rails_admin 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of rails_admin might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +0 -2
- data/README.md +9 -0
- data/app/controllers/rails_admin/application_controller.rb +4 -0
- data/config/initializers/active_record_extensions.rb +1 -1
- data/lib/rails_admin/adapters/active_record.rb +2 -0
- data/lib/rails_admin/config/actions/dashboard.rb +1 -1
- data/lib/rails_admin/config/actions/index.rb +1 -1
- data/lib/rails_admin/support/csv_converter.rb +4 -0
- data/lib/rails_admin/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d80a5575faa7784d6f5d17ddebb05038a5416969
|
|
4
|
+
data.tar.gz: c30c5b1ffb5839b5b387b7935e7ed201966efdbb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ee5a0326bd91f3b04e1b7711cddb648772bbc29f47f76784a69508fcfa3bf590528321b86faddace87c3bd1d6334100e0fea04cf18dbd04ecf6bd3e3ed2c85e9
|
|
7
|
+
data.tar.gz: 4565950fa8e26c5c5b7a0d79cb522e91d1256575287e7b637165c2c03b82053461aa3e6317479c5ca2340439b5a9d8e4e5768efe52939b7d32b1bb1cfd443919
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -16,6 +16,15 @@
|
|
|
16
16
|
|
|
17
17
|
RailsAdmin is a Rails engine that provides an easy-to-use interface for managing your data.
|
|
18
18
|
|
|
19
|
+
## Announcements
|
|
20
|
+
|
|
21
|
+
### [Action required] Security issue
|
|
22
|
+
|
|
23
|
+
**RailsAdmin 1.0.0 and 1.1.0 have been reported to have CSRF vulnerability with default setup.** We strongly recommend that you upgrade RailsAdmin to 1.1.1 or later as soon as possible, if you are on these versions. See [b13e879e](https://github.com/sferik/rails_admin/commit/b13e879eb93b661204e9fb5e55f7afa4f397537a) for the detail.
|
|
24
|
+
|
|
25
|
+
This problem was reported by SourceClear, Inc.
|
|
26
|
+
|
|
27
|
+
|
|
19
28
|
## Features
|
|
20
29
|
* CRUD any data with ease
|
|
21
30
|
* Custom actions
|
|
@@ -11,6 +11,8 @@ module RailsAdmin
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
class ApplicationController < Config.parent_controller.constantize
|
|
14
|
+
protect_from_forgery with: :exception
|
|
15
|
+
|
|
14
16
|
before_action :_authenticate!
|
|
15
17
|
before_action :_authorize!
|
|
16
18
|
before_action :_audit!
|
|
@@ -63,12 +65,14 @@ module RailsAdmin
|
|
|
63
65
|
rescue_from RailsAdmin::ObjectNotFound do
|
|
64
66
|
flash[:error] = I18n.t('admin.flash.object_not_found', model: @model_name, id: params[:id])
|
|
65
67
|
params[:action] = 'index'
|
|
68
|
+
@status_code = :not_found
|
|
66
69
|
index
|
|
67
70
|
end
|
|
68
71
|
|
|
69
72
|
rescue_from RailsAdmin::ModelNotFound do
|
|
70
73
|
flash[:error] = I18n.t('admin.flash.model_not_found', model: @model_name)
|
|
71
74
|
params[:action] = 'dashboard'
|
|
75
|
+
@status_code = :not_found
|
|
72
76
|
dashboard
|
|
73
77
|
end
|
|
74
78
|
end
|
|
@@ -72,6 +72,8 @@ module RailsAdmin
|
|
|
72
72
|
::ActiveRecord::Base.connection.select_one("SELECT ''::text AS str;").values.first.encoding
|
|
73
73
|
when 'mysql2'
|
|
74
74
|
::ActiveRecord::Base.connection.instance_variable_get(:@connection).encoding
|
|
75
|
+
when 'oracle_enhanced'
|
|
76
|
+
::ActiveRecord::Base.connection.select_one("SELECT dummy FROM DUAL").values.first.encoding
|
|
75
77
|
else
|
|
76
78
|
::ActiveRecord::Base.connection.select_one("SELECT '' AS str;").values.first.encoding
|
|
77
79
|
end
|
|
@@ -30,7 +30,7 @@ module RailsAdmin
|
|
|
30
30
|
@most_recent_created[t.model.name] = t.model.last.try(:created_at)
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
|
-
render @action.template_name, status:
|
|
33
|
+
render @action.template_name, status: @status_code || :ok
|
|
34
34
|
end
|
|
35
35
|
end
|
|
36
36
|
|
|
@@ -4,6 +4,9 @@ require 'csv'
|
|
|
4
4
|
module RailsAdmin
|
|
5
5
|
class CSVConverter
|
|
6
6
|
def initialize(objects = [], schema = {})
|
|
7
|
+
@fields = []
|
|
8
|
+
@associations = []
|
|
9
|
+
|
|
7
10
|
return self if (@objects = objects).blank?
|
|
8
11
|
|
|
9
12
|
@model = objects.dup.first.class
|
|
@@ -32,6 +35,7 @@ module RailsAdmin
|
|
|
32
35
|
end
|
|
33
36
|
|
|
34
37
|
def to_csv(options = {})
|
|
38
|
+
options = HashWithIndifferentAccess.new(options)
|
|
35
39
|
encoding_to = Encoding.find(options[:encoding_to]) if options[:encoding_to].present?
|
|
36
40
|
|
|
37
41
|
csv_string = generate_csv_string(options)
|
data/lib/rails_admin/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_admin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Erik Michaels-Ober
|
|
@@ -12,7 +12,7 @@ authors:
|
|
|
12
12
|
autorequire:
|
|
13
13
|
bindir: bin
|
|
14
14
|
cert_chain: []
|
|
15
|
-
date: 2016-
|
|
15
|
+
date: 2016-12-25 00:00:00.000000000 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: builder
|