do_not_want 0.0.1

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+# donotwant Changelog
+
+### 0.0.1 / 2011-08-19
+
+* Project Created

data/Manifest.txt

@@ -0,0 +1,8 @@
+CHANGELOG.md
+Manifest.txt
+README.md
+Rakefile
+lib/do_not_want.rb
+spec/do_not_want_spec.rb
+spec/gems/fake_gem.rb
+spec/rails_integration_spec.rb

data/README.md

@@ -0,0 +1,47 @@
+# Do Not Want
+
+* http://github.com/garybernhardt/do_not_want
+
+## DESCRIPTION:
+
+Several methods in ActiveRecord skip validations, callbacks, or both. In my extremely humble but also extremely correct opinion, it's too easy to accidentally use these.
+
+Do Not Want kills those methods dead so you won't cut yourself on them:
+
+    >> User.new.update_attribute(:foo, 5)
+    DoNotWant::NotSafe: User#update_attribute isn't safe because it skips validation
+
+## Why Do It Do It?
+
+In my experience, even experienced Rails developers don't know which ActiveRecord methods skip validations and callbacks. Quick: which of `decrement`, `decrement!`, and `decrement_counter` skip which? (Hint: they're all different.)
+
+## How Do It Do It?
+
+It `define_method`s them away.
+
+But! Calls to the unsafe methods are allowed from within gems. This keeps Rails from breaking, and allows third-party code to do as it pleases while keeping your app as jank-free as possible.
+
+The disabled instance methods are:
+
+    decrement
+    decrement!
+    increment
+    ncrement!
+    toggle
+    toggle!
+    update_attribute
+
+The disabled class methods are:
+
+    decrement_counter
+    delete
+    delete_all
+    find_by_sql
+    increment_counter
+    update_all
+    update_counters
+
+The particular transgressions that these methods make are documented in the source.
+
+The Rails [ActiveRecord guide](http://guides.rubyonrails.org/active_record_validations_callbacks.html#skipping-validations) contains lists about methods that skip validation and callbacks. That's where this list came from.
+

data/Rakefile

@@ -0,0 +1,22 @@
+require 'rubygems'
+require 'hoe'
+
+Hoe.plugin :git, :doofus, :seattlerb
+
+Hoe.spec 'do_not_want' do
+  developer 'Gary Bernhardt', 'gary.bernhardt@gmail.com'
+
+  ### Use markdown for changelog and readme
+  self.history_file = 'CHANGELOG.md'
+  self.readme_file  = 'README.md'
+
+  ### Test with rspec
+  self.extra_dev_deps << [ 'rspec', '>= 2.1.0' ]
+  self.testlib = :rspec
+
+  ### build zip files too
+  self.need_zip = true
+end
+
+# add pointer so gem test works. bleh.
+task :test => [:spec]

data/lib/do_not_want.rb

@@ -0,0 +1,80 @@
+module DoNotWant
+  VERSION = "0.0.1"
+
+  # Bad methods and their reasons
+
+  BAD_INSTANCE_METHODS = {
+    :decrement => ["callbacks"],
+    :decrement! => ["validation"],
+    :increment => ["callbacks"],
+    :increment! => ["validation"],
+    :toggle => ["callbacks"],
+    :toggle! => ["validation"],
+    :update_attribute => ["validation"],
+  }
+  BAD_INSTANCE_METHOD_NAMES = BAD_INSTANCE_METHODS.keys
+
+  BAD_CLASS_METHODS = {
+    :decrement_counter => ["validation", "callbacks"],
+    :delete => ["callbacks"],
+    :delete_all => ["callbacks"],
+    :find_by_sql => ["callbacks"],
+    :increment_counter => ["validation", "callbacks"],
+    :update_all => ["validation", "callbacks"],
+    :update_counters => ["validation", "callbacks"],
+  }
+  BAD_CLASS_METHOD_NAMES = BAD_CLASS_METHODS.keys
+
+  class NotSafe < Exception
+    def initialize(called_object, called_method, reason)
+      class_name = called_object.class.name
+      method_name = called_method.to_s
+
+      method_description = if called_object.is_a?(Class)
+                             "#{called_object.name}.#{method_name}"
+                           else
+                             "#{class_name}##{method_name}"
+                           end
+
+      super "#{method_description} isn't safe because %s" % [
+        reason
+      ]
+    end
+  end
+
+  def self.should_validate_for_caller(caller)
+    /\/gems\//.match(caller[0])
+  end
+end
+
+class Object
+  def self.do_not_want!(method_name, reason)
+    original_method_name = ('do_not_want_original_' + method_name.to_s).to_sym
+    self.send :alias_method, original_method_name, method_name
+
+    self.send :define_method, method_name do |*args|
+      original_method_name = ('do_not_want_original_' + method_name.to_s).to_sym
+      use_real_method = DoNotWant.should_validate_for_caller(caller)
+      if use_real_method
+        return self.send original_method_name, *args
+      end
+      raise DoNotWant::NotSafe.new(self, method_name, reason)
+    end
+  end
+end
+
+module ActiveRecord
+  class Base
+
+    DoNotWant::BAD_INSTANCE_METHODS.each do |method_name, reasons|
+      do_not_want!(method_name, "it skips #{reasons.join(' and ')}")
+    end
+
+    class << self
+      DoNotWant::BAD_CLASS_METHODS.each do |method_name, reasons|
+        do_not_want!(method_name, "it skips #{reasons.join(' and ')}")
+      end
+    end
+  end
+end
+

data/spec/do_not_want_spec.rb

@@ -0,0 +1,46 @@
+require 'active_record'
+require 'do_not_want'
+require 'gems/fake_gem'
+
+class Walrus
+  def be_killed_by!(killer, reason)
+    die!
+    "killed by #{killer} because #{reason}"
+  end
+
+  def die!
+  end
+
+  do_not_want! :be_killed_by!, 'because dying sucks'
+end
+
+describe 'do not want' do
+  let(:walrus) { Walrus.new }
+
+  context "method calls" do
+    it "raises an error for unwanted method calls" do
+      walrus.should_not_receive(:die!)
+      expect do
+        walrus.be_killed_by!
+      end.to raise_error(DoNotWant::NotSafe)
+    end
+
+    it "lets other methods through" do
+      walrus.class.should == Walrus
+    end
+  end
+
+  context "caller filtering" do
+    it "ignores calls from gems" do
+      walrus.should_receive(:die!)
+      expect do
+        kill_walrus_from_gem(walrus)
+      end.not_to raise_error
+    end
+
+    it "passes arguments" do
+      kill_walrus_from_gem(walrus).should == 'killed by kitty because kitty is angry'
+    end
+  end
+end
+

data/spec/gems/fake_gem.rb

@@ -0,0 +1,4 @@
+def kill_walrus_from_gem(walrus)
+  walrus.be_killed_by!('kitty', 'kitty is angry')
+end
+

data/spec/rails_integration_spec.rb

@@ -0,0 +1,53 @@
+require 'active_record'
+require 'do_not_want'
+
+class Cheese < ActiveRecord::Base
+end
+
+describe 'rails integration' do
+  before do
+    ActiveRecord::Base.establish_connection(
+      :adapter => "sqlite3",
+      :database => ":memory:")
+
+    ActiveRecord::Base.connection.create_table(:cheeses) do |t|
+      t.string :name
+    end
+  end
+
+  let(:cheese) { Cheese.create! }
+  it 'rejects unsafe instance methods' do
+    DoNotWant::BAD_INSTANCE_METHOD_NAMES.each do |method_name|
+      expect do
+        cheese.send method_name
+      end.to raise_error DoNotWant::NotSafe
+    end
+  end
+
+  it 'allows safe instance methods' do
+    cheese.reload.should == cheese
+  end
+
+  it 'rejects unsafe class methods' do
+    DoNotWant::BAD_CLASS_METHOD_NAMES.each do |method_name|
+      expect { Cheese.send method_name }.to raise_error DoNotWant::NotSafe
+    end
+  end
+
+  it 'allows safe class methods' do
+    Cheese.columns.count.should == 2
+  end
+
+  it 'gives reasons' do
+    expect { cheese.decrement }.to raise_error(
+      DoNotWant::NotSafe,
+      "Cheese#decrement isn't safe because it skips callbacks")
+    expect { cheese.decrement! }.to raise_error(
+      DoNotWant::NotSafe,
+      "Cheese#decrement! isn't safe because it skips validation")
+    expect { Cheese.update_all }.to raise_error(
+      DoNotWant::NotSafe,
+      "Cheese.update_all isn't safe because it skips validation and callbacks")
+  end
+end
+

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification 
+name: do_not_want
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Gary Bernhardt
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-08-20 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 11
+        segments: 
+        - 2
+        - 1
+        - 0
+        version: 2.1.0
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 27
+        segments: 
+        - 2
+        - 12
+        version: "2.12"
+  type: :development
+  version_requirements: *id002
+description: |-
+  Several methods in ActiveRecord skip validations, callbacks, or both. In my extremely humble but also extremely correct opinion, it's too easy to accidentally use these.
+  
+  Do Not Want kills those methods dead so you won't cut yourself on them:
+  
+      >> User.new.update_attribute(:foo, 5)
+      DoNotWant::NotSafe: User#update_attribute isn't safe because it skips validation
+email: 
+- gary.bernhardt@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- Manifest.txt
+files: 
+- CHANGELOG.md
+- Manifest.txt
+- README.md
+- Rakefile
+- lib/do_not_want.rb
+- spec/do_not_want_spec.rb
+- spec/gems/fake_gem.rb
+- spec/rails_integration_spec.rb
+- .gemtest
+homepage: http://github.com/garybernhardt/do_not_want
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --main
+- README.md
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: do_not_want
+rubygems_version: 1.8.8
+signing_key: 
+specification_version: 3
+summary: Several methods in ActiveRecord skip validations, callbacks, or both
+test_files: []
+