ardm-rails 1.3.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2933e49f63b73ee07f74e9ff9a0dcb1694061d4d
4
- data.tar.gz: 0585a03a45a67aa3d91a07dd10c3f78347e5c9aa
3
+ metadata.gz: 1ab5215b9fd21d7a6f1fd98851112a1bdbdd01fe
4
+ data.tar.gz: 73cf4db29e9fd2b938fb514d04c8026ff5954165
5
5
  SHA512:
6
- metadata.gz: 587d9b29fdcde870d34e5fb8a19f10f5b12d4891f858eb5b8cd7f350fc503eab2df584d9f1363e252e310c326360c5390eb4a19f8eef506508795b4ee22182b3
7
- data.tar.gz: f34b82f1552aa789167e7d5acd6ed6bdfeb082f5cd0bd17860c070ca6c05ea2dbd047efe8251c49c0e981355401a98506d2752c6165d4403662504ad481c0347
6
+ metadata.gz: 1919cc87c17b6f0552142e4d65dbd80ec53cde582d1c752979133d28c22ae23dec35ba31dac256dbfa39a861c4ab33718ed0483113a098b069aab48007e533d2
7
+ data.tar.gz: 8695b359d9ddbad6bdc96965ed268e257c8e09bf4e93d20ff54e6e3a59a85c3e85f2ca44f92f44f32fa3fdf1bc89b26fda57166de2f934793de47f8f58583fce
data/Gemfile CHANGED
@@ -7,9 +7,9 @@ gemspec
7
7
  SOURCE = ENV.fetch('SOURCE', :git).to_sym
8
8
  REPO_POSTFIX = SOURCE == :path ? '' : '.git'
9
9
  DATAMAPPER = SOURCE == :path ? Pathname(__FILE__).dirname.parent : 'http://github.com/ar-dm'
10
- DM_VERSION = '~> 1.2.0'
10
+ DM_VERSION = '~> 1.2'
11
11
  DO_VERSION = '~> 0.10.12'
12
- RAILS_VERSION = [ '>= 3.0', '< 5.0' ]
12
+ RAILS_VERSION = '~> 4.0'
13
13
  DM_DO_ADAPTERS = %w[ sqlite postgres mysql oracle sqlserver ]
14
14
  CURRENT_BRANCH = ENV.fetch('GIT_BRANCH', 'master')
15
15
 
@@ -20,7 +20,10 @@ gem 'ardm-active_model', DM_VERSION, SOURCE => "#{DATAMAPPER}/ardm-active_model#
20
20
  # Rails dependencies
21
21
  gem 'actionpack', RAILS_VERSION, :require => 'action_pack'
22
22
  gem 'railties', RAILS_VERSION, :require => 'rails'
23
- gem 'protected_attributes'
23
+
24
+ group :protected_attributes do
25
+ gem 'protected_attributes'
26
+ end
24
27
 
25
28
  group :datamapper do
26
29
  adapters = ENV['ADAPTER'] || ENV['ADAPTERS']
@@ -18,9 +18,9 @@ Gem::Specification.new do |gem|
18
18
  gem.require_paths = ["lib"]
19
19
 
20
20
  gem.add_runtime_dependency 'ardm-core', '~> 1.2'
21
- gem.add_runtime_dependency 'ardm-active_model', '~> 1.2'
22
- gem.add_runtime_dependency 'actionpack', '>= 3.0', '< 5.0'
23
- gem.add_runtime_dependency 'railties', '>= 3.0', '< 5.0'
21
+ gem.add_runtime_dependency 'ardm-active_model', '~> 1.3'
22
+ gem.add_runtime_dependency 'actionpack', '~> 4.0'
23
+ gem.add_runtime_dependency 'railties', '~> 4.0'
24
24
 
25
25
  gem.add_development_dependency 'rake', '~> 0.9'
26
26
  gem.add_development_dependency 'rspec', '~> 1.3'
@@ -3,25 +3,50 @@ require 'active_support/core_ext/class/attribute'
3
3
  require 'active_support/concern'
4
4
  require 'active_model'
5
5
 
6
- if defined?(::ActiveModel::MassAssignmentSecurity)
6
+ begin
7
+ require 'protected_attributes'
8
+ rescue LoadError
9
+ module DataMapper
10
+ # In rails ~> 4.0, protected_attributes must be required to use this feature.
11
+ # By requiring it here, we avoid gem load order problems that would cause
12
+ # the module to not exist if protected attributes was loaded after dm-rails.
13
+ #
14
+ # Also this dummy module is inserted to avoid throwing a useless error when the
15
+ # module would otherwise not exist. This is less mysterious than some part of
16
+ # the DataMapper code just going missing because you didn't add
17
+ # protected_attributes to your Gemfile.
18
+ module MassAssignmentSecurity
19
+ extend ::ActiveSupport::Concern
20
+
21
+ included do
22
+ raise "Add 'protected_attributes' to your Gemfile to use DataMapper::MassAssignmentSecurity"
23
+ end
24
+ end
25
+ end
26
+ else
7
27
  module ActiveModel
8
28
  module MassAssignmentSecurity
9
- # Provides a patched version of the Sanitizer used in Rails to handle property
10
- # and relationship objects as keys. There is no way to inject a custom sanitizer
11
- # without reimplementing the permission sets.
29
+ # Provides a patched version of the Sanitizer used in protected_attributes to
30
+ # handle property and relationship objects as keys. There is no way to inject
31
+ # a custom sanitizer without reimplementing the permission sets.
12
32
  Sanitizer.send(Sanitizer.is_a?(Module) ? :module_eval : :class_eval) do
13
33
  # Returns all attributes not denied by the authorizer.
14
34
  #
35
+ # @param [Class] klass
36
+ # Model class
15
37
  # @param [Hash{Symbol,String,::DataMapper::Property,::DataMapper::Relationship=>Object}] attributes
16
38
  # Names and values of attributes to sanitize.
39
+ # @param [#deny?] authorizer
40
+ # Usually a ActiveModel::MassAssignmentSecurity::PermissionSet responding to deny?
17
41
  # @return [Hash]
18
42
  # Sanitized hash of attributes.
19
- def sanitize(attributes, authorizer = nil)
43
+ def sanitize(klass, attributes, authorizer)
44
+ rejected = []
20
45
  sanitized_attributes = attributes.reject do |key, value|
21
46
  key_name = key.name rescue key
22
- authorizer ? authorizer.deny?(key_name) : deny?(key_name)
47
+ rejected << key_name if authorizer.deny?(key_name)
23
48
  end
24
- debug_protected_attribute_removal(attributes, sanitized_attributes)
49
+ process_removed_attributes(klass, rejected) unless rejected.empty?
25
50
  sanitized_attributes
26
51
  end
27
52
  end
@@ -110,7 +110,7 @@ module Rails
110
110
  next
111
111
  end
112
112
 
113
- klass = properties[name].dump_class
113
+ klass = properties[name].primitive
114
114
  begin
115
115
  attributes[name] =
116
116
  if klass == Time
@@ -1,5 +1,5 @@
1
1
  module DataMapper
2
2
  module Rails
3
- VERSION = '1.3.0'
3
+ VERSION = '1.3.1'
4
4
  end
5
5
  end
@@ -3,6 +3,7 @@ require 'dm-core/spec/setup'
3
3
  require 'dm-core/spec/lib/adapter_helpers'
4
4
  require 'dm-core/spec/lib/spec_helper'
5
5
  require 'dm-core/spec/lib/pending_helpers'
6
+ require 'dm-rails/railtie'
6
7
 
7
8
  DataMapper::Spec.setup
8
9
  DataMapper.finalize
@@ -5,9 +5,10 @@ begin
5
5
  rescue LoadError
6
6
  end
7
7
 
8
- require 'dm-rails/mass_assignment_security'
9
-
10
- if defined?(DataMapper::MassAssignmentSecurity)
8
+ # Unfortunately, the only way to test both branches of this code is to
9
+ # bundle --without protected_attributes
10
+ # and then run the spec again.
11
+ if defined?(ActiveModel::MassAssignmentSecurity)
11
12
  # Because mass-assignment security is based on ActiveModel we just have to
12
13
  # ensure that ActiveModel is called.
13
14
  describe DataMapper::MassAssignmentSecurity do
@@ -48,4 +49,14 @@ if defined?(DataMapper::MassAssignmentSecurity)
48
49
  end
49
50
  end
50
51
  end
52
+ else
53
+ describe DataMapper::MassAssignmentSecurity do
54
+ it "raises if the DataMapper::MassAssignmentSecurity is included" do
55
+ expect {
56
+ class Fake
57
+ include ::DataMapper::MassAssignmentSecurity
58
+ end
59
+ }.to raise_error("Add 'protected_attributes' to your Gemfile to use DataMapper::MassAssignmentSecurity")
60
+ end
61
+ end
51
62
  end
@@ -108,7 +108,7 @@ describe Rails::DataMapper::MultiparameterAttributes do
108
108
  and_return(attributes['composite'])
109
109
 
110
110
  composite_property = mock(::DataMapper::Property)
111
- composite_property.stub!(:dump_class).and_return(::Rails::DataMapper::Models::Composite)
111
+ composite_property.stub!(:primitive).and_return(::Rails::DataMapper::Models::Composite)
112
112
 
113
113
  resource = ::Rails::DataMapper::Models::Fake.new
114
114
  resource.stub!(:properties).and_return('composite' => composite_property)
@@ -127,7 +127,7 @@ describe Rails::DataMapper::MultiparameterAttributes do
127
127
  should_receive(:new).with('a string').and_raise(composite_exception)
128
128
 
129
129
  composite_property = mock(::DataMapper::Property)
130
- composite_property.stub!(:dump_class).and_return(::Rails::DataMapper::Models::Composite)
130
+ composite_property.stub!(:primitive).and_return(::Rails::DataMapper::Models::Composite)
131
131
 
132
132
  resource = ::Rails::DataMapper::Models::Fake.new
133
133
  resource.stub!(:properties).and_return('composite' => composite_property)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ardm-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Martin Emde
@@ -32,54 +32,42 @@ dependencies:
32
32
  requirements:
33
33
  - - "~>"
34
34
  - !ruby/object:Gem::Version
35
- version: '1.2'
35
+ version: '1.3'
36
36
  type: :runtime
37
37
  prerelease: false
38
38
  version_requirements: !ruby/object:Gem::Requirement
39
39
  requirements:
40
40
  - - "~>"
41
41
  - !ruby/object:Gem::Version
42
- version: '1.2'
42
+ version: '1.3'
43
43
  - !ruby/object:Gem::Dependency
44
44
  name: actionpack
45
45
  requirement: !ruby/object:Gem::Requirement
46
46
  requirements:
47
- - - ">="
48
- - !ruby/object:Gem::Version
49
- version: '3.0'
50
- - - "<"
47
+ - - "~>"
51
48
  - !ruby/object:Gem::Version
52
- version: '5.0'
49
+ version: '4.0'
53
50
  type: :runtime
54
51
  prerelease: false
55
52
  version_requirements: !ruby/object:Gem::Requirement
56
53
  requirements:
57
- - - ">="
58
- - !ruby/object:Gem::Version
59
- version: '3.0'
60
- - - "<"
54
+ - - "~>"
61
55
  - !ruby/object:Gem::Version
62
- version: '5.0'
56
+ version: '4.0'
63
57
  - !ruby/object:Gem::Dependency
64
58
  name: railties
65
59
  requirement: !ruby/object:Gem::Requirement
66
60
  requirements:
67
- - - ">="
68
- - !ruby/object:Gem::Version
69
- version: '3.0'
70
- - - "<"
61
+ - - "~>"
71
62
  - !ruby/object:Gem::Version
72
- version: '5.0'
63
+ version: '4.0'
73
64
  type: :runtime
74
65
  prerelease: false
75
66
  version_requirements: !ruby/object:Gem::Requirement
76
67
  requirements:
77
- - - ">="
78
- - !ruby/object:Gem::Version
79
- version: '3.0'
80
- - - "<"
68
+ - - "~>"
81
69
  - !ruby/object:Gem::Version
82
- version: '5.0'
70
+ version: '4.0'
83
71
  - !ruby/object:Gem::Dependency
84
72
  name: rake
85
73
  requirement: !ruby/object:Gem::Requirement