protected_attributes_continued 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +5 -3
  3. data/lib/active_record/mass_assignment_security.rb +1 -0
  4. data/lib/active_record/mass_assignment_security/association_relation.rb +27 -0
  5. data/lib/protected_attributes/version.rb +1 -1
  6. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b10566280e992ec0bc867ca4d2c0b52f29c9e7b98aa197f523bc7e8930634197
4
- data.tar.gz: b98a820d98f4828e5cd9a94ee96d8072112548b964576cdfab74a73c3660daa1
3
+ metadata.gz: 4cc976fa47e5942c610f0ba64d976c46e83797255c60fd504f79e30677164632
4
+ data.tar.gz: 3127f37fc4fb6222ed6fbef07fedbe449a65fd5caa919d3a43bc65c17f86c2c2
5
5
  SHA512:
6
- metadata.gz: a57bc937ec7efe500d594ffdf3200b51265c7ff0e1dd14e5188d43a0495840b55728168585da2cc5bba5f1b4fb8cf769e83391eeca6118089251ce7b31012974
7
- data.tar.gz: e0933854f707e6a810103bd49f3001dd3eecceeb4c08cbca3c69b0c5d7d3758884026c7da594833b3a3eb957dd8a372ff8e68e442680485e0b35388b68aff046
6
+ metadata.gz: f7776d77b1898ee1b0b9713102a1be01c9de945f7cb23160a00a3af4f205f15f05ca9e6f58bc5510e4cb68606174fe1d6a835a9a2756ff866cd7849a54fcadaf
7
+ data.tar.gz: c821bb84db6db202e524a535c7b098e2976cd423946e95325fc421f88d35077e645e166ae10f9f01f82de0e52d2decdb1781690806392a661ea9d8fecd8444de
data/README.md CHANGED
@@ -3,7 +3,7 @@
3
3
  <a href='https://travis-ci.com/westonganger/protected_attributes_continued' target='_blank'><img height='21' style='border:0px;height:21px;' src='https://api.travis-ci.org/westonganger/protected_attributes_continued.svg?branch=master' border='0' alt='Build Status' /></a>
4
4
  <a href='https://rubygems.org/gems/protected_attributes_continued' target='_blank'><img height='21' style='border:0px;height:21px;' src='https://ruby-gem-downloads-badge.herokuapp.com/protected_attributes_continued?label=rubygems&type=total&total_label=downloads&color=brightgreen' border='0' alt='RubyGems Downloads' /></a>
5
5
 
6
- > This is the community continued version of `protected_attributes` for Rails 5+. I recommend you only use it to support legacy portions of your application that you do not want to upgrade. The Rails team dropped this feature and switched to `strong_parameters` because of security issues. However some applications simply cannot be upgraded or security like this is a non-issue. To continue supporting this feature going forward lets continue the work here.
6
+ > This is the community continued version of [`protected_attributes`](https://github.com/rails/protected_attributes) for Rails 5+. I recommend you only use it to support legacy portions of your application that you do not want to upgrade. The Rails team dropped this feature and switched to `strong_parameters` because of security issues. However some applications simply cannot be upgraded or security like this is a non-issue. To continue supporting this feature going forward lets continue the work here.
7
7
 
8
8
  Protect attributes from mass-assignment in Active Record models. This gem adds the class methods `attr_accessible` and `attr_protected` to declare white or black lists of attributes.
9
9
 
@@ -98,7 +98,9 @@ Any protected attributes violation raises `ActiveModel::MassAssignmentSecurity::
98
98
 
99
99
  ## Contributing
100
100
 
101
- We use the `appraisal` gem for testing multiple versions of `Rails`. Please use the following steps to test using `appraisal`.
101
+ For quicker feedback during gem development or debugging feel free to use the provided `rake console` task. It is defined within the [`Rakefile`](https://github.com/westonganger/protected_attributes_continued/blob/master/Rakefile).
102
+
103
+ We test multiple versions of `Rails` using the `appraisal` gem. Please use the following steps to test using `appraisal`.
102
104
 
103
105
  1. `bundle exec appraisal install`
104
106
  2. `bundle exec appraisal rake test`
@@ -107,7 +109,7 @@ We use the `appraisal` gem for testing multiple versions of `Rails`. Please use
107
109
 
108
110
  Created & Maintained by [Weston Ganger](https://westonganger.com) - [@westonganger](https://github.com/westonganger)
109
111
 
110
- Originally forked from the dead/unmaintained `protected_attributes` gem by the Rails team.
112
+ Originally forked from the dead/unmaintained [`protected_attributes`](https://github.com/rails/protected_attributes) gem by the Rails team.
111
113
 
112
114
  ## A Simple and Similar strong_params Alternative
113
115
 
data/lib/active_record/mass_assignment_security.rb CHANGED
@@ -7,6 +7,7 @@ require "active_record/mass_assignment_security/nested_attributes"
7
7
  require "active_record/mass_assignment_security/persistence"
8
8
  require "active_record/mass_assignment_security/reflection"
9
9
  require "active_record/mass_assignment_security/relation"
10
+ require "active_record/mass_assignment_security/association_relation"
10
11
  require "active_record/mass_assignment_security/validations"
11
12
  require "active_record/mass_assignment_security/associations"
12
13
  require "active_record/mass_assignment_security/inheritance"
data/lib/active_record/mass_assignment_security/association_relation.rb ADDED
@@ -0,0 +1,27 @@
1
+ if ActiveRecord::VERSION::MAJOR >= 6
2
+
3
+ module ActiveRecord
4
+ class AssociationRelation
5
+ undef :new
6
+ undef :create
7
+ undef :create!
8
+
9
+ def build(attributes = nil, options = {}, &block)
10
+ block = _deprecated_scope_block("new", &block)
11
+ scoping { @association.build(attributes, options, &block) }
12
+ end
13
+ alias new build
14
+
15
+ def create(attributes = nil, options = {}, &block)
16
+ block = _deprecated_scope_block("create", &block)
17
+ scoping { @association.create(attributes, options, &block) }
18
+ end
19
+
20
+ def create!(attributes = nil, options = {}, &block)
21
+ block = _deprecated_scope_block("create!", &block)
22
+ scoping { @association.create!(attributes, options, &block) }
23
+ end
24
+ end
25
+ end
26
+
27
+ end
data/lib/protected_attributes/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ProtectedAttributes
2
- VERSION = "1.6.0".freeze
2
+ VERSION = "1.7.0".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: protected_attributes_continued
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Weston Ganger
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-01 00:00:00.000000000 Z
11
+ date: 2020-10-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activemodel
@@ -122,6 +122,7 @@ files:
122
122
  - lib/active_model/mass_assignment_security/permission_set.rb
123
123
  - lib/active_model/mass_assignment_security/sanitizer.rb
124
124
  - lib/active_record/mass_assignment_security.rb
125
+ - lib/active_record/mass_assignment_security/association_relation.rb
125
126
  - lib/active_record/mass_assignment_security/associations.rb
126
127
  - lib/active_record/mass_assignment_security/attribute_assignment.rb
127
128
  - lib/active_record/mass_assignment_security/core.rb