protected_attributes_continued 1.6.0 → 1.7.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +5 -3
  3. data/lib/active_record/mass_assignment_security.rb +1 -0
  4. data/lib/active_record/mass_assignment_security/association_relation.rb +27 -0
  5. data/lib/protected_attributes/version.rb +1 -1
  6. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b10566280e992ec0bc867ca4d2c0b52f29c9e7b98aa197f523bc7e8930634197
4
- data.tar.gz: b98a820d98f4828e5cd9a94ee96d8072112548b964576cdfab74a73c3660daa1
3
+ metadata.gz: 4cc976fa47e5942c610f0ba64d976c46e83797255c60fd504f79e30677164632
4
+ data.tar.gz: 3127f37fc4fb6222ed6fbef07fedbe449a65fd5caa919d3a43bc65c17f86c2c2
5
5
  SHA512:
6
- metadata.gz: a57bc937ec7efe500d594ffdf3200b51265c7ff0e1dd14e5188d43a0495840b55728168585da2cc5bba5f1b4fb8cf769e83391eeca6118089251ce7b31012974
7
- data.tar.gz: e0933854f707e6a810103bd49f3001dd3eecceeb4c08cbca3c69b0c5d7d3758884026c7da594833b3a3eb957dd8a372ff8e68e442680485e0b35388b68aff046
6
+ metadata.gz: f7776d77b1898ee1b0b9713102a1be01c9de945f7cb23160a00a3af4f205f15f05ca9e6f58bc5510e4cb68606174fe1d6a835a9a2756ff866cd7849a54fcadaf
7
+ data.tar.gz: c821bb84db6db202e524a535c7b098e2976cd423946e95325fc421f88d35077e645e166ae10f9f01f82de0e52d2decdb1781690806392a661ea9d8fecd8444de
data/README.md CHANGED
@@ -3,7 +3,7 @@
3
3
  <a href='https://travis-ci.com/westonganger/protected_attributes_continued' target='_blank'><img height='21' style='border:0px;height:21px;' src='https://api.travis-ci.org/westonganger/protected_attributes_continued.svg?branch=master' border='0' alt='Build Status' /></a>
4
4
  <a href='https://rubygems.org/gems/protected_attributes_continued' target='_blank'><img height='21' style='border:0px;height:21px;' src='https://ruby-gem-downloads-badge.herokuapp.com/protected_attributes_continued?label=rubygems&type=total&total_label=downloads&color=brightgreen' border='0' alt='RubyGems Downloads' /></a>
5
5
 
6
- > This is the community continued version of `protected_attributes` for Rails 5+. I recommend you only use it to support legacy portions of your application that you do not want to upgrade. The Rails team dropped this feature and switched to `strong_parameters` because of security issues. However some applications simply cannot be upgraded or security like this is a non-issue. To continue supporting this feature going forward lets continue the work here.
6
+ > This is the community continued version of [`protected_attributes`](https://github.com/rails/protected_attributes) for Rails 5+. I recommend you only use it to support legacy portions of your application that you do not want to upgrade. The Rails team dropped this feature and switched to `strong_parameters` because of security issues. However some applications simply cannot be upgraded or security like this is a non-issue. To continue supporting this feature going forward lets continue the work here.
7
7
 
8
8
  Protect attributes from mass-assignment in Active Record models. This gem adds the class methods `attr_accessible` and `attr_protected` to declare white or black lists of attributes.
9
9
 
@@ -98,7 +98,9 @@ Any protected attributes violation raises `ActiveModel::MassAssignmentSecurity::
98
98
 
99
99
  ## Contributing
100
100
 
101
- We use the `appraisal` gem for testing multiple versions of `Rails`. Please use the following steps to test using `appraisal`.
101
+ For quicker feedback during gem development or debugging feel free to use the provided `rake console` task. It is defined within the [`Rakefile`](https://github.com/westonganger/protected_attributes_continued/blob/master/Rakefile).
102
+
103
+ We test multiple versions of `Rails` using the `appraisal` gem. Please use the following steps to test using `appraisal`.
102
104
 
103
105
  1. `bundle exec appraisal install`
104
106
  2. `bundle exec appraisal rake test`
@@ -107,7 +109,7 @@ We use the `appraisal` gem for testing multiple versions of `Rails`. Please use
107
109
 
108
110
  Created & Maintained by [Weston Ganger](https://westonganger.com) - [@westonganger](https://github.com/westonganger)
109
111
 
110
- Originally forked from the dead/unmaintained `protected_attributes` gem by the Rails team.
112
+ Originally forked from the dead/unmaintained [`protected_attributes`](https://github.com/rails/protected_attributes) gem by the Rails team.
111
113
 
112
114
  ## A Simple and Similar strong_params Alternative
113
115
 
data/lib/active_record/mass_assignment_security.rb CHANGED
@@ -7,6 +7,7 @@ require "active_record/mass_assignment_security/nested_attributes"
7
7
  require "active_record/mass_assignment_security/persistence"
8
8
  require "active_record/mass_assignment_security/reflection"
9
9
  require "active_record/mass_assignment_security/relation"
10
+ require "active_record/mass_assignment_security/association_relation"
10
11
  require "active_record/mass_assignment_security/validations"
11
12
  require "active_record/mass_assignment_security/associations"
12
13
  require "active_record/mass_assignment_security/inheritance"
data/lib/active_record/mass_assignment_security/association_relation.rb ADDED
@@ -0,0 +1,27 @@
1
+ if ActiveRecord::VERSION::MAJOR >= 6
2
+
3
+ module ActiveRecord
4
+ class AssociationRelation
5
+ undef :new
6
+ undef :create
7
+ undef :create!
8
+
9
+ def build(attributes = nil, options = {}, &block)
10
+ block = _deprecated_scope_block("new", &block)
11
+ scoping { @association.build(attributes, options, &block) }
12
+ end
13
+ alias new build
14
+
15
+ def create(attributes = nil, options = {}, &block)
16
+ block = _deprecated_scope_block("create", &block)
17
+ scoping { @association.create(attributes, options, &block) }
18
+ end
19
+
20
+ def create!(attributes = nil, options = {}, &block)
21
+ block = _deprecated_scope_block("create!", &block)
22
+ scoping { @association.create!(attributes, options, &block) }
23
+ end
24
+ end
25
+ end
26
+
27
+ end
data/lib/protected_attributes/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ProtectedAttributes
2
- VERSION = "1.6.0".freeze
2
+ VERSION = "1.7.0".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: protected_attributes_continued
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Weston Ganger
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-01 00:00:00.000000000 Z
11
+ date: 2020-10-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activemodel
@@ -122,6 +122,7 @@ files:
122
122
  - lib/active_model/mass_assignment_security/permission_set.rb
123
123
  - lib/active_model/mass_assignment_security/sanitizer.rb
124
124
  - lib/active_record/mass_assignment_security.rb
125
+ - lib/active_record/mass_assignment_security/association_relation.rb
125
126
  - lib/active_record/mass_assignment_security/associations.rb
126
127
  - lib/active_record/mass_assignment_security/attribute_assignment.rb
127
128
  - lib/active_record/mass_assignment_security/core.rb