merb_param_protection 0.9.3 → 0.9.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/Rakefile +61 -36
  2. data/lib/merb_param_protection.rb +33 -24
  3. metadata +8 -9
  4. data/TODO +0 -4
data/Rakefile CHANGED
@@ -1,62 +1,87 @@
1
1
  require 'rubygems'
2
+ require 'rubygems/specification'
2
3
  require 'rake/gempackagetask'
3
- require 'spec/rake/spectask'
4
+ require "extlib"
5
+ require 'merb-core/tasks/merb_rake_helper'
6
+ require "spec/rake/spectask"
4
7
 
5
- PLUGIN = "merb_param_protection"
6
- NAME = "merb_param_protection"
7
- VERSION = "0.9.3"
8
- AUTHOR = "Lance Carlson"
9
- EMAIL = "lancecarlson@gmail.com"
10
- HOMEPAGE = "http://merb.devjavu.com"
11
- SUMMARY = "Merb plugin that provides params_accessible and params_protected class methods"
8
+ ##############################################################################
9
+ # Package && release
10
+ ##############################################################################
11
+ RUBY_FORGE_PROJECT = "merb"
12
+ PROJECT_URL = "http://merbivore.com"
13
+ PROJECT_SUMMARY = "Merb plugin that provides params_accessible and params_protected class methods"
14
+ PROJECT_DESCRIPTION = PROJECT_SUMMARY
15
+
16
+ GEM_AUTHOR = "Lance Carlson"
17
+ GEM_EMAIL = "lancecarlson@gmail.com"
18
+
19
+ GEM_NAME = "merb_param_protection"
20
+ PKG_BUILD = ENV['PKG_BUILD'] ? '.' + ENV['PKG_BUILD'] : ''
21
+ GEM_VERSION = (Merb::MORE_VERSION rescue "0.9.4") + PKG_BUILD
22
+
23
+ RELEASE_NAME = "REL #{GEM_VERSION}"
24
+
25
+ require "extlib/tasks/release"
12
26
 
13
27
  spec = Gem::Specification.new do |s|
14
- s.name = NAME
15
- s.version = VERSION
28
+ s.rubyforge_project = RUBY_FORGE_PROJECT
29
+ s.name = GEM_NAME
30
+ s.version = GEM_VERSION
16
31
  s.platform = Gem::Platform::RUBY
17
32
  s.has_rdoc = true
18
- s.extra_rdoc_files = ["README", "LICENSE", 'TODO']
19
- s.summary = SUMMARY
20
- s.description = s.summary
21
- s.author = AUTHOR
22
- s.email = EMAIL
23
- #s.homepage = HOMEPAGE
24
- s.add_dependency('merb-core', '>= 0.9.3')
33
+ s.extra_rdoc_files = ["README", "LICENSE"]
34
+ s.summary = PROJECT_SUMMARY
35
+ s.description = PROJECT_DESCRIPTION
36
+ s.author = GEM_AUTHOR
37
+ s.email = GEM_EMAIL
38
+ s.homepage = PROJECT_URL
39
+ s.add_dependency('merb-core', '>= 0.9.4')
25
40
  s.require_path = 'lib'
26
- s.autorequire = PLUGIN
27
- s.files = %w(LICENSE README Rakefile TODO) + Dir.glob("{lib,specs}/**/*")
41
+ s.files = %w(LICENSE README Rakefile) + Dir.glob("{lib,specs}/**/*")
28
42
  end
29
43
 
30
- windows = (PLATFORM =~ /win32|cygwin/) rescue nil
31
-
32
- SUDO = windows ? "" : "sudo"
33
-
34
44
  Rake::GemPackageTask.new(spec) do |pkg|
35
45
  pkg.gem_spec = spec
36
46
  end
37
47
 
38
- desc "install merb_param_protection"
48
+ desc "create a gemspec file"
49
+ task :make_spec do
50
+ File.open("#{NAME}.gemspec", "w") do |file|
51
+ file.puts spec.to_ruby
52
+ end
53
+ end
54
+
55
+ ##############################################################################
56
+ # Installation
57
+ ##############################################################################
58
+
59
+ desc "Install the gem"
39
60
  task :install => [:package] do
40
- sh %{#{SUDO} gem install pkg/#{NAME}-#{VERSION} --no-rdoc --no-ri --no-update-sources}
61
+ sh %{#{sudo} gem install #{install_home} pkg/#{GEM_NAME}-#{GEM_VERSION} --no-update-sources}
41
62
  end
42
63
 
43
- desc 'Release the current version on rubyforge'
44
- task :release => :package do
45
- sh %{rubyforge add_release merb #{PLUGIN} #{VERSION} pkg/#{NAME}-#{VERSION}.gem}
64
+ namespace :jruby do
65
+ "Run :package and install the resulting .gem with jruby"
66
+ task :install => :package do
67
+ sh %{#{sudo} jruby -S gem install #{install_home} pkg/#{GEM_NAME}-#{GEM_VERSION}.gem --no-rdoc --no-ri}
68
+ end
46
69
  end
47
70
 
71
+ ##############################################################################
72
+ # Specs
73
+ ##############################################################################
48
74
  desc "Run all specs"
49
- Spec::Rake::SpecTask.new('specs') do |t|
75
+ Spec::Rake::SpecTask.new("specs") do |t|
50
76
  t.spec_opts = ["--format", "specdoc", "--colour"]
51
- t.spec_files = Dir['spec/**/*_spec.rb'].sort
77
+ t.spec_files = Dir["spec/**/*_spec.rb"].sort
52
78
  end
53
79
 
54
- desc "RCov"
55
- Spec::Rake::SpecTask.new("rcov") do |t|
56
- t.rcov_opts = ["--exclude", "gems", "--exclude", "spec"]
80
+ desc "Run all specs and generate an rcov report"
81
+ Spec::Rake::SpecTask.new('rcov') do |t|
82
+ t.spec_files = FileList['spec/**/*_spec.rb']
57
83
  t.spec_opts = ["--format", "specdoc", "--colour"]
58
- t.rcov_opts = ["--exclude","gems", "--exclude", "spec"]
59
- t.spec_files = Dir["spec/**/*_spec.rb"].sort
60
- t.libs = ["lib", "server/lib" ]
61
84
  t.rcov = true
85
+ t.rcov_dir = 'coverage'
86
+ t.rcov_opts = ['--exclude', 'gems', '--exclude', 'spec']
62
87
  end
data/lib/merb_param_protection.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # This plugin exposes two new controller methods which allow us to simply and flexibly filter the parameters available within the controller.
2
2
 
3
3
  # Setup:
4
- # The request sets:
4
+ # The request sets:
5
5
  # params => { :post => { :title => "ello", :body => "Want it", :status => "green", :author_id => 3, :rank => 4 } }
6
6
  #
7
7
  # Example 1: params_accessable
@@ -28,9 +28,9 @@ if defined?(Merb::Plugins)
28
28
  #Merb::Plugins.config[:merb_param_protection] = {
29
29
  #:chickens => false
30
30
  #}
31
-
31
+
32
32
  #Merb::Plugins.add_rakefiles "merb_param_protection/merbtasks"
33
-
33
+
34
34
  module Merb
35
35
  module ParamsFilter
36
36
  module ControllerMixin
@@ -40,23 +40,23 @@ if defined?(Merb::Plugins)
40
40
  base.send(:class_inheritable_accessor, :accessible_params_args)
41
41
  base.send(:class_inheritable_accessor, :protected_params_args)
42
42
  base.send(:class_inheritable_accessor, :log_params_args)
43
-
43
+
44
44
  base.send(:before, :initialize_params_filter)
45
45
  end
46
46
 
47
47
  module ClassMethods
48
48
  # Ensures these parameters are sent for the object
49
- #
49
+ #
50
50
  # params_accessible :post => [:title, :body]
51
- #
51
+ #
52
52
  def params_accessible(args = {})
53
53
  assign_filtered_params(:accessible_params_args, args)
54
54
  end
55
55
 
56
56
  # Protects parameters of an object
57
- #
57
+ #
58
58
  # params_protected :post => [:status, :author_id]
59
- #
59
+ #
60
60
  def params_protected(args = {})
61
61
  assign_filtered_params(:protected_params_args, args)
62
62
  end
@@ -66,26 +66,26 @@ if defined?(Merb::Plugins)
66
66
  # show up as [FILTERED] in the merb logs.
67
67
  #
68
68
  # log_params_filtered :password, 'token'
69
- #
69
+ #
70
70
  def log_params_filtered(*args)
71
71
  self.log_params_args = args.collect { |arg| arg.to_sym }
72
72
  end
73
-
73
+
74
74
  private
75
-
75
+
76
76
  def assign_filtered_params(method, args)
77
77
  validate_filtered_params(method, args)
78
-
78
+
79
79
  # If the method is nil, set to initial hash, otherwise merge
80
80
  self.send(method).nil? ? self.send(method.to_s + '=', args) : self.send(method).merge!(args)
81
81
  end
82
-
82
+
83
83
  def validate_filtered_params(method, args)
84
84
  # Reversing methods
85
85
  params_methods = [:accessible_params_args, :protected_params_args]
86
86
  params_methods.delete(method)
87
87
  params_method = params_methods.first
88
-
88
+
89
89
  # Make sure the opposite method is not nil
90
90
  unless self.send(params_method).nil?
91
91
  # Loop through arg's keys
@@ -101,7 +101,7 @@ if defined?(Merb::Plugins)
101
101
  end
102
102
  end
103
103
  end
104
-
104
+
105
105
  module InstanceMethods
106
106
  def initialize_params_filter
107
107
  if accessible_params_args.is_a?(Hash)
@@ -109,7 +109,7 @@ if defined?(Merb::Plugins)
109
109
  self.request.restrict_params(obj, accessible_params_args[obj])
110
110
  end
111
111
  end
112
-
112
+
113
113
  if protected_params_args.is_a?(Hash)
114
114
  protected_params_args.keys.each do |obj|
115
115
  self.request.remove_params_from_object(obj, protected_params_args[obj])
@@ -117,16 +117,16 @@ if defined?(Merb::Plugins)
117
117
  end
118
118
  end
119
119
  end
120
-
120
+
121
121
  end
122
122
 
123
123
  module RequestMixin
124
124
  attr_accessor :trashed_params
125
125
 
126
126
  # Removes specified parameters of an object
127
- #
127
+ #
128
128
  # remove_params_from_object(:post, [:status, :author_id])
129
- #
129
+ #
130
130
  def remove_params_from_object(obj, attrs = [])
131
131
  unless params[obj].nil?
132
132
  filtered = params
@@ -138,22 +138,31 @@ if defined?(Merb::Plugins)
138
138
  # Restricts parameters of an object
139
139
  #
140
140
  # restrict_params(:post, [:title, :body])
141
- #
141
+ #
142
142
  def restrict_params(obj, attrs = [])
143
143
  # Make sure the params for the object exists
144
144
  unless params[obj].nil?
145
145
  attrs = attrs.collect {|a| a.to_s}
146
- @trashed_params = params[obj].keys - attrs
147
- remove_params_from_object(obj, trashed_params)
146
+ trashed_params_keys = params[obj].keys - attrs
147
+
148
+ # Store a hash of the key/value pairs we are going
149
+ # to remove in case we need them later. Lighthouse Bug # 105
150
+ @trashed_params = {}
151
+ trashed_params_keys.each do |key|
152
+ @trashed_params.merge!({key => params[obj][key]})
153
+ end
154
+
155
+ remove_params_from_object(obj, trashed_params_keys)
148
156
  end
149
157
  end
158
+
150
159
  end
151
160
  end
152
161
  end
153
-
162
+
154
163
  Merb::Controller.send(:include, Merb::ParamsFilter::ControllerMixin)
155
164
  Merb::Request.send(:include, Merb::ParamsFilter::RequestMixin)
156
-
165
+
157
166
  class Merb::Controller
158
167
  def self._filter_params(params)
159
168
  return params if self.log_params_args.nil?
metadata CHANGED
@@ -1,25 +1,26 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: merb_param_protection
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.3
4
+ version: 0.9.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lance Carlson
8
- autorequire: merb_param_protection
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-05-04 00:00:00 -05:00
12
+ date: 2008-08-03 00:00:00 +03:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: merb-core
17
+ type: :runtime
17
18
  version_requirement:
18
19
  version_requirements: !ruby/object:Gem::Requirement
19
20
  requirements:
20
21
  - - ">="
21
22
  - !ruby/object:Gem::Version
22
- version: 0.9.3
23
+ version: 0.9.4
23
24
  version:
24
25
  description: Merb plugin that provides params_accessible and params_protected class methods
25
26
  email: lancecarlson@gmail.com
@@ -30,17 +31,15 @@ extensions: []
30
31
  extra_rdoc_files:
31
32
  - README
32
33
  - LICENSE
33
- - TODO
34
34
  files:
35
35
  - LICENSE
36
36
  - README
37
37
  - Rakefile
38
- - TODO
39
38
  - lib/merb_param_protection
40
39
  - lib/merb_param_protection/merbtasks.rb
41
40
  - lib/merb_param_protection.rb
42
41
  has_rdoc: true
43
- homepage:
42
+ homepage: http://merbivore.com
44
43
  post_install_message:
45
44
  rdoc_options: []
46
45
 
@@ -60,8 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
60
59
  version:
61
60
  requirements: []
62
61
 
63
- rubyforge_project:
64
- rubygems_version: 1.0.1
62
+ rubyforge_project: merb
63
+ rubygems_version: 1.2.0
65
64
  signing_key:
66
65
  specification_version: 2
67
66
  summary: Merb plugin that provides params_accessible and params_protected class methods
data/TODO DELETED
@@ -1,4 +0,0 @@
1
- TODO:
2
- DRY up the code
3
- Finish spec'ing
4
- Allow specification of any parameter?