activemodel 4.0.13 → 4.1.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activemodel might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -276
- data/README.rdoc +1 -1
- data/lib/active_model.rb +2 -4
- data/lib/active_model/attribute_methods.rb +12 -11
- data/lib/active_model/callbacks.rb +19 -22
- data/lib/active_model/conversion.rb +2 -2
- data/lib/active_model/dirty.rb +38 -20
- data/lib/active_model/errors.rb +11 -13
- data/lib/active_model/forbidden_attributes_protection.rb +0 -1
- data/lib/active_model/naming.rb +8 -8
- data/lib/active_model/secure_password.rb +17 -9
- data/lib/active_model/serializers/json.rb +1 -1
- data/lib/active_model/serializers/xml.rb +7 -7
- data/lib/active_model/translation.rb +1 -1
- data/lib/active_model/validations.rb +4 -3
- data/lib/active_model/validations/acceptance.rb +4 -2
- data/lib/active_model/validations/callbacks.rb +7 -2
- data/lib/active_model/validations/clusivity.rb +15 -12
- data/lib/active_model/validations/confirmation.rb +8 -2
- data/lib/active_model/validations/exclusion.rb +1 -1
- data/lib/active_model/validations/format.rb +18 -16
- data/lib/active_model/validations/inclusion.rb +2 -3
- data/lib/active_model/validations/length.rb +2 -2
- data/lib/active_model/validations/numericality.rb +19 -19
- data/lib/active_model/validations/validates.rb +2 -2
- data/lib/active_model/validations/with.rb +2 -1
- data/lib/active_model/validator.rb +24 -10
- data/lib/active_model/version.rb +1 -1
- metadata +16 -17
- data/lib/active_model/deprecated_mass_assignment_security.rb +0 -21
@@ -15,15 +15,15 @@ module ActiveModel
|
|
15
15
|
private
|
16
16
|
|
17
17
|
def include?(record, value)
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
18
|
+
members = if delimiter.respond_to?(:call)
|
19
|
+
delimiter.call(record)
|
20
|
+
elsif delimiter.respond_to?(:to_sym)
|
21
|
+
record.send(delimiter)
|
22
|
+
else
|
23
|
+
delimiter
|
24
|
+
end
|
25
25
|
|
26
|
-
|
26
|
+
members.send(inclusion_method(members), value)
|
27
27
|
end
|
28
28
|
|
29
29
|
def delimiter
|
@@ -35,10 +35,13 @@ module ActiveModel
|
|
35
35
|
# <tt>Range#cover?</tt> uses the previous logic of comparing a value with the range
|
36
36
|
# endpoints, which is fast but is only accurate on Numeric, Time, or DateTime ranges.
|
37
37
|
def inclusion_method(enumerable)
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
38
|
+
if enumerable.is_a? Range
|
39
|
+
case enumerable.first
|
40
|
+
when Numeric, Time, DateTime
|
41
|
+
:cover?
|
42
|
+
else
|
43
|
+
:include?
|
44
|
+
end
|
42
45
|
else
|
43
46
|
:include?
|
44
47
|
end
|
@@ -2,14 +2,20 @@ module ActiveModel
|
|
2
2
|
|
3
3
|
module Validations
|
4
4
|
class ConfirmationValidator < EachValidator # :nodoc:
|
5
|
+
def initialize(options)
|
6
|
+
super
|
7
|
+
setup!(options[:class])
|
8
|
+
end
|
9
|
+
|
5
10
|
def validate_each(record, attribute, value)
|
6
11
|
if (confirmed = record.send("#{attribute}_confirmation")) && (value != confirmed)
|
7
12
|
human_attribute_name = record.class.human_attribute_name(attribute)
|
8
|
-
record.errors.add(:"#{attribute}_confirmation", :confirmation, options.merge(:
|
13
|
+
record.errors.add(:"#{attribute}_confirmation", :confirmation, options.merge(attribute: human_attribute_name))
|
9
14
|
end
|
10
15
|
end
|
11
16
|
|
12
|
-
|
17
|
+
private
|
18
|
+
def setup!(klass)
|
13
19
|
klass.send(:attr_reader, *attributes.map do |attribute|
|
14
20
|
:"#{attribute}_confirmation" unless klass.method_defined?(:"#{attribute}_confirmation")
|
15
21
|
end.compact)
|
@@ -8,7 +8,7 @@ module ActiveModel
|
|
8
8
|
|
9
9
|
def validate_each(record, attribute, value)
|
10
10
|
if include?(record, value)
|
11
|
-
record.errors.add(attribute, :exclusion, options.except(:in, :within).merge!(:
|
11
|
+
record.errors.add(attribute, :exclusion, options.except(:in, :within).merge!(value: value))
|
12
12
|
end
|
13
13
|
end
|
14
14
|
end
|
@@ -17,8 +17,8 @@ module ActiveModel
|
|
17
17
|
raise ArgumentError, "Either :with or :without must be supplied (but not both)"
|
18
18
|
end
|
19
19
|
|
20
|
-
check_options_validity
|
21
|
-
check_options_validity
|
20
|
+
check_options_validity :with
|
21
|
+
check_options_validity :without
|
22
22
|
end
|
23
23
|
|
24
24
|
private
|
@@ -29,24 +29,26 @@ module ActiveModel
|
|
29
29
|
end
|
30
30
|
|
31
31
|
def record_error(record, attribute, name, value)
|
32
|
-
record.errors.add(attribute, :invalid, options.except(name).merge!(:
|
32
|
+
record.errors.add(attribute, :invalid, options.except(name).merge!(value: value))
|
33
33
|
end
|
34
34
|
|
35
|
-
def
|
36
|
-
|
37
|
-
|
35
|
+
def check_options_validity(name)
|
36
|
+
if option = options[name]
|
37
|
+
if option.is_a?(Regexp)
|
38
|
+
if options[:multiline] != true && regexp_using_multiline_anchors?(option)
|
39
|
+
raise ArgumentError, "The provided regular expression is using multiline anchors (^ or $), " \
|
40
|
+
"which may present a security risk. Did you mean to use \\A and \\z, or forgot to add the " \
|
41
|
+
":multiline => true option?"
|
42
|
+
end
|
43
|
+
elsif !option.respond_to?(:call)
|
44
|
+
raise ArgumentError, "A regular expression or a proc or lambda must be supplied as :#{name}"
|
45
|
+
end
|
46
|
+
end
|
38
47
|
end
|
39
48
|
|
40
|
-
def
|
41
|
-
|
42
|
-
|
43
|
-
raise ArgumentError, "A regular expression or a proc or lambda must be supplied as :#{name}"
|
44
|
-
elsif option && option.is_a?(Regexp) &&
|
45
|
-
regexp_using_multiline_anchors?(option) && options[:multiline] != true
|
46
|
-
raise ArgumentError, "The provided regular expression is using multiline anchors (^ or $), " \
|
47
|
-
"which may present a security risk. Did you mean to use \\A and \\z, or forgot to add the " \
|
48
|
-
":multiline => true option?"
|
49
|
-
end
|
49
|
+
def regexp_using_multiline_anchors?(regexp)
|
50
|
+
source = regexp.source
|
51
|
+
source.start_with?("^") || (source.end_with?("$") && !source.end_with?("\\$"))
|
50
52
|
end
|
51
53
|
end
|
52
54
|
|
@@ -8,7 +8,7 @@ module ActiveModel
|
|
8
8
|
|
9
9
|
def validate_each(record, attribute, value)
|
10
10
|
unless include?(record, value)
|
11
|
-
record.errors.add(attribute, :inclusion, options.except(:in, :within).merge!(:
|
11
|
+
record.errors.add(attribute, :inclusion, options.except(:in, :within).merge!(value: value))
|
12
12
|
end
|
13
13
|
end
|
14
14
|
end
|
@@ -29,8 +29,7 @@ module ActiveModel
|
|
29
29
|
# * <tt>:in</tt> - An enumerable object of available items. This can be
|
30
30
|
# supplied as a proc, lambda or symbol which returns an enumerable. If the
|
31
31
|
# enumerable is a numerical range the test is performed with <tt>Range#cover?</tt>,
|
32
|
-
# otherwise with <tt>include?</tt>.
|
33
|
-
# under validation is passed as an argument.
|
32
|
+
# otherwise with <tt>include?</tt>.
|
34
33
|
# * <tt>:within</tt> - A synonym(or alias) for <tt>:in</tt>
|
35
34
|
# * <tt>:message</tt> - Specifies a custom error message (default is: "is
|
36
35
|
# not included in the list").
|
@@ -3,8 +3,8 @@ module ActiveModel
|
|
3
3
|
# == Active \Model Length \Validator
|
4
4
|
module Validations
|
5
5
|
class LengthValidator < EachValidator # :nodoc:
|
6
|
-
MESSAGES = { :
|
7
|
-
CHECKS = { :
|
6
|
+
MESSAGES = { is: :wrong_length, minimum: :too_short, maximum: :too_long }.freeze
|
7
|
+
CHECKS = { is: :==, minimum: :>=, maximum: :<= }.freeze
|
8
8
|
|
9
9
|
RESERVED_OPTIONS = [:minimum, :maximum, :within, :is, :tokenizer, :too_short, :too_long]
|
10
10
|
|
@@ -2,17 +2,18 @@ module ActiveModel
|
|
2
2
|
|
3
3
|
module Validations
|
4
4
|
class NumericalityValidator < EachValidator # :nodoc:
|
5
|
-
CHECKS = { :
|
6
|
-
:
|
7
|
-
:
|
5
|
+
CHECKS = { greater_than: :>, greater_than_or_equal_to: :>=,
|
6
|
+
equal_to: :==, less_than: :<, less_than_or_equal_to: :<=,
|
7
|
+
odd: :odd?, even: :even?, other_than: :!= }.freeze
|
8
8
|
|
9
9
|
RESERVED_OPTIONS = CHECKS.keys + [:only_integer]
|
10
10
|
|
11
11
|
def check_validity!
|
12
12
|
keys = CHECKS.keys - [:odd, :even]
|
13
13
|
options.slice(*keys).each do |option, value|
|
14
|
-
|
15
|
-
|
14
|
+
unless value.is_a?(Numeric) || value.is_a?(Proc) || value.is_a?(Symbol)
|
15
|
+
raise ArgumentError, ":#{option} must be a number, a symbol or a proc"
|
16
|
+
end
|
16
17
|
end
|
17
18
|
end
|
18
19
|
|
@@ -43,11 +44,15 @@ module ActiveModel
|
|
43
44
|
record.errors.add(attr_name, option, filtered_options(value))
|
44
45
|
end
|
45
46
|
else
|
46
|
-
|
47
|
-
|
47
|
+
case option_value
|
48
|
+
when Proc
|
49
|
+
option_value = option_value.call(record)
|
50
|
+
when Symbol
|
51
|
+
option_value = record.send(option_value)
|
52
|
+
end
|
48
53
|
|
49
54
|
unless value.send(CHECKS[option], option_value)
|
50
|
-
record.errors.add(attr_name, option, filtered_options(value).merge(:
|
55
|
+
record.errors.add(attr_name, option, filtered_options(value).merge!(count: option_value))
|
51
56
|
end
|
52
57
|
end
|
53
58
|
end
|
@@ -56,16 +61,9 @@ module ActiveModel
|
|
56
61
|
protected
|
57
62
|
|
58
63
|
def parse_raw_value_as_a_number(raw_value)
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
else
|
63
|
-
begin
|
64
|
-
Kernel.Float(raw_value)
|
65
|
-
rescue ArgumentError, TypeError
|
66
|
-
nil
|
67
|
-
end
|
68
|
-
end
|
64
|
+
Kernel.Float(raw_value) if raw_value !~ /\A0[xX]/
|
65
|
+
rescue ArgumentError, TypeError
|
66
|
+
nil
|
69
67
|
end
|
70
68
|
|
71
69
|
def parse_raw_value_as_an_integer(raw_value)
|
@@ -73,7 +71,9 @@ module ActiveModel
|
|
73
71
|
end
|
74
72
|
|
75
73
|
def filtered_options(value)
|
76
|
-
options.except(*RESERVED_OPTIONS)
|
74
|
+
filtered = options.except(*RESERVED_OPTIONS)
|
75
|
+
filtered[:value] = value
|
76
|
+
filtered
|
77
77
|
end
|
78
78
|
end
|
79
79
|
|
@@ -83,9 +83,10 @@ module ActiveModel
|
|
83
83
|
# end
|
84
84
|
def validates_with(*args, &block)
|
85
85
|
options = args.extract_options!
|
86
|
+
options[:class] = self
|
87
|
+
|
86
88
|
args.each do |klass|
|
87
89
|
validator = klass.new(options, &block)
|
88
|
-
validator.setup(self) if validator.respond_to?(:setup)
|
89
90
|
|
90
91
|
if validator.respond_to?(:attributes) && !validator.attributes.empty?
|
91
92
|
validator.attributes.each do |attribute|
|
@@ -79,21 +79,19 @@ module ActiveModel
|
|
79
79
|
# include ActiveModel::Validations
|
80
80
|
# attr_accessor :title
|
81
81
|
#
|
82
|
-
# validates :title, presence: true
|
82
|
+
# validates :title, presence: true
|
83
83
|
# end
|
84
84
|
#
|
85
|
-
#
|
86
|
-
#
|
87
|
-
#
|
85
|
+
# It can be useful to access the class that is using that validator when there are prerequisites such
|
86
|
+
# as an +attr_accessor+ being present. This class is accessible via +options[:class]+ in the constructor.
|
87
|
+
# To setup your validator override the constructor.
|
88
88
|
#
|
89
89
|
# class MyValidator < ActiveModel::Validator
|
90
|
-
# def
|
91
|
-
#
|
90
|
+
# def initialize(options={})
|
91
|
+
# super
|
92
|
+
# options[:class].send :attr_accessor, :custom_attribute
|
92
93
|
# end
|
93
94
|
# end
|
94
|
-
#
|
95
|
-
# This setup method is only called when used with validation macros or the
|
96
|
-
# class level <tt>validates_with</tt> method.
|
97
95
|
class Validator
|
98
96
|
attr_reader :options
|
99
97
|
|
@@ -107,7 +105,8 @@ module ActiveModel
|
|
107
105
|
|
108
106
|
# Accepts options that will be made available through the +options+ reader.
|
109
107
|
def initialize(options = {})
|
110
|
-
@options
|
108
|
+
@options = options.except(:class).freeze
|
109
|
+
deprecated_setup(options)
|
111
110
|
end
|
112
111
|
|
113
112
|
# Return the kind for this validator.
|
@@ -123,6 +122,21 @@ module ActiveModel
|
|
123
122
|
def validate(record)
|
124
123
|
raise NotImplementedError, "Subclasses must implement a validate(record) method."
|
125
124
|
end
|
125
|
+
|
126
|
+
private
|
127
|
+
def deprecated_setup(options) # TODO: remove me in 4.2.
|
128
|
+
return unless respond_to?(:setup)
|
129
|
+
ActiveSupport::Deprecation.warn "The `Validator#setup` instance method is deprecated and will be removed on Rails 4.2. Do your setup in the constructor instead:
|
130
|
+
|
131
|
+
class MyValidator < ActiveModel::Validator
|
132
|
+
def initialize(options={})
|
133
|
+
super
|
134
|
+
options[:class].send :attr_accessor, :custom_attribute
|
135
|
+
end
|
136
|
+
end
|
137
|
+
"
|
138
|
+
setup(options[:class])
|
139
|
+
end
|
126
140
|
end
|
127
141
|
|
128
142
|
# +EachValidator+ is a validator which iterates through the attributes given
|
data/lib/active_model/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: activemodel
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.0.
|
4
|
+
version: 4.1.0.beta1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2013-12-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -16,31 +16,31 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 4.0.
|
19
|
+
version: 4.1.0.beta1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 4.0.
|
26
|
+
version: 4.1.0.beta1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: builder
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- -
|
31
|
+
- - ~>
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 3.1
|
33
|
+
version: '3.1'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- -
|
38
|
+
- - ~>
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 3.1
|
40
|
+
version: '3.1'
|
41
41
|
description: A toolkit for building modeling frameworks like Active Record. Rich support
|
42
|
-
for attributes, callbacks, validations,
|
43
|
-
|
42
|
+
for attributes, callbacks, validations, serialization, internationalization, and
|
43
|
+
testing.
|
44
44
|
email: david@loudthinking.com
|
45
45
|
executables: []
|
46
46
|
extensions: []
|
@@ -49,11 +49,9 @@ files:
|
|
49
49
|
- CHANGELOG.md
|
50
50
|
- MIT-LICENSE
|
51
51
|
- README.rdoc
|
52
|
-
- lib/active_model.rb
|
53
52
|
- lib/active_model/attribute_methods.rb
|
54
53
|
- lib/active_model/callbacks.rb
|
55
54
|
- lib/active_model/conversion.rb
|
56
|
-
- lib/active_model/deprecated_mass_assignment_security.rb
|
57
55
|
- lib/active_model/dirty.rb
|
58
56
|
- lib/active_model/errors.rb
|
59
57
|
- lib/active_model/forbidden_attributes_protection.rb
|
@@ -68,7 +66,6 @@ files:
|
|
68
66
|
- lib/active_model/serializers/xml.rb
|
69
67
|
- lib/active_model/test_case.rb
|
70
68
|
- lib/active_model/translation.rb
|
71
|
-
- lib/active_model/validations.rb
|
72
69
|
- lib/active_model/validations/absence.rb
|
73
70
|
- lib/active_model/validations/acceptance.rb
|
74
71
|
- lib/active_model/validations/callbacks.rb
|
@@ -82,8 +79,10 @@ files:
|
|
82
79
|
- lib/active_model/validations/presence.rb
|
83
80
|
- lib/active_model/validations/validates.rb
|
84
81
|
- lib/active_model/validations/with.rb
|
82
|
+
- lib/active_model/validations.rb
|
85
83
|
- lib/active_model/validator.rb
|
86
84
|
- lib/active_model/version.rb
|
85
|
+
- lib/active_model.rb
|
87
86
|
homepage: http://www.rubyonrails.org
|
88
87
|
licenses:
|
89
88
|
- MIT
|
@@ -94,17 +93,17 @@ require_paths:
|
|
94
93
|
- lib
|
95
94
|
required_ruby_version: !ruby/object:Gem::Requirement
|
96
95
|
requirements:
|
97
|
-
- -
|
96
|
+
- - '>='
|
98
97
|
- !ruby/object:Gem::Version
|
99
98
|
version: 1.9.3
|
100
99
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
101
100
|
requirements:
|
102
|
-
- -
|
101
|
+
- - '>'
|
103
102
|
- !ruby/object:Gem::Version
|
104
|
-
version:
|
103
|
+
version: 1.3.1
|
105
104
|
requirements: []
|
106
105
|
rubyforge_project:
|
107
|
-
rubygems_version: 2.
|
106
|
+
rubygems_version: 2.1.11
|
108
107
|
signing_key:
|
109
108
|
specification_version: 4
|
110
109
|
summary: A toolkit for building modeling frameworks (part of Rails).
|
@@ -1,21 +0,0 @@
|
|
1
|
-
module ActiveModel
|
2
|
-
module DeprecatedMassAssignmentSecurity # :nodoc:
|
3
|
-
extend ActiveSupport::Concern
|
4
|
-
|
5
|
-
module ClassMethods # :nodoc:
|
6
|
-
def attr_protected(*args)
|
7
|
-
raise "`attr_protected` is extracted out of Rails into a gem. " \
|
8
|
-
"Please use new recommended protection model for params" \
|
9
|
-
"(strong_parameters) or add `protected_attributes` to your " \
|
10
|
-
"Gemfile to use old one."
|
11
|
-
end
|
12
|
-
|
13
|
-
def attr_accessible(*args)
|
14
|
-
raise "`attr_accessible` is extracted out of Rails into a gem. " \
|
15
|
-
"Please use new recommended protection model for params" \
|
16
|
-
"(strong_parameters) or add `protected_attributes` to your " \
|
17
|
-
"Gemfile to use old one."
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|