protected_attributes_continued 1.5.0 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b10566280e992ec0bc867ca4d2c0b52f29c9e7b98aa197f523bc7e8930634197
|
|
4
|
+
data.tar.gz: b98a820d98f4828e5cd9a94ee96d8072112548b964576cdfab74a73c3660daa1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a57bc937ec7efe500d594ffdf3200b51265c7ff0e1dd14e5188d43a0495840b55728168585da2cc5bba5f1b4fb8cf769e83391eeca6118089251ce7b31012974
|
|
7
|
+
data.tar.gz: e0933854f707e6a810103bd49f3001dd3eecceeb4c08cbca3c69b0c5d7d3758884026c7da594833b3a3eb957dd8a372ff8e68e442680485e0b35388b68aff046
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Protected Attributes Continued
|
|
2
2
|
<a href="https://badge.fury.io/rb/protected_attributes_continued" target="_blank"><img height="21" style='border:0px;height:21px;' border='0' src="https://badge.fury.io/rb/protected_attributes_continued.svg" alt="Gem Version"></a>
|
|
3
|
-
<a href='https://travis-ci.
|
|
3
|
+
<a href='https://travis-ci.com/westonganger/protected_attributes_continued' target='_blank'><img height='21' style='border:0px;height:21px;' src='https://api.travis-ci.org/westonganger/protected_attributes_continued.svg?branch=master' border='0' alt='Build Status' /></a>
|
|
4
4
|
<a href='https://rubygems.org/gems/protected_attributes_continued' target='_blank'><img height='21' style='border:0px;height:21px;' src='https://ruby-gem-downloads-badge.herokuapp.com/protected_attributes_continued?label=rubygems&type=total&total_label=downloads&color=brightgreen' border='0' alt='RubyGems Downloads' /></a>
|
|
5
5
|
|
|
6
6
|
> This is the community continued version of `protected_attributes` for Rails 5+. I recommend you only use it to support legacy portions of your application that you do not want to upgrade. The Rails team dropped this feature and switched to `strong_parameters` because of security issues. However some applications simply cannot be upgraded or security like this is a non-issue. To continue supporting this feature going forward lets continue the work here.
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
### Original Rails Code - https://github.com/rails/rails/tree/master/activerecord/lib/active_record/associations
|
|
2
|
+
|
|
1
3
|
module ActiveRecord
|
|
2
4
|
module Associations
|
|
3
5
|
class Association
|
|
@@ -10,7 +12,6 @@ module ActiveRecord
|
|
|
10
12
|
record.assign_attributes(attributes, without_protection: true)
|
|
11
13
|
end
|
|
12
14
|
end
|
|
13
|
-
|
|
14
15
|
private :build_record
|
|
15
16
|
end
|
|
16
17
|
|
|
@@ -53,7 +54,6 @@ module ActiveRecord
|
|
|
53
54
|
end
|
|
54
55
|
end
|
|
55
56
|
end
|
|
56
|
-
|
|
57
57
|
private :create_record
|
|
58
58
|
end
|
|
59
59
|
|
|
@@ -76,29 +76,24 @@ module ActiveRecord
|
|
|
76
76
|
end
|
|
77
77
|
|
|
78
78
|
module ThroughAssociation
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
inverse = source_reflection.inverse_of
|
|
85
|
-
target = through_association.target
|
|
86
|
-
|
|
87
|
-
if inverse && target && !target.is_a?(Array)
|
|
88
|
-
attributes[inverse.foreign_key] = target.id
|
|
89
|
-
end
|
|
79
|
+
### Cant use respond_to?(method, true) because its a module instead of a class
|
|
80
|
+
undef :build_record if self.private_instance_methods.include?(:build_record)
|
|
81
|
+
def build_record(attributes, options={})
|
|
82
|
+
inverse = source_reflection.inverse_of
|
|
83
|
+
target = through_association.target
|
|
90
84
|
|
|
91
|
-
|
|
85
|
+
if inverse && target && !target.is_a?(Array)
|
|
86
|
+
attributes[inverse.foreign_key] = target.id
|
|
92
87
|
end
|
|
88
|
+
|
|
89
|
+
super(attributes, options)
|
|
90
|
+
end
|
|
91
|
+
private :build_record
|
|
93
92
|
end
|
|
94
93
|
|
|
95
94
|
class HasManyThroughAssociation
|
|
96
|
-
undef :build_record
|
|
97
|
-
undef :options_for_through_record if respond_to?(:options_for_through_record, false)
|
|
98
|
-
|
|
99
95
|
if ActiveRecord.version >= Gem::Version.new('5.2.3')
|
|
100
96
|
undef :build_through_record
|
|
101
|
-
|
|
102
97
|
def build_through_record(record)
|
|
103
98
|
@through_records[record.object_id] ||= begin
|
|
104
99
|
ensure_mutable
|
|
@@ -115,6 +110,7 @@ module ActiveRecord
|
|
|
115
110
|
private :build_through_record
|
|
116
111
|
end
|
|
117
112
|
|
|
113
|
+
undef :build_record
|
|
118
114
|
def build_record(attributes, options = {})
|
|
119
115
|
ensure_not_nested
|
|
120
116
|
|
|
@@ -133,6 +129,7 @@ module ActiveRecord
|
|
|
133
129
|
end
|
|
134
130
|
private :build_record
|
|
135
131
|
|
|
132
|
+
undef :options_for_through_record if respond_to?(:options_for_through_record, true)
|
|
136
133
|
def options_for_through_record
|
|
137
134
|
[through_scope_attributes, without_protection: true]
|
|
138
135
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: protected_attributes_continued
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Weston Ganger
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-10-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activemodel
|
|
@@ -154,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
154
154
|
- !ruby/object:Gem::Version
|
|
155
155
|
version: '0'
|
|
156
156
|
requirements: []
|
|
157
|
-
rubygems_version: 3.
|
|
157
|
+
rubygems_version: 3.1.2
|
|
158
158
|
signing_key:
|
|
159
159
|
specification_version: 4
|
|
160
160
|
summary: Protect attributes from mass assignment in Active Record models
|