protector 0.7.1 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +1 -1
- data/lib/protector/adapters/active_record.rb +4 -0
- data/lib/protector/adapters/active_record/association.rb +7 -5
- data/lib/protector/adapters/active_record/base.rb +5 -0
- data/lib/protector/adapters/active_record/collection_proxy.rb +16 -0
- data/lib/protector/adapters/active_record/singular_association.rb +27 -0
- data/lib/protector/version.rb +1 -1
- data/spec/lib/protector/adapters/active_record_spec.rb +144 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4db3bb657e21375e7642202dac85b1c694a9b572
|
|
4
|
+
data.tar.gz: 3e3e2498415ba55e7fd8b2c6cdc4ff432aaaf8b0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 27cbad32b5ac59f45af321ae849854146c69ec716b4c7cd51ae0941621b5971352c569746bf352ed3879bb3fa42af76b419d71be604d7e0faa7740c908e9934d
|
|
7
|
+
data.tar.gz: 77170151fc817bad0d5913ff82025f98e3ef31346062c68821cae69f9165eb80f16aedcbf21aab0a03b4b74f1b8937780ca1d8bff3993059bdeddd5a0c2d7b9e
|
data/Rakefile
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
require 'protector/adapters/active_record/base'
|
|
2
2
|
require 'protector/adapters/active_record/association'
|
|
3
|
+
require 'protector/adapters/active_record/singular_association'
|
|
3
4
|
require 'protector/adapters/active_record/relation'
|
|
5
|
+
require 'protector/adapters/active_record/collection_proxy'
|
|
4
6
|
require 'protector/adapters/active_record/preloader'
|
|
5
7
|
require 'protector/adapters/active_record/strong_parameters'
|
|
6
8
|
|
|
@@ -15,9 +17,11 @@ module Protector
|
|
|
15
17
|
::ActiveRecord::Base.send :include, Protector::Adapters::ActiveRecord::Base
|
|
16
18
|
::ActiveRecord::Relation.send :include, Protector::Adapters::ActiveRecord::Relation
|
|
17
19
|
::ActiveRecord::Associations::SingularAssociation.send :include, Protector::Adapters::ActiveRecord::Association
|
|
20
|
+
::ActiveRecord::Associations::SingularAssociation.send :include, Protector::Adapters::ActiveRecord::SingularAssociation
|
|
18
21
|
::ActiveRecord::Associations::CollectionAssociation.send :include, Protector::Adapters::ActiveRecord::Association
|
|
19
22
|
::ActiveRecord::Associations::Preloader.send :include, Protector::Adapters::ActiveRecord::Preloader
|
|
20
23
|
::ActiveRecord::Associations::Preloader::Association.send :include, Protector::Adapters::ActiveRecord::Preloader::Association
|
|
24
|
+
::ActiveRecord::Associations::CollectionProxy.send :include, Protector::Adapters::ActiveRecord::CollectionProxy
|
|
21
25
|
end
|
|
22
26
|
|
|
23
27
|
def self.modern?
|
|
@@ -6,6 +6,8 @@ module Protector
|
|
|
6
6
|
extend ActiveSupport::Concern
|
|
7
7
|
|
|
8
8
|
included do
|
|
9
|
+
include Protector::DSL::Base
|
|
10
|
+
|
|
9
11
|
# AR 4 has renamed `scoped` to `scope`
|
|
10
12
|
if method_defined?(:scope)
|
|
11
13
|
alias_method_chain :scope, :protector
|
|
@@ -14,20 +16,20 @@ module Protector
|
|
|
14
16
|
alias_method 'scoped', 'scope_with_protector'
|
|
15
17
|
end
|
|
16
18
|
|
|
17
|
-
alias_method_chain :
|
|
19
|
+
alias_method_chain :build_record, :protector
|
|
18
20
|
end
|
|
19
21
|
|
|
20
22
|
# Wraps every association with current subject
|
|
21
23
|
def scope_with_protector(*args)
|
|
22
24
|
scope = scope_without_protector(*args)
|
|
23
|
-
scope = scope.restrict!(
|
|
25
|
+
scope = scope.restrict!(protector_subject) if protector_subject?
|
|
24
26
|
scope
|
|
25
27
|
end
|
|
26
28
|
|
|
27
29
|
# Forwards protection subject to the new instance
|
|
28
|
-
def
|
|
29
|
-
return
|
|
30
|
-
|
|
30
|
+
def build_record_with_protector(*args)
|
|
31
|
+
return build_record_without_protector(*args) unless protector_subject?
|
|
32
|
+
build_record_without_protector(*args).restrict!(protector_subject)
|
|
31
33
|
end
|
|
32
34
|
end
|
|
33
35
|
end
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
module Protector
|
|
2
|
+
module Adapters
|
|
3
|
+
module ActiveRecord
|
|
4
|
+
# Patches `ActiveRecord::Associations::CollectionProxy`
|
|
5
|
+
module CollectionProxy
|
|
6
|
+
extend ActiveSupport::Concern
|
|
7
|
+
delegate :protector_subject, :protector_subject?, :to => :@association
|
|
8
|
+
|
|
9
|
+
def restrict!(*args)
|
|
10
|
+
@association.restrict!(*args)
|
|
11
|
+
self
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
module Protector
|
|
2
|
+
module Adapters
|
|
3
|
+
module ActiveRecord
|
|
4
|
+
# Patches `ActiveRecord::Associations::SingularAssociation`
|
|
5
|
+
module SingularAssociation
|
|
6
|
+
extend ActiveSupport::Concern
|
|
7
|
+
|
|
8
|
+
included do
|
|
9
|
+
alias_method_chain :reader, :protector
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
# Reader has to be explicitly overrided for cases when the
|
|
13
|
+
# loaded association is cached
|
|
14
|
+
def reader_with_protector(*args)
|
|
15
|
+
return reader_without_protector(*args) unless protector_subject?
|
|
16
|
+
reader_without_protector(*args).try :restrict!, protector_subject
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Forwards protection subject to the new instance
|
|
20
|
+
def build_record_with_protector(*args)
|
|
21
|
+
return build_record_without_protector(*args) unless protector_subject?
|
|
22
|
+
build_record_without_protector(*args).restrict!(protector_subject)
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
data/lib/protector/version.rb
CHANGED
|
@@ -137,6 +137,7 @@ if defined?(ActiveRecord)
|
|
|
137
137
|
Dummy.restrict!('!').where(number: 999).to_a.first.protector_subject.should == '!'
|
|
138
138
|
Dummy.restrict!('!').new.protector_subject.should == '!'
|
|
139
139
|
Dummy.restrict!('!').first.fluffies.new.protector_subject.should == '!'
|
|
140
|
+
Dummy.first.fluffies.restrict!('!').new.protector_subject.should == '!'
|
|
140
141
|
end
|
|
141
142
|
|
|
142
143
|
it "checks creatability" do
|
|
@@ -242,6 +243,149 @@ if defined?(ActiveRecord)
|
|
|
242
243
|
end
|
|
243
244
|
end
|
|
244
245
|
|
|
246
|
+
#
|
|
247
|
+
# Model scope
|
|
248
|
+
#
|
|
249
|
+
describe Protector::Adapters::ActiveRecord::Association do
|
|
250
|
+
describe "validates on create! within association" do
|
|
251
|
+
it "when restricted from entity" do
|
|
252
|
+
expect { Dummy.first.restrict!('-').fluffies.create!(string: 'test').delete }.to raise_error
|
|
253
|
+
end
|
|
254
|
+
|
|
255
|
+
it "when restricted from association" do
|
|
256
|
+
expect { Dummy.first.fluffies.restrict!('-').create!(string: 'test').delete }.to raise_error
|
|
257
|
+
end
|
|
258
|
+
end
|
|
259
|
+
|
|
260
|
+
context "singular association" do
|
|
261
|
+
it "forwards subject" do
|
|
262
|
+
Fluffy.restrict!('!').first.dummy.protector_subject.should == '!'
|
|
263
|
+
Fluffy.first.restrict!('!').dummy.protector_subject.should == '!'
|
|
264
|
+
end
|
|
265
|
+
|
|
266
|
+
it "forwards cached subject" do
|
|
267
|
+
Dummy.first.fluffies.restrict!('!').first.dummy.protector_subject.should == '!'
|
|
268
|
+
end
|
|
269
|
+
end
|
|
270
|
+
|
|
271
|
+
context "collection association" do
|
|
272
|
+
it "forwards subject" do
|
|
273
|
+
Dummy.restrict!('!').first.fluffies.protector_subject.should == '!'
|
|
274
|
+
Dummy.first.restrict!('!').fluffies.protector_subject.should == '!'
|
|
275
|
+
Dummy.restrict!('!').first.fluffies.new.protector_subject.should == '!'
|
|
276
|
+
Dummy.first.restrict!('!').fluffies.new.protector_subject.should == '!'
|
|
277
|
+
Dummy.first.fluffies.restrict!('!').new.protector_subject.should == '!'
|
|
278
|
+
end
|
|
279
|
+
|
|
280
|
+
context "with open relation" do
|
|
281
|
+
context "adequate", paranoid: false do
|
|
282
|
+
|
|
283
|
+
it "checks existence" do
|
|
284
|
+
Dummy.first.fluffies.any?.should == true
|
|
285
|
+
Dummy.first.restrict!('!').fluffies.any?.should == true
|
|
286
|
+
Dummy.first.fluffies.restrict!('!').any?.should == true
|
|
287
|
+
end
|
|
288
|
+
|
|
289
|
+
it "counts" do
|
|
290
|
+
Dummy.first.fluffies.count.should == 2
|
|
291
|
+
|
|
292
|
+
fluffies = Dummy.first.restrict!('!').fluffies
|
|
293
|
+
fluffies.count.should == 2
|
|
294
|
+
fluffies.protector_subject?.should == true
|
|
295
|
+
|
|
296
|
+
fluffies = Dummy.first.fluffies.restrict!('!')
|
|
297
|
+
fluffies.count.should == 2
|
|
298
|
+
fluffies.protector_subject?.should == true
|
|
299
|
+
end
|
|
300
|
+
|
|
301
|
+
it "fetches" do
|
|
302
|
+
Dummy.first.fluffies.count.should == 2
|
|
303
|
+
Dummy.first.restrict!('!').fluffies.length.should == 2
|
|
304
|
+
Dummy.first.fluffies.restrict!('!').length.should == 2
|
|
305
|
+
end
|
|
306
|
+
end
|
|
307
|
+
|
|
308
|
+
context "paranoid", paranoid: true do
|
|
309
|
+
it "checks existence" do
|
|
310
|
+
Dummy.first.fluffies.any?.should == true
|
|
311
|
+
Dummy.first.restrict!('!').fluffies.any?.should == false
|
|
312
|
+
Dummy.first.fluffies.restrict!('!').any?.should == false
|
|
313
|
+
end
|
|
314
|
+
|
|
315
|
+
it "counts" do
|
|
316
|
+
Dummy.first.fluffies.count.should == 2
|
|
317
|
+
|
|
318
|
+
fluffies = Dummy.first.restrict!('!').fluffies
|
|
319
|
+
fluffies.count.should == 0
|
|
320
|
+
fluffies.protector_subject?.should == true
|
|
321
|
+
|
|
322
|
+
fluffies = Dummy.first.fluffies.restrict!('!')
|
|
323
|
+
fluffies.count.should == 0
|
|
324
|
+
fluffies.protector_subject?.should == true
|
|
325
|
+
end
|
|
326
|
+
|
|
327
|
+
it "fetches" do
|
|
328
|
+
Dummy.first.fluffies.count.should == 2
|
|
329
|
+
Dummy.first.restrict!('!').fluffies.length.should == 0
|
|
330
|
+
Dummy.first.fluffies.restrict!('!').length.should == 0
|
|
331
|
+
end
|
|
332
|
+
end
|
|
333
|
+
end
|
|
334
|
+
end
|
|
335
|
+
|
|
336
|
+
context "with null relation" do
|
|
337
|
+
it "checks existence" do
|
|
338
|
+
Dummy.first.fluffies.any?.should == true
|
|
339
|
+
Dummy.first.restrict!('-').fluffies.any?.should == false
|
|
340
|
+
Dummy.first.fluffies.restrict!('-').any?.should == false
|
|
341
|
+
end
|
|
342
|
+
|
|
343
|
+
it "counts" do
|
|
344
|
+
Dummy.first.fluffies.count.should == 2
|
|
345
|
+
|
|
346
|
+
fluffies = Dummy.first.restrict!('-').fluffies
|
|
347
|
+
fluffies.count.should == 0
|
|
348
|
+
fluffies.protector_subject?.should == true
|
|
349
|
+
|
|
350
|
+
fluffies = Dummy.first.fluffies.restrict!('-')
|
|
351
|
+
fluffies.count.should == 0
|
|
352
|
+
fluffies.protector_subject?.should == true
|
|
353
|
+
end
|
|
354
|
+
|
|
355
|
+
it "fetches" do
|
|
356
|
+
Dummy.first.fluffies.count.should == 2
|
|
357
|
+
Dummy.first.restrict!('-').fluffies.length.should == 0
|
|
358
|
+
Dummy.first.fluffies.restrict!('-').length.should == 0
|
|
359
|
+
end
|
|
360
|
+
end
|
|
361
|
+
|
|
362
|
+
context "with active relation" do
|
|
363
|
+
it "checks existence" do
|
|
364
|
+
Dummy.first.fluffies.any?.should == true
|
|
365
|
+
Dummy.first.restrict!('+').fluffies.any?.should == true
|
|
366
|
+
Dummy.first.fluffies.restrict!('+').any?.should == true
|
|
367
|
+
end
|
|
368
|
+
|
|
369
|
+
it "counts" do
|
|
370
|
+
Dummy.first.fluffies.count.should == 2
|
|
371
|
+
|
|
372
|
+
fluffies = Dummy.first.restrict!('+').fluffies
|
|
373
|
+
fluffies.count.should == 1
|
|
374
|
+
fluffies.protector_subject?.should == true
|
|
375
|
+
|
|
376
|
+
fluffies = Dummy.first.fluffies.restrict!('+')
|
|
377
|
+
fluffies.count.should == 1
|
|
378
|
+
fluffies.protector_subject?.should == true
|
|
379
|
+
end
|
|
380
|
+
|
|
381
|
+
it "fetches" do
|
|
382
|
+
Dummy.first.fluffies.count.should == 2
|
|
383
|
+
Dummy.first.restrict!('+').fluffies.length.should == 1
|
|
384
|
+
Dummy.first.fluffies.restrict!('+').length.should == 1
|
|
385
|
+
end
|
|
386
|
+
end
|
|
387
|
+
end
|
|
388
|
+
|
|
245
389
|
#
|
|
246
390
|
# Eager loading
|
|
247
391
|
#
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: protector
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Boris Staal
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-12-
|
|
11
|
+
date: 2013-12-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -66,8 +66,10 @@ files:
|
|
|
66
66
|
- lib/protector/adapters/active_record.rb
|
|
67
67
|
- lib/protector/adapters/active_record/association.rb
|
|
68
68
|
- lib/protector/adapters/active_record/base.rb
|
|
69
|
+
- lib/protector/adapters/active_record/collection_proxy.rb
|
|
69
70
|
- lib/protector/adapters/active_record/preloader.rb
|
|
70
71
|
- lib/protector/adapters/active_record/relation.rb
|
|
72
|
+
- lib/protector/adapters/active_record/singular_association.rb
|
|
71
73
|
- lib/protector/adapters/active_record/strong_parameters.rb
|
|
72
74
|
- lib/protector/adapters/sequel.rb
|
|
73
75
|
- lib/protector/adapters/sequel/dataset.rb
|