param_protected 2.0.0 → 3.0.0

data/Gemfile

@@ -0,0 +1,10 @@
+# A sample Gemfile
+source "http://rubygems.org"
+
+group :development do
+  gem "jeweler"
+end
+
+group :test do
+  gem "rails", "~> 3.1.0"
+end

data/Gemfile.lock

@@ -0,0 +1,93 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionmailer (3.1.1)
+      actionpack (= 3.1.1)
+      mail (~> 2.3.0)
+    actionpack (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      i18n (~> 0.6)
+      rack (~> 1.3.2)
+      rack-cache (~> 1.1)
+      rack-mount (~> 0.8.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.0.2)
+    activemodel (3.1.1)
+      activesupport (= 3.1.1)
+      builder (~> 3.0.0)
+      i18n (~> 0.6)
+    activerecord (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+      arel (~> 2.2.1)
+      tzinfo (~> 0.3.29)
+    activeresource (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+    activesupport (3.1.1)
+      multi_json (~> 1.0)
+    arel (2.2.1)
+    builder (3.0.0)
+    erubis (2.7.0)
+    git (1.2.5)
+    hike (1.2.1)
+    i18n (0.6.0)
+    jeweler (1.6.4)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+    json (1.6.1)
+    mail (2.3.0)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.17.2)
+    multi_json (1.0.3)
+    polyglot (0.3.3)
+    rack (1.3.5)
+    rack-cache (1.1)
+      rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-ssl (1.3.2)
+      rack
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rails (3.1.1)
+      actionmailer (= 3.1.1)
+      actionpack (= 3.1.1)
+      activerecord (= 3.1.1)
+      activeresource (= 3.1.1)
+      activesupport (= 3.1.1)
+      bundler (~> 1.0)
+      railties (= 3.1.1)
+    railties (3.1.1)
+      actionpack (= 3.1.1)
+      activesupport (= 3.1.1)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (~> 0.14.6)
+    rake (0.9.2.2)
+    rdoc (3.11)
+      json (~> 1.4)
+    sprockets (2.0.3)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    thor (0.14.6)
+    tilt (1.3.3)
+    treetop (1.4.10)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.30)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  jeweler
+  rails (~> 3.1.0)

data/VERSION

@@ -1 +1 @@
-2.0.0
+3.0.0

data/lib/param_protected.rb

@@ -2,4 +2,5 @@ require "param_protected/constants"
 require "param_protected/protector"
 require "param_protected/controller_modifications"
 
-ActionController::Base.extend(ParamProtected::ControllerModifications)
+ActionController::Base.send(:include, ParamProtected::ControllerModifications)
+

data/lib/param_protected/controller_modifications.rb

@@ -1,57 +1,43 @@
 module ParamProtected
   module ControllerModifications
-    
-    def self.extended(action_controller)
-      action_controller.class_eval do
-        extend  ClassMethods
-        singleton_class.alias_method_chain :inherited, :protector
-        include InstanceMethods
-        alias_method_chain :params, :protection
-      end
+    extend ActiveSupport::Concern
+
+    included do
+      alias_method_chain :params, :protection
     end
-    
+
     module ClassMethods
-      
+      def _protector
+        @_protector ||= Protector.new
+      end
+
+      def _protector=(value)
+        @_protector = value
+      end
+
       def param_protected(params, actions = nil)
-        Protector.instance(self).declare_protection(params, actions, BLACKLIST)
+        _protector.declare_protection(params, actions, BLACKLIST)
       end
-      
+
       def param_accessible(params, actions = nil)
-        Protector.instance(self).declare_protection(params, actions, WHITELIST)
+        _protector.declare_protection(params, actions, WHITELIST)
       end
 
-      def inherited_with_protector(controller)
-        inherited_without_protector(controller)
-
-        if defined? @pp_protector
-          controller.instance_variable_set :@pp_protector, @pp_protector.dup
-          controller.class_eval { attr_reader :pp_protector }
-        end
-        
+      def inherited(m)
+        m._protector = _protector.dup
+        super
       end
-      
     end
-    
+
     module InstanceMethods
-      
+      def _protector
+        self.class._protector
+      end
+
       def params_with_protection
-        
-        # #params is called internally by ActionController::Base a few times before an action is dispatched,
-        # thus we can't filter and cache it right off the bat.  We have to wait for #action_name to be present
-        # to know that we're really in an action and @_params actually contains something.  Then we can filter
-        # and cache it.
-        
-        if action_name.blank?
-          params_without_protection
-        elsif @params_protected
-          @params_protected
-        else
-          @params_protected = Protector.instance(self.class).protect(self, params_without_protection, action_name)
-        end
-        
+        return params_without_protection if action_name.blank?
+        @params_with_protection ||= _protector.protect(self, params_without_protection, action_name)
       end
-      
     end
-    
   end
 end

data/lib/param_protected/protector.rb

@@ -1,14 +1,5 @@
 module ParamProtected
   class Protector
-  
-    def self.instance(controller)
-      unless controller.respond_to?(:pp_protector)
-        controller.class_eval{ @pp_protector = Protector.new }
-        controller.singleton_class.class_eval { attr_reader :pp_protector }
-      end
-      controller.pp_protector
-    end
-    
     def initialize
       @protections = []
     end
@@ -16,13 +7,13 @@ module ParamProtected
     def initialize_copy(copy)
       copy.instance_variable_set(:@protections, deep_copy(@protections))
     end
-    
+
     def declare_protection(params, options, exclusivity)
       params  = normalize_params(params)
       actions, condition = normalize_options(options)
       @protections << [params, actions, condition, exclusivity]
     end
-    
+
     def protect(controller, controller_params, action_name)
       deep_copy(controller_params).tap do |params|
         protections_for_action(controller, action_name).each do |exclusivity, protected_params|
@@ -30,7 +21,7 @@ module ParamProtected
         end
       end
     end
-    
+
   private
 
     def protections_for_action(controller, action_name)
@@ -42,15 +33,15 @@ module ParamProtected
       end
     end
 
-    # Merge protections for the same params into one so as to allow extension of them 
+    # Merge protections for the same params into one so as to allow extension of them
     # in inheriting controllers.
-    # 
+    #
     # Mutating the first argument is okay since this method is used within inject only.
-    # 
+    #
     # Example:
     # merge_protections({ :foo => { :qux => nil }, :bar => { :baz => nil, :qux => nil } },
     #                   { :foo => { :baz => nil, :qux => { :foo => nil } } })
-    # => 
+    # =>
     #
     # { :foo => { :baz => nil, :qux => { :foo => nil } }, :bar => { :baz =>nil, :qux => nil } }
     def merge_protections(protections, protected_params)
@@ -64,10 +55,10 @@ module ParamProtected
 
       protections
     end
-    
+
     # When specifying params to protect, we allow a combination of arrays and hashes much like how
     # ActiveRecord::Base#find's :include options works.  This method normalizes that into just nested hashes,
-    # stringifying the keys and setting all values to nil.  This format is easier/faster to work with when 
+    # stringifying the keys and setting all values to nil.  This format is easier/faster to work with when
     # filtering the controller params.
     # Example...
     #   [:a, {:b => [:c, :d]}]
@@ -95,7 +86,7 @@ module ParamProtected
         k.to_s
       end
     end
-    
+
     # When specifying which actions param protection apply to, we allow a format like this...
     #   :only => [:action1, :action2]
     # This method normalizes that to...
@@ -118,16 +109,16 @@ module ParamProtected
       actions = actions.collect{ |action| action.try(:to_s) }
 
       condition = condition.first || :if
-      
+
       if options.has_key?(condition)
         condition_value = options[condition]
       else
         condition_value = true
       end
-      
+
       [[scope, *actions], [condition, condition_value]]
     end
-    
+
     # When #dup just isn't enough... :P
     def deep_copy(object)
       try_to_clone(object).tap do |new_object|
@@ -139,7 +130,7 @@ module ParamProtected
         end
       end
     end
-    
+
     # Some objects are not dupable... like TrueClass, FalseClass and NilClass.
     def try_to_clone(object)
       object.clone
@@ -163,7 +154,7 @@ module ParamProtected
         result
       end
     end
-    
+
     def action_matches?(scope, actions, action_name)
       if action_name.blank?
         false
@@ -175,7 +166,7 @@ module ParamProtected
         raise ArgumentError, "unexpected scope (#{scope}), expected :only or :except"
       end
     end
-    
+
     def filter_params(protected_params, params, exclusivity)
       return unless params.kind_of?(Hash)
       return if protected_params.nil?
@@ -195,7 +186,7 @@ module ParamProtected
         key_matches?(k, key)
       end.try(:last)
     end
-    
+
     def key_exists?(protected_params, key)
       protected_params.any? do |k,v|
         key_matches?(k, key)

data/param_protected.gemspec

@@ -1,98 +1,77 @@
 # Generated by jeweler
 # DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
   s.name = %q{param_protected}
-  s.version = "2.0.0"
+  s.version = "3.0.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Christopher J. Bottaro"]
-  s.date = %q{2010-10-18}
+  s.authors = [%q{Christopher J. Bottaro}]
+  s.date = %q{2011-11-02}
   s.description = %q{Provides two class methods on ActiveController::Base that filter the params hash for that controller's actions.  You can think of them as the controller analog of attr_protected and attr_accessible.}
   s.email = %q{cjbottaro@alumni.cs.utexas.edu}
   s.extra_rdoc_files = [
     "LICENSE",
-     "README.rdoc"
+    "README.rdoc"
   ]
   s.files = [
     "CHANGELOG",
-     "LICENSE",
-     "README.rdoc",
-     "Rakefile",
-     "VERSION",
-     "init.rb",
-     "lib/param_protected.rb",
-     "lib/param_protected/constants.rb",
-     "lib/param_protected/controller_modifications.rb",
-     "lib/param_protected/protector.rb",
-     "param_protected.gemspec",
-     "test/accessible_except_test.rb",
-     "test/accessible_only_test.rb",
-     "test/app_root/.gitignore",
-     "test/app_root/Gemfile",
-     "test/app_root/app/controllers/accessible_except_controller.rb",
-     "test/app_root/app/controllers/accessible_only_controller.rb",
-     "test/app_root/app/controllers/application_controller.rb",
-     "test/app_root/app/controllers/conditions_controller.rb",
-     "test/app_root/app/controllers/inherited_users_controller.rb",
-     "test/app_root/app/controllers/merge_controller.rb",
-     "test/app_root/app/controllers/protected_controller.rb",
-     "test/app_root/app/controllers/users_controller.rb",
-     "test/app_root/config.ru",
-     "test/app_root/config/application.rb",
-     "test/app_root/config/boot.rb",
-     "test/app_root/config/environment.rb",
-     "test/app_root/config/routes.rb",
-     "test/app_root/lib/console_with_fixtures.rb",
-     "test/app_root/script/rails",
-     "test/conditions_controller_test.rb",
-     "test/inherited_users_controller_test.rb",
-     "test/merge_controller_test.rb",
-     "test/protected_controller_test.rb",
-     "test/protector_test.rb",
-     "test/test_helper.rb",
-     "test/users_controller_test.rb"
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE",
+    "README.rdoc",
+    "Rakefile",
+    "VERSION",
+    "init.rb",
+    "lib/param_protected.rb",
+    "lib/param_protected/constants.rb",
+    "lib/param_protected/controller_modifications.rb",
+    "lib/param_protected/protector.rb",
+    "param_protected.gemspec",
+    "test/accessible_except_test.rb",
+    "test/accessible_only_test.rb",
+    "test/app_root/.gitignore",
+    "test/app_root/Gemfile",
+    "test/app_root/app/controllers/accessible_except_controller.rb",
+    "test/app_root/app/controllers/accessible_only_controller.rb",
+    "test/app_root/app/controllers/application_controller.rb",
+    "test/app_root/app/controllers/conditions_controller.rb",
+    "test/app_root/app/controllers/inherited_users_controller.rb",
+    "test/app_root/app/controllers/merge_controller.rb",
+    "test/app_root/app/controllers/protected_controller.rb",
+    "test/app_root/app/controllers/users_controller.rb",
+    "test/app_root/config.ru",
+    "test/app_root/config/application.rb",
+    "test/app_root/config/boot.rb",
+    "test/app_root/config/environment.rb",
+    "test/app_root/config/routes.rb",
+    "test/app_root/lib/console_with_fixtures.rb",
+    "test/app_root/script/rails",
+    "test/conditions_controller_test.rb",
+    "test/inherited_users_controller_test.rb",
+    "test/merge_controller_test.rb",
+    "test/protected_controller_test.rb",
+    "test/protector_test.rb",
+    "test/test_helper.rb",
+    "test/users_controller_test.rb"
   ]
   s.homepage = %q{http://github.com/cjbottaro/param_protected}
-  s.rdoc_options = ["--charset=UTF-8"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.7}
+  s.require_paths = [%q{lib}]
+  s.rubygems_version = %q{1.8.7}
   s.summary = %q{Filter unwanted parameters in your controllers and actions.}
-  s.test_files = [
-    "test/accessible_except_test.rb",
-     "test/accessible_only_test.rb",
-     "test/app_root/app/controllers/accessible_except_controller.rb",
-     "test/app_root/app/controllers/accessible_only_controller.rb",
-     "test/app_root/app/controllers/application_controller.rb",
-     "test/app_root/app/controllers/conditions_controller.rb",
-     "test/app_root/app/controllers/inherited_users_controller.rb",
-     "test/app_root/app/controllers/merge_controller.rb",
-     "test/app_root/app/controllers/protected_controller.rb",
-     "test/app_root/app/controllers/users_controller.rb",
-     "test/app_root/config/application.rb",
-     "test/app_root/config/boot.rb",
-     "test/app_root/config/environment.rb",
-     "test/app_root/config/routes.rb",
-     "test/app_root/lib/console_with_fixtures.rb",
-     "test/conditions_controller_test.rb",
-     "test/inherited_users_controller_test.rb",
-     "test/merge_controller_test.rb",
-     "test/protected_controller_test.rb",
-     "test/protector_test.rb",
-     "test/test_helper.rb",
-     "test/users_controller_test.rb"
-  ]
 
   if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
     s.specification_version = 3
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<jeweler>, [">= 0"])
     else
+      s.add_dependency(%q<jeweler>, [">= 0"])
     end
   else
+    s.add_dependency(%q<jeweler>, [">= 0"])
   end
 end
 

metadata

@@ -1,34 +1,40 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: param_protected
-version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-  - 2
-  - 0
-  - 0
-  version: 2.0.0
+version: !ruby/object:Gem::Version
+  version: 3.0.0
+  prerelease: 
 platform: ruby
-authors: 
+authors:
 - Christopher J. Bottaro
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2010-10-18 00:00:00 -05:00
-default_executable: 
-dependencies: []
-
-description: Provides two class methods on ActiveController::Base that filter the params hash for that controller's actions.  You can think of them as the controller analog of attr_protected and attr_accessible.
+date: 2011-11-02 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: &70253414744340 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70253414744340
+description: Provides two class methods on ActiveController::Base that filter the
+  params hash for that controller's actions.  You can think of them as the controller
+  analog of attr_protected and attr_accessible.
 email: cjbottaro@alumni.cs.utexas.edu
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - LICENSE
 - README.rdoc
-files: 
+files:
 - CHANGELOG
+- Gemfile
+- Gemfile.lock
 - LICENSE
 - README.rdoc
 - Rakefile
@@ -65,58 +71,31 @@ files:
 - test/protector_test.rb
 - test/test_helper.rb
 - test/users_controller_test.rb
-has_rdoc: true
 homepage: http://github.com/cjbottaro/param_protected
 licenses: []
-
 post_install_message: 
-rdoc_options: 
-- --charset=UTF-8
-require_paths: 
+rdoc_options: []
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+      hash: -3789331872057499608
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.3.7
+rubygems_version: 1.8.7
 signing_key: 
 specification_version: 3
 summary: Filter unwanted parameters in your controllers and actions.
-test_files: 
-- test/accessible_except_test.rb
-- test/accessible_only_test.rb
-- test/app_root/app/controllers/accessible_except_controller.rb
-- test/app_root/app/controllers/accessible_only_controller.rb
-- test/app_root/app/controllers/application_controller.rb
-- test/app_root/app/controllers/conditions_controller.rb
-- test/app_root/app/controllers/inherited_users_controller.rb
-- test/app_root/app/controllers/merge_controller.rb
-- test/app_root/app/controllers/protected_controller.rb
-- test/app_root/app/controllers/users_controller.rb
-- test/app_root/config/application.rb
-- test/app_root/config/boot.rb
-- test/app_root/config/environment.rb
-- test/app_root/config/routes.rb
-- test/app_root/lib/console_with_fixtures.rb
-- test/conditions_controller_test.rb
-- test/inherited_users_controller_test.rb
-- test/merge_controller_test.rb
-- test/protected_controller_test.rb
-- test/protector_test.rb
-- test/test_helper.rb
-- test/users_controller_test.rb
+test_files: []