protector 0.7.3 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/lib/protector/adapters/active_record.rb +2 -0
  3. data/lib/protector/adapters/active_record/base.rb +0 -9
  4. data/lib/protector/adapters/active_record/relation.rb +6 -1
  5. data/lib/protector/adapters/active_record/strong_parameters.rb +20 -17
  6. data/lib/protector/adapters/active_record/validations.rb +24 -0
  7. data/lib/protector/engine.rb +1 -1
  8. data/lib/protector/version.rb +1 -1
  9. data/spec/lib/protector/adapters/active_record_spec.rb +11 -0
  10. data/spec/lib/protector/engine_spec.rb +2 -1
  11. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 0a2b754f71ad4665dfb640dd5ab5c2060d4f76d4
4
- data.tar.gz: bb360fdf2df2fb9fb363b3c1bc504f55ac43251a
3
+ metadata.gz: 8ab9ae6223aeaab08d8d948afabcda92ba575bb5
4
+ data.tar.gz: 78493baec6fb7bba08e88317786e0f6f67424c46
5
5
  SHA512:
6
- metadata.gz: e369f3564da219a73ff7064e1e61fcfee92f3250861c2a55f98a01db1465a532be4ffa8d2a2154dafb2571ccc104a7911f5e2960f503d44d1de95fcbd7fd0daa
7
- data.tar.gz: b0fe0645dfbb8e596baf3fa097005e1aff161fef6503413917d95d8a1c3362ebffbecc4d78823ba8b1ddd74adad5a49b74640b3439dcd576b13463e4fdfd5711
6
+ metadata.gz: 553c9be308ba628290f0e629674601e87cc6e0976c27fa04178129eac71a5dd29a1dac95508c93d316dc074029c29e7849ec274406b0ccf74d0cec74e4c616cf
7
+ data.tar.gz: 127203f58494490d56d711c6af3a30777b7ddab2fd6822f10a4a6d7838c054ded1163f84565b965fb034fa501f0c2186823079477d2b288d8577c27833b60170
data/lib/protector/adapters/active_record.rb CHANGED
@@ -5,6 +5,7 @@ require 'protector/adapters/active_record/relation'
5
5
  require 'protector/adapters/active_record/collection_proxy'
6
6
  require 'protector/adapters/active_record/preloader'
7
7
  require 'protector/adapters/active_record/strong_parameters'
8
+ require 'protector/adapters/active_record/validations'
8
9
 
9
10
  module Protector
10
11
  module Adapters
@@ -15,6 +16,7 @@ module Protector
15
16
  return false unless defined?(::ActiveRecord)
16
17
 
17
18
  ::ActiveRecord::Base.send :include, Protector::Adapters::ActiveRecord::Base
19
+ ::ActiveRecord::Base.send :include, Protector::Adapters::ActiveRecord::Validations
18
20
  ::ActiveRecord::Relation.send :include, Protector::Adapters::ActiveRecord::Relation
19
21
  ::ActiveRecord::Associations::SingularAssociation.send :include, Protector::Adapters::ActiveRecord::Association
20
22
  ::ActiveRecord::Associations::SingularAssociation.send :include, Protector::Adapters::ActiveRecord::SingularAssociation
data/lib/protector/adapters/active_record/base.rb CHANGED
@@ -18,15 +18,6 @@ module Protector
18
18
  klass.undefine_attribute_methods if klass < self
19
19
  end
20
20
 
21
- validate do
22
- if protector_subject?
23
- method = new_record? ? :first_uncreatable_field : :first_unupdatable_field
24
- field = protector_meta.send(method, protector_changed)
25
-
26
- errors[:base] << I18n.t('protector.invalid', field: field) if field
27
- end
28
- end
29
-
30
21
  # Drops {Protector::DSL::Meta::Box} cache when subject changes
31
22
  def restrict!(*args)
32
23
  @protector_meta = nil
data/lib/protector/adapters/active_record/relation.rb CHANGED
@@ -91,7 +91,7 @@ module Protector
91
91
 
92
92
  # strong_parameters integration
93
93
  if Protector.config.strong_parameters? && args.first.respond_to?(:permit)
94
- Protector::ActiveRecord::StrongParameters.sanitize! args, true, protector_meta
94
+ Protector::ActiveRecord::Adapters::StrongParameters.sanitize! args, true, protector_meta
95
95
  end
96
96
 
97
97
  unless block_given?
@@ -106,6 +106,11 @@ module Protector
106
106
  def create_with_protector(*args, &block)
107
107
  return create_without_protector(*args, &block) unless protector_subject?
108
108
 
109
+ # strong_parameters integration
110
+ if Protector.config.strong_parameters? && args.first.respond_to?(:permit)
111
+ Protector::ActiveRecord::Adapters::StrongParameters.sanitize! args, true, protector_meta
112
+ end
113
+
109
114
  create_without_protector(*args) do |instance|
110
115
  instance.restrict!(protector_subject)
111
116
  block.call(instance) if block
data/lib/protector/adapters/active_record/strong_parameters.rb CHANGED
@@ -1,26 +1,29 @@
1
1
  module Protector
2
2
  module ActiveRecord
3
- module StrongParameters
4
- def self.sanitize!(args, is_new, meta)
5
- return if args[0].permitted?
6
- if is_new
7
- args[0] = args[0].permit(*meta.access[:create].keys) if meta.access.include? :create
8
- else
9
- args[0] = args[0].permit(*meta.access[:update].keys) if meta.access.include? :update
3
+ module Adapters
4
+ module StrongParameters
5
+ def self.sanitize!(args, is_new, meta)
6
+ return if args[0].permitted?
7
+ if is_new
8
+ args[0] = args[0].permit(*meta.access[:create].keys) if meta.access.include? :create
9
+ else
10
+ args[0] = args[0].permit(*meta.access[:update].keys) if meta.access.include? :update
11
+ end
10
12
  end
11
- end
12
13
 
13
- # strong_parameters integration
14
- def sanitize_for_mass_assignment(*args)
15
- # We check only for updation here since the creation will be handled by relation
16
- # (see Protector::Adapters::ActiveRecord::Relation#new_with_protector)
17
- if Protector.config.strong_parameters? && args.first.respond_to?(:permit) \
18
- && !new_record? && protector_subject?
14
+ # strong_parameters integration
15
+ def sanitize_for_mass_assignment(*args)
16
+ # We check only for updation here since the creation will be handled by relation
17
+ # (see Protector::Adapters::ActiveRecord::Relation#new_with_protector and
18
+ # Protector::Adapters::ActiveRecord::Relation#create_with_protector)
19
+ if Protector.config.strong_parameters? && args.first.respond_to?(:permit) \
20
+ && !new_record? && protector_subject?
19
21
 
20
- StrongParameters.sanitize! args, false, protector_meta
21
- end
22
+ StrongParameters.sanitize! args, false, protector_meta
23
+ end
22
24
 
23
- super
25
+ super
26
+ end
24
27
  end
25
28
  end
26
29
  end
data/lib/protector/adapters/active_record/validations.rb ADDED
@@ -0,0 +1,24 @@
1
+ module Protector
2
+ module Adapters
3
+ module ActiveRecord
4
+ module Validations
5
+ def valid?(*args)
6
+ if protector_subject?
7
+ state = Protector.insecurely{ super(*args) }
8
+ method = new_record? ? :first_uncreatable_field : :first_unupdatable_field
9
+ field = protector_meta.send(method, protector_changed)
10
+
11
+ if field
12
+ errors[:base] << I18n.t('protector.invalid', field: field)
13
+ state = false
14
+ end
15
+
16
+ state
17
+ else
18
+ super(*args)
19
+ end
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
data/lib/protector/engine.rb CHANGED
@@ -6,7 +6,7 @@ module Protector
6
6
  app.config.protector.each { |k, v| Protector.config[k] = v }
7
7
 
8
8
  if Protector::Adapters::ActiveRecord.modern?
9
- ::ActiveRecord::Base.send(:include, Protector::ActiveRecord::StrongParameters)
9
+ ::ActiveRecord::Base.send(:include, Protector::ActiveRecord::Adapters::StrongParameters)
10
10
  end
11
11
  end
12
12
  end
data/lib/protector/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module Protector
2
2
  # Gem version
3
- VERSION = '0.7.3'
3
+ VERSION = '0.7.4'
4
4
  end
data/spec/lib/protector/adapters/active_record_spec.rb CHANGED
@@ -116,6 +116,17 @@ if defined?(ActiveRecord)
116
116
  expect { dummy.restrict!('!').find(1) }.to_not raise_error
117
117
  expect { dummy.restrict!('!').find(2) }.to raise_error
118
118
  end
119
+
120
+ it "allows for validations" do
121
+ dummy.instance_eval do
122
+ validates :string, presence: true
123
+ protect do; can :create; end
124
+ end
125
+
126
+ instance = dummy.restrict!('!').new(string: 'test')
127
+ instance.save.should == true
128
+ instance.delete
129
+ end
119
130
  end
120
131
 
121
132
  #
data/spec/lib/protector/engine_spec.rb CHANGED
@@ -12,7 +12,7 @@ if defined?(Rails)
12
12
 
13
13
  unless Protector::Adapters::ActiveRecord.modern?
14
14
  ActiveRecord::Base.send(:include, ActiveModel::ForbiddenAttributesProtection)
15
- ActiveRecord::Base.send(:include, Protector::ActiveRecord::StrongParameters)
15
+ ActiveRecord::Base.send(:include, Protector::ActiveRecord::Adapters::StrongParameters)
16
16
  end
17
17
  end
18
18
 
@@ -48,6 +48,7 @@ if defined?(Rails)
48
48
 
49
49
  it "creates" do
50
50
  expect{ dummy.restrict!.new params(string: 'test') }.to_not raise_error
51
+ expect{ dummy.restrict!.create(params(string: 'test')).delete }.to_not raise_error
51
52
  expect{ dummy.restrict!.new params(number: 1) }.to raise_error
52
53
  end
53
54
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: protector
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.3
4
+ version: 0.7.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Boris Staal
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-12-30 00:00:00.000000000 Z
11
+ date: 2014-01-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -71,6 +71,7 @@ files:
71
71
  - lib/protector/adapters/active_record/relation.rb
72
72
  - lib/protector/adapters/active_record/singular_association.rb
73
73
  - lib/protector/adapters/active_record/strong_parameters.rb
74
+ - lib/protector/adapters/active_record/validations.rb
74
75
  - lib/protector/adapters/sequel.rb
75
76
  - lib/protector/adapters/sequel/dataset.rb
76
77
  - lib/protector/adapters/sequel/eager_graph_loader.rb