

data/lib/active_scaffold/active_record_permissions.rb CHANGED Viewed

@@ -120,19 +120,19 @@ module ActiveScaffold
           # you can disable a crud verb and enable that verb for a column
           # (for example, disable update and enable inplace_edit in a column)
           method = column_and_crud_type_security_method(options[:column], options[:crud_type])
-          return [method] if method && respond_to?(method)
+          return [method] if method && respond_to?(method, true)
           # authorized_for_action? has higher priority than other methods,
           # you can disable a crud verb and enable an action with that crud verb
           # (for example, disable update and enable an action with update as crud type)
           method = action_security_method(options[:action])
-          return [method] if method && respond_to?(method)
+          return [method] if method && respond_to?(method, true)
           # collect other possibly-related methods that actually exist
           [
             column_security_method(options[:column]),
             crud_type_security_method(options[:crud_type])
-          ].compact.select { |m| respond_to?(m) }
+          ].compact.select { |m| respond_to?(m, true) }
         end
         private

data/lib/active_scaffold/bridges/paper_trail/actions.rb CHANGED Viewed

@@ -15,6 +15,7 @@ module ActiveScaffold::Actions
       pager = Paginator.new(query.count, active_scaffold_config.list.per_page) do |offset, per_page|
         query.offset(offset).limit(per_page).map(&:reify)
       end
+      @pagination_action = :deleted
       @page = pager.page(params[:page] || 1)
       @records = @page.items
       respond_to_action(:list)

data/lib/active_scaffold/helpers/controller_helpers.rb CHANGED Viewed

@@ -17,15 +17,23 @@ module ActiveScaffold
         @temporary_ids[record.class.name] if record && @temporary_ids
       end
+      # These params should not propagate:
+      # :adapter and :position are one-use rendering arguments.
+      # :sort, :sort_direction, and :page are arguments that stored in the session.
+      # and wow. no we don't want to propagate :record.
+      # :commit is a special rails variable for form buttons
+      # :_method is a special rails variable to simulate put, patch and delete actions.
+      # :dont_close is submit button which avoids closing form.
+      # :auto_pagination is used when all records are loaded automatically with multiple request.
+      # :iframe is used to simulate ajax forms loading form in iframe.
+      # :associated_id used in add_existing
+      # :authenticity_token is sent on some ajax requests
+      BLACKLIST_PARAMS = [:adapter, :position, :sort, :sort_direction, :page, :record, :commit, :_method, :dont_close, :auto_pagination, :iframe, :associated_id, :authenticity_token].freeze
       def params_for(options = {})
-        # :adapter and :position are one-use rendering arguments. they should not propagate.
-        # :sort, :sort_direction, and :page are arguments that stored in the session. they need not propagate.
-        # and wow. no we don't want to propagate :record.
-        # :commit is a special rails variable for form buttons
-        blacklist = [:adapter, :position, :sort, :sort_direction, :page, :auto_pagination, :record, :commit, :_method, :authenticity_token, :iframe, :associated_id, :dont_close]
         unless @params_for
           @params_for = {}
-          params.except(*blacklist).each { |key, value| @params_for[key.to_sym] = value.duplicable? ? value.clone : value }
+          params.except(*BLACKLIST_PARAMS).each { |key, value| @params_for[key.to_sym] = value.duplicable? ? value.clone : value }
           @params_for[:controller] = '/' + @params_for[:controller].to_s unless @params_for[:controller].to_s.first(1) == '/' # for namespaced controllers
           @params_for.delete(:id) if @params_for[:id].nil?
         end

data/lib/active_scaffold/helpers/list_column_helpers.rb CHANGED Viewed

@@ -322,7 +322,8 @@ module ActiveScaffold
           options = {:id => nil, :class => 'as_sort',
                      'data-page-history' => controller_id,
                      :remote => true, :method => :get}
-          url_options = params_for(:action => :index, :page => 1,
+          # :id needed because rails reuse it even if we delete from params (like do_refresh_list does)
+          url_options = params_for(:action => :index, :page => 1, :id => params[:id],
                                    :sort => column.name, :sort_direction => sort_direction)
           unless active_scaffold_config.store_user_settings
             url_options.merge!(:search => search_params) if search_params.present?

data/lib/active_scaffold/helpers/pagination_helpers.rb CHANGED Viewed

@@ -6,7 +6,8 @@ module ActiveScaffold
       end
       def pagination_url_options(url_options = nil)
-        url_options ||= params_for
+        # :id needed because rails reuse it even if we delete from params (like do_refresh_list does)
+        url_options ||= params_for(:action => @pagination_action || :index, :id => params[:id])
         unless active_scaffold_config.store_user_settings
           url_options.merge!(:search => search_params) if search_params.present?
           if active_scaffold_config.list.user.user_sorting?

data/lib/active_scaffold/version.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module ActiveScaffold
   module Version
     MAJOR = 3
     MINOR = 4
-    PATCH = '41.1'
+    PATCH = 42
     STRING = [MAJOR, MINOR, PATCH].compact.join('.')
   end

data/test/test_helper.rb CHANGED Viewed

@@ -1,7 +1,4 @@
-if RUBY_ENGINE == 'ruby'
-  require 'simplecov'
-  SimpleCov.start { add_filter 'test' }
-end
+require 'simplecov' unless RUBY_ENGINE == 'rbx'
 ENV['RAILS_ENV'] = 'test'
 require 'mock_app/config/environment'
@@ -12,9 +9,6 @@ require 'mocha/setup'
 require 'minitest/reporters'
 Minitest::Reporters.use!
-require 'codeclimate-test-reporter'
-CodeClimate::TestReporter.start
 def load_schema
   stdout = $stdout
   $stdout = StringIO.new # suppress output while building the schema

metadata CHANGED Viewed

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: active_scaffold
 version: !ruby/object:Gem::Version
-  version: 3.4.41.1
+  version: 3.4.42
 platform: ruby
 authors:
 - Many, see README
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-09-30 00:00:00.000000000 Z
+date: 2017-11-20 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -44,34 +30,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '5'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: shoulda
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: Save time and headaches, and create a more easily maintainable set of
   pages, with ActiveScaffold. ActiveScaffold handles all your CRUD (create, read,
   update, delete) user interface needs, leaving you more time to focus on more challenging
@@ -448,7 +406,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.5.1
+rubygems_version: 2.6.10
 signing_key:
 specification_version: 4
 summary: Rails 3.2, 4.0, 4.1 and 4.2 versions of ActiveScaffold supporting prototype