active_scaffold 3.4.41.1 → 3.4.42

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +5 -0
  3. data/app/assets/javascripts/active_scaffold.js.erb +6 -4
  4. data/lib/active_scaffold/active_record_permissions.rb +3 -3
  5. data/lib/active_scaffold/bridges/paper_trail/actions.rb +1 -0
  6. data/lib/active_scaffold/helpers/controller_helpers.rb +14 -6
  7. data/lib/active_scaffold/helpers/list_column_helpers.rb +2 -1
  8. data/lib/active_scaffold/helpers/pagination_helpers.rb +2 -1
  9. data/lib/active_scaffold/version.rb +1 -1
  10. data/test/test_helper.rb +1 -7
  11. metadata +3 -45
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8cc95fb6ce6cdf8b75d9d0902ed04526d4fbb5cb
4
- data.tar.gz: bc1b9ef7511e2f4080ddca03e80021e0b828d82c
3
+ metadata.gz: 5aecf180e9830138a0201706df7188764f0b9883
4
+ data.tar.gz: bdd48e47cb5e3e89d68b276c2b0d34b10ea5b672
5
5
  SHA512:
6
- metadata.gz: 9ca94eb07308ac34be706a4f25be0c923215ce55938d38243faffe6c823735a708331cf97a1ae6cb5ed799836a893c4dbdb8c5597407c2864955c5b233dd26b6
7
- data.tar.gz: d5d4c4c312dbe95c85055a4024066d7443902337cb97172c5ac6546e6a350338c0d934c57f9b3d0b2a74ec926eb8e180a762aae01cd2e31fa4019f2162d9e20f
6
+ metadata.gz: fb10543e6069522af0f3c29f478af48beb4576f8e4a5238c229b7d23bdf7abea0f668c8fdfb60dfd2aab150042ae9b9ee6c8e84feb5832863ebb5b056bb41abc
7
+ data.tar.gz: d535738279bf832a6c7af0a402187440ea7ac4898a7e14b3a0d3d5b636b47b060e2e71ce3c60433ca9aebb06abb285700a8fb771c677fe1ca231e34655b7b0c8
data/CHANGELOG CHANGED
@@ -1,3 +1,8 @@
1
+ = 3.4.42
2
+ - fix do_refresh_list on actions with GET route, it used :id and :action from request for sorting and pagination links
3
+ - Fix for using jquery-ui-rails 6.0
4
+ - Fix for protected and private authorized methods
5
+
1
6
  = 3.4.41.1
2
7
  - Fix issue with id_helpers and active_scaffold_sortable, caused by last security fix
3
8
 
data/app/assets/javascripts/active_scaffold.js.erb CHANGED
@@ -7,12 +7,14 @@
7
7
  require_asset "jquery-ui"
8
8
  elsif Jquery.const_defined? 'Ui'
9
9
  jquery_ui_prefix = Jquery::Ui::Rails::VERSION < '5.0.0' ? 'jquery.ui.' : 'jquery-ui/'
10
+ jquery_ui_widgets_prefix = Jquery::Ui::Rails::VERSION >= '6.0.0' ? '/widgets/' : ''
10
11
  require_asset "#{jquery_ui_prefix}core"
11
12
  require_asset "#{jquery_ui_prefix}effect"
12
- require_asset "#{jquery_ui_prefix}sortable"
13
- require_asset "#{jquery_ui_prefix}draggable"
14
- require_asset "#{jquery_ui_prefix}droppable"
15
- require_asset "#{jquery_ui_prefix}datepicker"
13
+ require_asset "#{jquery_ui_prefix}effects/effect-highlight" if Jquery::Ui::Rails::VERSION >= '6.0.0'
14
+ require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}sortable"
15
+ require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}draggable"
16
+ require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}droppable"
17
+ require_asset "#{jquery_ui_prefix}#{jquery_ui_widgets_prefix}datepicker"
16
18
  else
17
19
  jquery_ui = false
18
20
  end
data/lib/active_scaffold/active_record_permissions.rb CHANGED
@@ -120,19 +120,19 @@ module ActiveScaffold
120
120
  # you can disable a crud verb and enable that verb for a column
121
121
  # (for example, disable update and enable inplace_edit in a column)
122
122
  method = column_and_crud_type_security_method(options[:column], options[:crud_type])
123
- return [method] if method && respond_to?(method)
123
+ return [method] if method && respond_to?(method, true)
124
124
 
125
125
  # authorized_for_action? has higher priority than other methods,
126
126
  # you can disable a crud verb and enable an action with that crud verb
127
127
  # (for example, disable update and enable an action with update as crud type)
128
128
  method = action_security_method(options[:action])
129
- return [method] if method && respond_to?(method)
129
+ return [method] if method && respond_to?(method, true)
130
130
 
131
131
  # collect other possibly-related methods that actually exist
132
132
  [
133
133
  column_security_method(options[:column]),
134
134
  crud_type_security_method(options[:crud_type])
135
- ].compact.select { |m| respond_to?(m) }
135
+ ].compact.select { |m| respond_to?(m, true) }
136
136
  end
137
137
 
138
138
  private
data/lib/active_scaffold/bridges/paper_trail/actions.rb CHANGED
@@ -15,6 +15,7 @@ module ActiveScaffold::Actions
15
15
  pager = Paginator.new(query.count, active_scaffold_config.list.per_page) do |offset, per_page|
16
16
  query.offset(offset).limit(per_page).map(&:reify)
17
17
  end
18
+ @pagination_action = :deleted
18
19
  @page = pager.page(params[:page] || 1)
19
20
  @records = @page.items
20
21
  respond_to_action(:list)
data/lib/active_scaffold/helpers/controller_helpers.rb CHANGED
@@ -17,15 +17,23 @@ module ActiveScaffold
17
17
  @temporary_ids[record.class.name] if record && @temporary_ids
18
18
  end
19
19
 
20
+ # These params should not propagate:
21
+ # :adapter and :position are one-use rendering arguments.
22
+ # :sort, :sort_direction, and :page are arguments that stored in the session.
23
+ # and wow. no we don't want to propagate :record.
24
+ # :commit is a special rails variable for form buttons
25
+ # :_method is a special rails variable to simulate put, patch and delete actions.
26
+ # :dont_close is submit button which avoids closing form.
27
+ # :auto_pagination is used when all records are loaded automatically with multiple request.
28
+ # :iframe is used to simulate ajax forms loading form in iframe.
29
+ # :associated_id used in add_existing
30
+ # :authenticity_token is sent on some ajax requests
31
+ BLACKLIST_PARAMS = [:adapter, :position, :sort, :sort_direction, :page, :record, :commit, :_method, :dont_close, :auto_pagination, :iframe, :associated_id, :authenticity_token].freeze
32
+
20
33
  def params_for(options = {})
21
- # :adapter and :position are one-use rendering arguments. they should not propagate.
22
- # :sort, :sort_direction, and :page are arguments that stored in the session. they need not propagate.
23
- # and wow. no we don't want to propagate :record.
24
- # :commit is a special rails variable for form buttons
25
- blacklist = [:adapter, :position, :sort, :sort_direction, :page, :auto_pagination, :record, :commit, :_method, :authenticity_token, :iframe, :associated_id, :dont_close]
26
34
  unless @params_for
27
35
  @params_for = {}
28
- params.except(*blacklist).each { |key, value| @params_for[key.to_sym] = value.duplicable? ? value.clone : value }
36
+ params.except(*BLACKLIST_PARAMS).each { |key, value| @params_for[key.to_sym] = value.duplicable? ? value.clone : value }
29
37
  @params_for[:controller] = '/' + @params_for[:controller].to_s unless @params_for[:controller].to_s.first(1) == '/' # for namespaced controllers
30
38
  @params_for.delete(:id) if @params_for[:id].nil?
31
39
  end
data/lib/active_scaffold/helpers/list_column_helpers.rb CHANGED
@@ -322,7 +322,8 @@ module ActiveScaffold
322
322
  options = {:id => nil, :class => 'as_sort',
323
323
  'data-page-history' => controller_id,
324
324
  :remote => true, :method => :get}
325
- url_options = params_for(:action => :index, :page => 1,
325
+ # :id needed because rails reuse it even if we delete from params (like do_refresh_list does)
326
+ url_options = params_for(:action => :index, :page => 1, :id => params[:id],
326
327
  :sort => column.name, :sort_direction => sort_direction)
327
328
  unless active_scaffold_config.store_user_settings
328
329
  url_options.merge!(:search => search_params) if search_params.present?
data/lib/active_scaffold/helpers/pagination_helpers.rb CHANGED
@@ -6,7 +6,8 @@ module ActiveScaffold
6
6
  end
7
7
 
8
8
  def pagination_url_options(url_options = nil)
9
- url_options ||= params_for
9
+ # :id needed because rails reuse it even if we delete from params (like do_refresh_list does)
10
+ url_options ||= params_for(:action => @pagination_action || :index, :id => params[:id])
10
11
  unless active_scaffold_config.store_user_settings
11
12
  url_options.merge!(:search => search_params) if search_params.present?
12
13
  if active_scaffold_config.list.user.user_sorting?
data/lib/active_scaffold/version.rb CHANGED
@@ -2,7 +2,7 @@ module ActiveScaffold
2
2
  module Version
3
3
  MAJOR = 3
4
4
  MINOR = 4
5
- PATCH = '41.1'
5
+ PATCH = 42
6
6
 
7
7
  STRING = [MAJOR, MINOR, PATCH].compact.join('.')
8
8
  end
data/test/test_helper.rb CHANGED
@@ -1,7 +1,4 @@
1
- if RUBY_ENGINE == 'ruby'
2
- require 'simplecov'
3
- SimpleCov.start { add_filter 'test' }
4
- end
1
+ require 'simplecov' unless RUBY_ENGINE == 'rbx'
5
2
 
6
3
  ENV['RAILS_ENV'] = 'test'
7
4
  require 'mock_app/config/environment'
@@ -12,9 +9,6 @@ require 'mocha/setup'
12
9
  require 'minitest/reporters'
13
10
  Minitest::Reporters.use!
14
11
 
15
- require 'codeclimate-test-reporter'
16
- CodeClimate::TestReporter.start
17
-
18
12
  def load_schema
19
13
  stdout = $stdout
20
14
  $stdout = StringIO.new # suppress output while building the schema
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: active_scaffold
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.41.1
4
+ version: 3.4.42
5
5
  platform: ruby
6
6
  authors:
7
7
  - Many, see README
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-30 00:00:00.000000000 Z
11
+ date: 2017-11-20 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: bundler
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '1.0'
20
- type: :development
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: '1.0'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: rails
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -44,34 +30,6 @@ dependencies:
44
30
  - - "<"
45
31
  - !ruby/object:Gem::Version
46
32
  version: '5'
47
- - !ruby/object:Gem::Dependency
48
- name: rubocop
49
- requirement: !ruby/object:Gem::Requirement
50
- requirements:
51
- - - ">="
52
- - !ruby/object:Gem::Version
53
- version: '0'
54
- type: :development
55
- prerelease: false
56
- version_requirements: !ruby/object:Gem::Requirement
57
- requirements:
58
- - - ">="
59
- - !ruby/object:Gem::Version
60
- version: '0'
61
- - !ruby/object:Gem::Dependency
62
- name: shoulda
63
- requirement: !ruby/object:Gem::Requirement
64
- requirements:
65
- - - ">="
66
- - !ruby/object:Gem::Version
67
- version: '0'
68
- type: :development
69
- prerelease: false
70
- version_requirements: !ruby/object:Gem::Requirement
71
- requirements:
72
- - - ">="
73
- - !ruby/object:Gem::Version
74
- version: '0'
75
33
  description: Save time and headaches, and create a more easily maintainable set of
76
34
  pages, with ActiveScaffold. ActiveScaffold handles all your CRUD (create, read,
77
35
  update, delete) user interface needs, leaving you more time to focus on more challenging
@@ -448,7 +406,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
448
406
  version: '0'
449
407
  requirements: []
450
408
  rubyforge_project:
451
- rubygems_version: 2.5.1
409
+ rubygems_version: 2.6.10
452
410
  signing_key:
453
411
  specification_version: 4
454
412
  summary: Rails 3.2, 4.0, 4.1 and 4.2 versions of ActiveScaffold supporting prototype