param_protected 1.3.1 → 2.0.0

data/CHANGELOG

@@ -1,5 +1,10 @@
+2.0.0
+-----
+* Upgrade to Rails 3.
+
 1.3.1
- - Bugfix: hashes nested in regexp params could get through unfiltered
+-----
+* Bugfix: hashes nested in regexp params could get through unfiltered
 
 09/12/2009
 ----------
@@ -19,4 +24,4 @@
 
 07/16/2008
 ----------
-* rewrote the entire plugin (it should actually work now)
+* rewrote the entire plugin (it should actually work now)

data/README.rdoc

@@ -3,11 +3,11 @@ This plugin provides two class methods on <tt>ActiveController::Base</tt> that f
 
 === Installation
 
-Put in your <tt>environment.rb</tt> file...
-
-  config.gem "param_protected"
+  gem install param_protected
   
-Alternatively, just install the gem from the command line and <tt>require "param_protected"</tt> somewhere in your project.
+Note: the latest version works with Rails 3.0.x.  If you want Rails 2.3.x compatibility, install the latest 1.x.x version of <tt>param_protected</tt>.  See the rails23 branch {here}[http://github.com/cjbottaro/param_protected/tree/rails23] for the most up to date 1.x.x version (look at the tags).
+
+Thanks to {jonleighton}[http://github.com/jonleighton] for the Rails 3 port.
 
 === Usage
  class YourController < ActiveController::Base
@@ -71,8 +71,9 @@ Credit: Mortiz Heidkamp
 === How does it work?
 It does an <tt>alias_method_chain</tt> on <tt>ActionController::Base#params</tt> that filters (and caches) the params.  You can get the unfiltered, pristine params by calling <tt>ActionController::Base#params_without_protection</tt>.
 
-=== Author
+=== Original Author
 Christopher J. Bottaro - {cjbottaro}[http://github.com/cjbottaro]
 
 === Contributors
-Moritz Heidkamp - {DerGuteMoritz}[http://github.com/DerGuteMoritz]
+Moritz Heidkamp - {DerGuteMoritz}[http://github.com/DerGuteMoritz]
+Jon Leighton - {jonleighton}[http://github.com/jonleighton]

data/VERSION

@@ -1 +1 @@
-1.3.1
+2.0.0

data/lib/param_protected.rb

@@ -1,6 +1,5 @@
-require "param_protected/meta_class"
 require "param_protected/constants"
 require "param_protected/protector"
 require "param_protected/controller_modifications"
 
-ActionController::Base.extend(ParamProtected::ControllerModifications)
+ActionController::Base.extend(ParamProtected::ControllerModifications)

data/lib/param_protected/controller_modifications.rb

@@ -4,7 +4,7 @@ module ParamProtected
     def self.extended(action_controller)
       action_controller.class_eval do
         extend  ClassMethods
-        metaclass.alias_method_chain :inherited, :protector
+        singleton_class.alias_method_chain :inherited, :protector
         include InstanceMethods
         alias_method_chain :params, :protection
       end
@@ -54,4 +54,4 @@ module ParamProtected
     end
     
   end
-end
+end

data/lib/param_protected/protector.rb

@@ -4,7 +4,7 @@ module ParamProtected
     def self.instance(controller)
       unless controller.respond_to?(:pp_protector)
         controller.class_eval{ @pp_protector = Protector.new }
-        controller.meta_eval { attr_reader :pp_protector }
+        controller.singleton_class.class_eval { attr_reader :pp_protector }
       end
       controller.pp_protector
     end
@@ -24,7 +24,7 @@ module ParamProtected
     end
     
     def protect(controller, controller_params, action_name)
-      returning(deep_copy(controller_params)) do |params|
+      deep_copy(controller_params).tap do |params|
         protections_for_action(controller, action_name).each do |exclusivity, protected_params|
           filter_params(protected_params, params, exclusivity) unless protected_params.empty?
         end
@@ -130,7 +130,7 @@ module ParamProtected
     
     # When #dup just isn't enough... :P
     def deep_copy(object)
-      returning(try_to_clone(object)) do |new_object|
+      try_to_clone(object).tap do |new_object|
         case new_object
         when Hash
           new_object.each{ |k, v| new_object[k] = deep_copy(v) }

data/param_protected.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{param_protected}
-  s.version = "1.3.1"
+  s.version = "2.0.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Christopher J. Bottaro"]
-  s.date = %q{2010-10-03}
+  s.date = %q{2010-10-18}
   s.description = %q{Provides two class methods on ActiveController::Base that filter the params hash for that controller's actions.  You can think of them as the controller analog of attr_protected and attr_accessible.}
   s.email = %q{cjbottaro@alumni.cs.utexas.edu}
   s.extra_rdoc_files = [
@@ -23,16 +23,15 @@ Gem::Specification.new do |s|
      "Rakefile",
      "VERSION",
      "init.rb",
-     "install.rb",
      "lib/param_protected.rb",
      "lib/param_protected/constants.rb",
      "lib/param_protected/controller_modifications.rb",
-     "lib/param_protected/meta_class.rb",
      "lib/param_protected/protector.rb",
      "param_protected.gemspec",
-     "tasks/param_protected_tasks.rake",
      "test/accessible_except_test.rb",
      "test/accessible_only_test.rb",
+     "test/app_root/.gitignore",
+     "test/app_root/Gemfile",
      "test/app_root/app/controllers/accessible_except_controller.rb",
      "test/app_root/app/controllers/accessible_only_controller.rb",
      "test/app_root/app/controllers/application_controller.rb",
@@ -41,24 +40,20 @@ Gem::Specification.new do |s|
      "test/app_root/app/controllers/merge_controller.rb",
      "test/app_root/app/controllers/protected_controller.rb",
      "test/app_root/app/controllers/users_controller.rb",
+     "test/app_root/config.ru",
+     "test/app_root/config/application.rb",
      "test/app_root/config/boot.rb",
-     "test/app_root/config/database.yml",
      "test/app_root/config/environment.rb",
-     "test/app_root/config/environments/in_memory.rb",
-     "test/app_root/config/environments/mysql.rb",
-     "test/app_root/config/environments/postgresql.rb",
-     "test/app_root/config/environments/sqlite.rb",
-     "test/app_root/config/environments/sqlite3.rb",
      "test/app_root/config/routes.rb",
      "test/app_root/lib/console_with_fixtures.rb",
+     "test/app_root/script/rails",
      "test/conditions_controller_test.rb",
      "test/inherited_users_controller_test.rb",
      "test/merge_controller_test.rb",
      "test/protected_controller_test.rb",
      "test/protector_test.rb",
      "test/test_helper.rb",
-     "test/users_controller_test.rb",
-     "uninstall.rb"
+     "test/users_controller_test.rb"
   ]
   s.homepage = %q{http://github.com/cjbottaro/param_protected}
   s.rdoc_options = ["--charset=UTF-8"]
@@ -76,13 +71,9 @@ Gem::Specification.new do |s|
      "test/app_root/app/controllers/merge_controller.rb",
      "test/app_root/app/controllers/protected_controller.rb",
      "test/app_root/app/controllers/users_controller.rb",
+     "test/app_root/config/application.rb",
      "test/app_root/config/boot.rb",
      "test/app_root/config/environment.rb",
-     "test/app_root/config/environments/in_memory.rb",
-     "test/app_root/config/environments/mysql.rb",
-     "test/app_root/config/environments/postgresql.rb",
-     "test/app_root/config/environments/sqlite.rb",
-     "test/app_root/config/environments/sqlite3.rb",
      "test/app_root/config/routes.rb",
      "test/app_root/lib/console_with_fixtures.rb",
      "test/conditions_controller_test.rb",

data/test/app_root/.gitignore

@@ -0,0 +1,2 @@
+log/
+Gemfile.lock

data/test/app_root/Gemfile

@@ -0,0 +1,4 @@
+source 'http://rubygems.org'
+
+gem 'rails', '~> 3.0'
+gem 'param_protected', :path => File.dirname(__FILE__) + '/../..'

data/test/app_root/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run TestApp::Application

data/test/app_root/config/application.rb

@@ -0,0 +1,16 @@
+require File.expand_path('../boot', __FILE__)
+require "action_controller/railtie"
+
+# If you have a Gemfile, require the gems listed there, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(:default, Rails.env) if defined?(Bundler)
+
+module TestApp
+  class Application < Rails::Application
+    config.cache_classes = false
+    config.whiny_nils = true
+    config.secret_token = 'd229e4d22437432705ab3985d4d246'
+    config.session_store :cookie_store, :key => 'rails_session'
+    config.active_support.deprecation = :stderr
+  end
+end

data/test/app_root/config/boot.rb

@@ -1,115 +1,13 @@
-# Allow customization of the rails framework path
-RAILS_FRAMEWORK_ROOT = (ENV['RAILS_FRAMEWORK_ROOT'] || "#{File.dirname(__FILE__)}/../../../../../../vendor/rails") unless defined?(RAILS_FRAMEWORK_ROOT) 
-
-# Don't change this file!
-# Configure your app in config/environment.rb and config/environments/*.rb
-
-RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
-
-module Rails
-  class << self
-    def boot!
-      unless booted?
-        preinitialize
-        pick_boot.run
-      end
-    end
-
-    def booted?
-      defined? Rails::Initializer
-    end
-
-    def pick_boot
-      (vendor_rails? ? VendorBoot : GemBoot).new
-    end
-
-    def vendor_rails?
-      File.exist?(RAILS_FRAMEWORK_ROOT)
-    end
-
-    def preinitialize
-      load(preinitializer_path) if File.exist?(preinitializer_path)
-    end
-
-    def preinitializer_path
-      "#{RAILS_ROOT}/config/preinitializer.rb"
-    end
-  end
-
-  class Boot
-    def run
-      load_initializer
-      Rails::Initializer.run(:set_load_path)
-    end
-  end
-
-  class VendorBoot < Boot
-    def load_initializer
-      require "#{RAILS_FRAMEWORK_ROOT}/railties/lib/initializer"
-      Rails::Initializer.run(:install_gem_spec_stubs)
-      Rails::GemDependency.add_frozen_gem_path
-    end
-  end
-
-  class GemBoot < Boot
-    def load_initializer
-      self.class.load_rubygems
-      load_rails_gem
-      require 'initializer'
-    end
-
-    def load_rails_gem
-      if version = self.class.gem_version
-        gem 'rails', version
-      else
-        gem 'rails'
-      end
-    rescue Gem::LoadError => load_error
-      $stderr.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
-      exit 1
-    end
-
-    class << self
-      def rubygems_version
-        Gem::RubyGemsVersion rescue nil
-      end
-
-      def gem_version
-        if defined? RAILS_GEM_VERSION
-          RAILS_GEM_VERSION
-        elsif ENV.include?('RAILS_GEM_VERSION')
-          ENV['RAILS_GEM_VERSION']
-        else
-          parse_gem_version(read_environment_rb)
-        end
-      end
-
-      def load_rubygems
-        require 'rubygems'
-        min_version = '1.3.1'
-        unless rubygems_version >= min_version
-          $stderr.puts %Q(Rails requires RubyGems >= #{min_version} (you have #{rubygems_version}). Please `gem update --system` and try again.)
-          exit 1
-        end
- 
-      rescue LoadError
-        $stderr.puts %Q(Rails requires RubyGems >= #{min_version}. Please install RubyGems and try again: http://rubygems.rubyforge.org)
-        exit 1
-      end
-
-      def parse_gem_version(text)
-        $1 if text =~ /^[^#]*RAILS_GEM_VERSION\s*=\s*["']([!~<>=]*\s*[\d.]+)["']/
-      end
-
-      private
-        def read_environment_rb
-          environment_rb = "#{RAILS_ROOT}/config/environment.rb"
-          environment_rb = "#{HELPER_RAILS_ROOT}/config/environment.rb" unless File.exists?(environment_rb)
-          File.read(environment_rb)
-        end
-    end
-  end
-end
-
-# All that for this:
-Rails.boot!
+require 'rubygems'
+
+# Set up gems listed in the Gemfile.
+gemfile = File.expand_path('../../Gemfile', __FILE__)
+begin
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+  Bundler.setup
+rescue Bundler::GemNotFound => e
+  STDERR.puts e.message
+  STDERR.puts "Try running `bundle install`."
+  exit!
+end if File.exist?(gemfile)

data/test/app_root/config/environment.rb

@@ -1,14 +1,5 @@
-require File.join(File.dirname(__FILE__), 'boot')
+# Load the rails application
+require File.expand_path('../application', __FILE__)
 
-Rails::Initializer.run do |config|
-  config.cache_classes = false
-  config.whiny_nils = true
-  config.action_controller.session = {:key => 'rails_session', :secret => 'd229e4d22437432705ab3985d4d246'}
-  config.plugin_locators.unshift(
-    Class.new(Rails::Plugin::Locator) do
-      def plugins
-        [Rails::Plugin.new(File.expand_path('.'))]
-      end
-    end
-  ) unless defined?(PluginTestHelper::PluginLocator)
-end
+# Initialize the rails application
+TestApp::Application.initialize!

data/test/app_root/config/routes.rb

@@ -1,4 +1,3 @@
-ActionController::Routing::Routes.draw do |map|
-  map.connect ':controller/:action/:id'
-  map.connect ':controller/:action/:id.:format'
+TestApp::Application.routes.draw do
+  match ':controller(/:action(/:id(.:format)))'
 end

data/test/app_root/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby1.8
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/test/test_helper.rb

@@ -1,25 +1,9 @@
-# Set the default environment to sqlite3's in_memory database
-ENV['RAILS_ENV'] ||= 'in_memory'
+ENV['RAILS_ENV'] ||= 'test'
 
 # Load the Rails environment and testing framework
 require "#{File.dirname(__FILE__)}/app_root/config/environment"
-require 'test_help'
-require "param_protected"
-
-# Undo changes to RAILS_ENV
-silence_warnings {RAILS_ENV = ENV['RAILS_ENV']}
-
-# Run the migrations
-ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
-
-# Set default fixture loading properties
-ActiveSupport::TestCase.class_eval do
-  self.use_transactional_fixtures = true
-  self.use_instantiated_fixtures = false
-  self.fixture_path = "#{File.dirname(__FILE__)}/fixtures"
-  
-  fixtures :all
-end
+require 'rails/test_help'
+require 'param_protected'
 
 class ActionController::TestCase
   PARAMS = {
@@ -48,4 +32,4 @@ class ActionController::TestCase
       instance_eval(&block)
     end
   end
-end
+end

metadata

@@ -1,13 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: param_protected
 version: !ruby/object:Gem::Version 
-  hash: 25
   prerelease: false
   segments: 
-  - 1
-  - 3
-  - 1
-  version: 1.3.1
+  - 2
+  - 0
+  - 0
+  version: 2.0.0
 platform: ruby
 authors: 
 - Christopher J. Bottaro
@@ -15,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-10-03 00:00:00 -05:00
+date: 2010-10-18 00:00:00 -05:00
 default_executable: 
 dependencies: []
 
@@ -35,16 +34,15 @@ files:
 - Rakefile
 - VERSION
 - init.rb
-- install.rb
 - lib/param_protected.rb
 - lib/param_protected/constants.rb
 - lib/param_protected/controller_modifications.rb
-- lib/param_protected/meta_class.rb
 - lib/param_protected/protector.rb
 - param_protected.gemspec
-- tasks/param_protected_tasks.rake
 - test/accessible_except_test.rb
 - test/accessible_only_test.rb
+- test/app_root/.gitignore
+- test/app_root/Gemfile
 - test/app_root/app/controllers/accessible_except_controller.rb
 - test/app_root/app/controllers/accessible_only_controller.rb
 - test/app_root/app/controllers/application_controller.rb
@@ -53,16 +51,13 @@ files:
 - test/app_root/app/controllers/merge_controller.rb
 - test/app_root/app/controllers/protected_controller.rb
 - test/app_root/app/controllers/users_controller.rb
+- test/app_root/config.ru
+- test/app_root/config/application.rb
 - test/app_root/config/boot.rb
-- test/app_root/config/database.yml
 - test/app_root/config/environment.rb
-- test/app_root/config/environments/in_memory.rb
-- test/app_root/config/environments/mysql.rb
-- test/app_root/config/environments/postgresql.rb
-- test/app_root/config/environments/sqlite.rb
-- test/app_root/config/environments/sqlite3.rb
 - test/app_root/config/routes.rb
 - test/app_root/lib/console_with_fixtures.rb
+- test/app_root/script/rails
 - test/conditions_controller_test.rb
 - test/inherited_users_controller_test.rb
 - test/merge_controller_test.rb
@@ -70,7 +65,6 @@ files:
 - test/protector_test.rb
 - test/test_helper.rb
 - test/users_controller_test.rb
-- uninstall.rb
 has_rdoc: true
 homepage: http://github.com/cjbottaro/param_protected
 licenses: []
@@ -85,7 +79,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
       segments: 
       - 0
       version: "0"
@@ -94,7 +87,6 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
       segments: 
       - 0
       version: "0"
@@ -116,13 +108,9 @@ test_files:
 - test/app_root/app/controllers/merge_controller.rb
 - test/app_root/app/controllers/protected_controller.rb
 - test/app_root/app/controllers/users_controller.rb
+- test/app_root/config/application.rb
 - test/app_root/config/boot.rb
 - test/app_root/config/environment.rb
-- test/app_root/config/environments/in_memory.rb
-- test/app_root/config/environments/mysql.rb
-- test/app_root/config/environments/postgresql.rb
-- test/app_root/config/environments/sqlite.rb
-- test/app_root/config/environments/sqlite3.rb
 - test/app_root/config/routes.rb
 - test/app_root/lib/console_with_fixtures.rb
 - test/conditions_controller_test.rb

data/install.rb

@@ -1 +0,0 @@
-# Install hook code here

data/lib/param_protected/meta_class.rb

@@ -1,13 +0,0 @@
-class Object
-  unless method_defined?(:meta_class)
-    def meta_class
-      (class << self; self; end)
-    end
-  end
-  
-  unless method_defined?(:meta_eval)
-    def meta_eval(&block)
-      meta_class.instance_eval(&block)
-    end
-  end
-end

data/tasks/param_protected_tasks.rake

@@ -1,4 +0,0 @@
-# desc "Explaining what the task does"
-# task :param_protected do
-#   # Task goes here
-# end

data/test/app_root/config/database.yml

@@ -1,31 +0,0 @@
-in_memory:
-  adapter: sqlite3
-  database: ":memory:"
-  verbosity: quiet
-  pool: 5
-  timeout: 5000
-sqlite:
-  adapter: sqlite
-  dbfile: plugin_test.sqlite.db
-  pool: 5
-  timeout: 5000
-sqlite3:
-  adapter: sqlite3
-  dbfile: plugin_test.sqlite3.db
-  pool: 5
-  timeout: 5000
-postgresql:
-  adapter: postgresql
-  username: postgres
-  password: postgres
-  database: plugin_test
-  pool: 5
-  timeout: 5000
-mysql:
-  adapter: mysql
-  host: localhost
-  username: root
-  password:
-  database: plugin_test
-  pool: 5
-  timeout: 5000

data/uninstall.rb

@@ -1 +0,0 @@
-# Uninstall hook code here