merb_param_protection 0.9.3 → 0.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. data/Rakefile +61 -36
  2. data/lib/merb_param_protection.rb +33 -24
  3. metadata +8 -9
  4. data/TODO +0 -4
data/Rakefile CHANGED
@@ -1,62 +1,87 @@
1
1
  require 'rubygems'
2
+ require 'rubygems/specification'
2
3
  require 'rake/gempackagetask'
3
- require 'spec/rake/spectask'
4
+ require "extlib"
5
+ require 'merb-core/tasks/merb_rake_helper'
6
+ require "spec/rake/spectask"
4
7
 
5
- PLUGIN = "merb_param_protection"
6
- NAME = "merb_param_protection"
7
- VERSION = "0.9.3"
8
- AUTHOR = "Lance Carlson"
9
- EMAIL = "lancecarlson@gmail.com"
10
- HOMEPAGE = "http://merb.devjavu.com"
11
- SUMMARY = "Merb plugin that provides params_accessible and params_protected class methods"
8
+ ##############################################################################
9
+ # Package && release
10
+ ##############################################################################
11
+ RUBY_FORGE_PROJECT = "merb"
12
+ PROJECT_URL = "http://merbivore.com"
13
+ PROJECT_SUMMARY = "Merb plugin that provides params_accessible and params_protected class methods"
14
+ PROJECT_DESCRIPTION = PROJECT_SUMMARY
15
+
16
+ GEM_AUTHOR = "Lance Carlson"
17
+ GEM_EMAIL = "lancecarlson@gmail.com"
18
+
19
+ GEM_NAME = "merb_param_protection"
20
+ PKG_BUILD = ENV['PKG_BUILD'] ? '.' + ENV['PKG_BUILD'] : ''
21
+ GEM_VERSION = (Merb::MORE_VERSION rescue "0.9.4") + PKG_BUILD
22
+
23
+ RELEASE_NAME = "REL #{GEM_VERSION}"
24
+
25
+ require "extlib/tasks/release"
12
26
 
13
27
  spec = Gem::Specification.new do |s|
14
- s.name = NAME
15
- s.version = VERSION
28
+ s.rubyforge_project = RUBY_FORGE_PROJECT
29
+ s.name = GEM_NAME
30
+ s.version = GEM_VERSION
16
31
  s.platform = Gem::Platform::RUBY
17
32
  s.has_rdoc = true
18
- s.extra_rdoc_files = ["README", "LICENSE", 'TODO']
19
- s.summary = SUMMARY
20
- s.description = s.summary
21
- s.author = AUTHOR
22
- s.email = EMAIL
23
- #s.homepage = HOMEPAGE
24
- s.add_dependency('merb-core', '>= 0.9.3')
33
+ s.extra_rdoc_files = ["README", "LICENSE"]
34
+ s.summary = PROJECT_SUMMARY
35
+ s.description = PROJECT_DESCRIPTION
36
+ s.author = GEM_AUTHOR
37
+ s.email = GEM_EMAIL
38
+ s.homepage = PROJECT_URL
39
+ s.add_dependency('merb-core', '>= 0.9.4')
25
40
  s.require_path = 'lib'
26
- s.autorequire = PLUGIN
27
- s.files = %w(LICENSE README Rakefile TODO) + Dir.glob("{lib,specs}/**/*")
41
+ s.files = %w(LICENSE README Rakefile) + Dir.glob("{lib,specs}/**/*")
28
42
  end
29
43
 
30
- windows = (PLATFORM =~ /win32|cygwin/) rescue nil
31
-
32
- SUDO = windows ? "" : "sudo"
33
-
34
44
  Rake::GemPackageTask.new(spec) do |pkg|
35
45
  pkg.gem_spec = spec
36
46
  end
37
47
 
38
- desc "install merb_param_protection"
48
+ desc "create a gemspec file"
49
+ task :make_spec do
50
+ File.open("#{NAME}.gemspec", "w") do |file|
51
+ file.puts spec.to_ruby
52
+ end
53
+ end
54
+
55
+ ##############################################################################
56
+ # Installation
57
+ ##############################################################################
58
+
59
+ desc "Install the gem"
39
60
  task :install => [:package] do
40
- sh %{#{SUDO} gem install pkg/#{NAME}-#{VERSION} --no-rdoc --no-ri --no-update-sources}
61
+ sh %{#{sudo} gem install #{install_home} pkg/#{GEM_NAME}-#{GEM_VERSION} --no-update-sources}
41
62
  end
42
63
 
43
- desc 'Release the current version on rubyforge'
44
- task :release => :package do
45
- sh %{rubyforge add_release merb #{PLUGIN} #{VERSION} pkg/#{NAME}-#{VERSION}.gem}
64
+ namespace :jruby do
65
+ "Run :package and install the resulting .gem with jruby"
66
+ task :install => :package do
67
+ sh %{#{sudo} jruby -S gem install #{install_home} pkg/#{GEM_NAME}-#{GEM_VERSION}.gem --no-rdoc --no-ri}
68
+ end
46
69
  end
47
70
 
71
+ ##############################################################################
72
+ # Specs
73
+ ##############################################################################
48
74
  desc "Run all specs"
49
- Spec::Rake::SpecTask.new('specs') do |t|
75
+ Spec::Rake::SpecTask.new("specs") do |t|
50
76
  t.spec_opts = ["--format", "specdoc", "--colour"]
51
- t.spec_files = Dir['spec/**/*_spec.rb'].sort
77
+ t.spec_files = Dir["spec/**/*_spec.rb"].sort
52
78
  end
53
79
 
54
- desc "RCov"
55
- Spec::Rake::SpecTask.new("rcov") do |t|
56
- t.rcov_opts = ["--exclude", "gems", "--exclude", "spec"]
80
+ desc "Run all specs and generate an rcov report"
81
+ Spec::Rake::SpecTask.new('rcov') do |t|
82
+ t.spec_files = FileList['spec/**/*_spec.rb']
57
83
  t.spec_opts = ["--format", "specdoc", "--colour"]
58
- t.rcov_opts = ["--exclude","gems", "--exclude", "spec"]
59
- t.spec_files = Dir["spec/**/*_spec.rb"].sort
60
- t.libs = ["lib", "server/lib" ]
61
84
  t.rcov = true
85
+ t.rcov_dir = 'coverage'
86
+ t.rcov_opts = ['--exclude', 'gems', '--exclude', 'spec']
62
87
  end
data/lib/merb_param_protection.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # This plugin exposes two new controller methods which allow us to simply and flexibly filter the parameters available within the controller.
2
2
 
3
3
  # Setup:
4
- # The request sets:
4
+ # The request sets:
5
5
  # params => { :post => { :title => "ello", :body => "Want it", :status => "green", :author_id => 3, :rank => 4 } }
6
6
  #
7
7
  # Example 1: params_accessable
@@ -28,9 +28,9 @@ if defined?(Merb::Plugins)
28
28
  #Merb::Plugins.config[:merb_param_protection] = {
29
29
  #:chickens => false
30
30
  #}
31
-
31
+
32
32
  #Merb::Plugins.add_rakefiles "merb_param_protection/merbtasks"
33
-
33
+
34
34
  module Merb
35
35
  module ParamsFilter
36
36
  module ControllerMixin
@@ -40,23 +40,23 @@ if defined?(Merb::Plugins)
40
40
  base.send(:class_inheritable_accessor, :accessible_params_args)
41
41
  base.send(:class_inheritable_accessor, :protected_params_args)
42
42
  base.send(:class_inheritable_accessor, :log_params_args)
43
-
43
+
44
44
  base.send(:before, :initialize_params_filter)
45
45
  end
46
46
 
47
47
  module ClassMethods
48
48
  # Ensures these parameters are sent for the object
49
- #
49
+ #
50
50
  # params_accessible :post => [:title, :body]
51
- #
51
+ #
52
52
  def params_accessible(args = {})
53
53
  assign_filtered_params(:accessible_params_args, args)
54
54
  end
55
55
 
56
56
  # Protects parameters of an object
57
- #
57
+ #
58
58
  # params_protected :post => [:status, :author_id]
59
- #
59
+ #
60
60
  def params_protected(args = {})
61
61
  assign_filtered_params(:protected_params_args, args)
62
62
  end
@@ -66,26 +66,26 @@ if defined?(Merb::Plugins)
66
66
  # show up as [FILTERED] in the merb logs.
67
67
  #
68
68
  # log_params_filtered :password, 'token'
69
- #
69
+ #
70
70
  def log_params_filtered(*args)
71
71
  self.log_params_args = args.collect { |arg| arg.to_sym }
72
72
  end
73
-
73
+
74
74
  private
75
-
75
+
76
76
  def assign_filtered_params(method, args)
77
77
  validate_filtered_params(method, args)
78
-
78
+
79
79
  # If the method is nil, set to initial hash, otherwise merge
80
80
  self.send(method).nil? ? self.send(method.to_s + '=', args) : self.send(method).merge!(args)
81
81
  end
82
-
82
+
83
83
  def validate_filtered_params(method, args)
84
84
  # Reversing methods
85
85
  params_methods = [:accessible_params_args, :protected_params_args]
86
86
  params_methods.delete(method)
87
87
  params_method = params_methods.first
88
-
88
+
89
89
  # Make sure the opposite method is not nil
90
90
  unless self.send(params_method).nil?
91
91
  # Loop through arg's keys
@@ -101,7 +101,7 @@ if defined?(Merb::Plugins)
101
101
  end
102
102
  end
103
103
  end
104
-
104
+
105
105
  module InstanceMethods
106
106
  def initialize_params_filter
107
107
  if accessible_params_args.is_a?(Hash)
@@ -109,7 +109,7 @@ if defined?(Merb::Plugins)
109
109
  self.request.restrict_params(obj, accessible_params_args[obj])
110
110
  end
111
111
  end
112
-
112
+
113
113
  if protected_params_args.is_a?(Hash)
114
114
  protected_params_args.keys.each do |obj|
115
115
  self.request.remove_params_from_object(obj, protected_params_args[obj])
@@ -117,16 +117,16 @@ if defined?(Merb::Plugins)
117
117
  end
118
118
  end
119
119
  end
120
-
120
+
121
121
  end
122
122
 
123
123
  module RequestMixin
124
124
  attr_accessor :trashed_params
125
125
 
126
126
  # Removes specified parameters of an object
127
- #
127
+ #
128
128
  # remove_params_from_object(:post, [:status, :author_id])
129
- #
129
+ #
130
130
  def remove_params_from_object(obj, attrs = [])
131
131
  unless params[obj].nil?
132
132
  filtered = params
@@ -138,22 +138,31 @@ if defined?(Merb::Plugins)
138
138
  # Restricts parameters of an object
139
139
  #
140
140
  # restrict_params(:post, [:title, :body])
141
- #
141
+ #
142
142
  def restrict_params(obj, attrs = [])
143
143
  # Make sure the params for the object exists
144
144
  unless params[obj].nil?
145
145
  attrs = attrs.collect {|a| a.to_s}
146
- @trashed_params = params[obj].keys - attrs
147
- remove_params_from_object(obj, trashed_params)
146
+ trashed_params_keys = params[obj].keys - attrs
147
+
148
+ # Store a hash of the key/value pairs we are going
149
+ # to remove in case we need them later. Lighthouse Bug # 105
150
+ @trashed_params = {}
151
+ trashed_params_keys.each do |key|
152
+ @trashed_params.merge!({key => params[obj][key]})
153
+ end
154
+
155
+ remove_params_from_object(obj, trashed_params_keys)
148
156
  end
149
157
  end
158
+
150
159
  end
151
160
  end
152
161
  end
153
-
162
+
154
163
  Merb::Controller.send(:include, Merb::ParamsFilter::ControllerMixin)
155
164
  Merb::Request.send(:include, Merb::ParamsFilter::RequestMixin)
156
-
165
+
157
166
  class Merb::Controller
158
167
  def self._filter_params(params)
159
168
  return params if self.log_params_args.nil?
metadata CHANGED
@@ -1,25 +1,26 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: merb_param_protection
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.3
4
+ version: 0.9.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lance Carlson
8
- autorequire: merb_param_protection
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-05-04 00:00:00 -05:00
12
+ date: 2008-08-03 00:00:00 +03:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: merb-core
17
+ type: :runtime
17
18
  version_requirement:
18
19
  version_requirements: !ruby/object:Gem::Requirement
19
20
  requirements:
20
21
  - - ">="
21
22
  - !ruby/object:Gem::Version
22
- version: 0.9.3
23
+ version: 0.9.4
23
24
  version:
24
25
  description: Merb plugin that provides params_accessible and params_protected class methods
25
26
  email: lancecarlson@gmail.com
@@ -30,17 +31,15 @@ extensions: []
30
31
  extra_rdoc_files:
31
32
  - README
32
33
  - LICENSE
33
- - TODO
34
34
  files:
35
35
  - LICENSE
36
36
  - README
37
37
  - Rakefile
38
- - TODO
39
38
  - lib/merb_param_protection
40
39
  - lib/merb_param_protection/merbtasks.rb
41
40
  - lib/merb_param_protection.rb
42
41
  has_rdoc: true
43
- homepage:
42
+ homepage: http://merbivore.com
44
43
  post_install_message:
45
44
  rdoc_options: []
46
45
 
@@ -60,8 +59,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
60
59
  version:
61
60
  requirements: []
62
61
 
63
- rubyforge_project:
64
- rubygems_version: 1.0.1
62
+ rubyforge_project: merb
63
+ rubygems_version: 1.2.0
65
64
  signing_key:
66
65
  specification_version: 2
67
66
  summary: Merb plugin that provides params_accessible and params_protected class methods
data/TODO DELETED
@@ -1,4 +0,0 @@
1
- TODO:
2
- DRY up the code
3
- Finish spec'ing
4
- Allow specification of any parameter?