remembering_strong_parameters 0.0.1

data/test/parameters_require_test.rb

@@ -0,0 +1,10 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+class ParametersRequireTest < ActiveSupport::TestCase
+  test "required parameters must be present not merely not nil" do
+    assert_raises(ActionController::ParameterMissing) do
+      ActionController::Parameters.new(:person => {}).require(:person)
+    end
+  end
+end

data/test/parameters_taint_test.rb

@@ -0,0 +1,94 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+class ParametersTaintTest < ActiveSupport::TestCase
+  setup do
+    @params = ActionController::Parameters.new({ :person => {
+      :age => "32", :name => { :first => "David", :last => "Heinemeier Hansson" }
+    }})
+  end
+
+  test "fetch raises ParameterMissing exception" do
+    e = assert_raises(ActionController::ParameterMissing) do
+      @params.fetch :foo
+    end
+    assert_equal :foo, e.param
+  end
+
+  test "fetch doesnt raise ParameterMissing exception if there is a default" do
+    assert_nothing_raised do
+      assert_equal "monkey", @params.fetch(:foo, "monkey")
+      assert_equal "monkey", @params.fetch(:foo) { "monkey" }
+    end
+  end
+
+  test "not permitted is sticky on accessors" do
+    assert !@params.slice(:person).strengthened?
+    assert !@params[:person][:name].strengthened?
+    assert !@params[:person].except(:name).strengthened?
+
+    @params.each { |key, value| assert(!value.strengthened?) if key == "person" }
+
+    assert !@params.fetch(:person).strengthened?
+
+    assert !@params.values_at(:person).first.strengthened?
+  end
+
+  test "permitted is sticky on accessors" do
+    @params.permit!
+    assert @params.slice(:person).strengthened?
+    assert @params[:person][:name].strengthened?
+    assert @params[:person].except(:name).strengthened?
+
+    @params.each { |key, value| assert(value.strengthened?) if key == "person" }
+
+    assert @params.fetch(:person).strengthened?
+
+    assert @params.values_at(:person).first.strengthened?
+  end
+
+  test "not permitted is sticky on mutators" do
+    assert !@params.delete_if { |k, v| k == "person" }.strengthened?
+    assert !@params.keep_if { |k, v| k == "person" }.strengthened? if @params.respond_to?(:keep_if)
+  end
+
+  test "permitted is sticky on mutators" do
+    @params['something'] = 'else'
+    @params.permit!
+    assert @params.delete_if { |k, v| k == "person" }.strengthened?
+    assert @params.keep_if { |k, v| k == "person" }.strengthened? if @params.respond_to?(:keep_if)
+  end
+
+  test "not permitted is sticky beyond merges" do
+    assert !@params.merge(:a => "b").strengthened?
+  end
+
+  test "permitted is sticky beyond merges" do
+    @params.permit!
+    assert @params.merge(:a => "b").strengthened?
+  end
+
+  test "modifying the parameters" do
+    @params[:person][:hometown] = "Chicago"
+    @params[:person][:family] = { :brother => "Jonas" }
+
+    assert_equal "Chicago", @params[:person][:hometown]
+    assert_equal "Jonas", @params[:person][:family][:brother]
+  end
+
+  test "permitting parameters that are not there should not include the keys" do
+    assert !@params.permit(:person, :funky).has_key?(:funky)
+  end
+
+  test "permit state is kept on a dup" do
+    @params.permit!
+    assert_equal @params.strengthened?, @params.dup.strengthened?
+  end
+
+  test "permit is recursive" do
+    @params.permit!
+    assert @params.strengthened?
+    assert @params[:person].strengthened?
+    assert @params[:person][:name].strengthened?
+  end
+end

data/test/strengthen_test.rb

@@ -0,0 +1,147 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+class StrengthenTest < ActiveSupport::TestCase
+  def setup
+    @params = ActionController::Parameters.new(
+      {
+        :things => {
+          :one => 1,
+          :two => 2
+        }, 
+          
+        :foo => :bar
+      }
+    )
+  end
+  
+  test "required not present" do   
+    assert_raises(ActionController::ParameterMissing) do
+      @params.strengthen(:something_else => :required)
+    end
+  end
+  
+  test "require not present" do   
+    assert_raises(ActionController::ParameterMissing) do
+      @params.strengthen(:something_else => :require)
+    end
+  end
+    
+  test "parameters persent that are not in require" do
+    assert_equal(
+      {'foo' => :bar},
+      @params.strengthen(:foo => :require)
+    )
+  end
+    
+  test "everything required is present" do
+    assert_equal(
+      @params,
+      @params.strengthen(
+        :foo => :require, 
+        :things => {:one => :require, :two => :require}
+      )
+    )
+  end
+  
+  test "no permitted params present" do  
+    assert_equal(
+      {},
+      @params.strengthen(:something_else => :permit)
+    )
+  end
+  
+  test 'only some permitted params present' do
+    assert_equal(
+      {'foo' => :bar},
+      @params.strengthen(:foo => :permit)
+    )
+  end
+    
+  test 'everything present is permit' do
+    assert_equal(
+      @params,
+      @params.strengthen(
+        :foo => :permit, 
+        :things => {:one => :permit, :two => :permit}
+      )
+    )
+  end
+  
+  test 'everything present is permitted' do
+    assert_equal(
+      @params,
+      @params.strengthen(
+        :foo => :permitted, 
+        :things => {:one => :permitted, :two => :permitted}
+      )
+    )
+  end
+  
+  test 'everything present is within permitted' do
+    assert_equal(
+      @params,
+      @params.strengthen(
+        :foo => :permit, 
+        :things => {:one => :permit, :two => :permit},
+        :something_else => :permit
+      )
+    )
+  end
+  
+  test "everything present is permitted or required" do
+    assert_equal(
+      @params,
+      @params.strengthen(
+        :foo => :require, 
+        :things => {:one => :permit, :two => :permit}
+      )
+    )
+  end
+  
+  test "everything present is within permitted or is required" do 
+    assert_equal(
+      @params,
+      @params.strengthen(
+        :foo => :require, 
+        :things => {:one => :permit, :two => :permit},
+        :something_else => :permit
+      )
+    )   
+  end
+  
+  test "something required is missing in mixed require and permit" do   
+    assert_raises(ActionController::ParameterMissing) do
+      @params.strengthen(
+        :foo => :require, 
+        :things => {:one => :permit, :two => :permit},
+        :something_else => :require
+      )
+    end
+  end
+  
+  test "child has missing required parameter" do 
+    assert_raises(ActionController::ParameterMissing) do
+      @params.strengthen(
+        :foo => :require, 
+        :things => {:one => :permit, :two => :permit, :three => :require},
+        :something_else => :permit
+      )
+   end   
+  end
+
+  test "strengthened?" do
+    assert !@params.strengthened?, "should not be true as strengthen not called"
+    @params.strengthen(:foo => :permit)
+    assert @params.strengthened?, "should be true as strengthen has been called"
+  end 
+  
+  test 'original' do
+    original_params = @params.clone
+    @params.strengthen(:foo => :permit)
+    assert_equal(
+      original_params,
+      @params.original
+    )
+  end
+end

data/test/strong_array_test.rb

@@ -0,0 +1,49 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+
+class StrongArrayTest < ActiveSupport::TestCase
+
+  def setup
+    @params = ActionController::StrongArray.new([
+      ActionController::Parameters.new({
+        :name => "William Shakespeare",
+        :born => "1564-04-26"
+      }), 
+      ActionController::Parameters.new({
+        :name => "Christopher Marlowe"
+      })
+    ])
+  end
+
+  test 'permit' do
+    permitted = @params.strengthen(:name => :permit, :born => :permit)
+    assert_not_equal [], permitted
+    permitted.each_with_index do |item, index|
+      assert_equal(item.keys, @params[index].keys)
+      assert_equal(item.values, @params[index].values)
+    end
+  end
+
+  test 'require' do
+    permitted = @params.strengthen(:name => :require, :born => :permit)
+    assert_not_equal [], permitted
+    permitted.each_with_index do |item, index|
+      assert_equal(item.keys, @params[index].keys)
+      assert_equal(item.values, @params[index].values)
+    end  
+  end
+
+  test 'require with parameter missing' do
+    assert_raise(ActionController::ParameterMissing) do
+      @params.strengthen(:name => :require, :born => :require)
+    end
+  end
+
+  test 'permit with parameter missing' do
+    assert_equal(
+      [{'name' => "William Shakespeare"}, {'name' => "Christopher Marlowe"}],
+      @params.strengthen(:name => :permit)
+    )
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,28 @@
+# Configure Rails Environment
+ENV["RAILS_ENV"] = "test"
+
+require 'test/unit'
+require 'remembering_strong_parameters'
+require 'mocha'
+
+module ActionController
+  SharedTestRoutes = ActionDispatch::Routing::RouteSet.new
+  SharedTestRoutes.draw do
+    match ':controller(/:action)'
+  end
+
+  class Base
+    include ActionController::Testing
+    include SharedTestRoutes.url_helpers
+  end
+
+  class ActionController::TestCase
+    setup do
+      @routes = SharedTestRoutes
+    end
+  end
+end
+
+
+# Load support files
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }

metadata

@@ -0,0 +1,149 @@
+--- !ruby/object:Gem::Specification
+name: remembering_strong_parameters
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Rob Nichols
+- David Heinemeier Hansson (original strong_parameters)
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-01-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.12.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.12.0
+description: 
+email:
+- rob@undervale.co.uk
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/action_controller/parameters.rb
+- lib/remembering_strong_parameters/version.rb
+- lib/active_model/forbidden_attributes_protection.rb
+- lib/remembering_strong_parameters.rb
+- MIT-LICENSE
+- Rakefile
+- README.rdoc
+- test/gemfiles/Gemfile.rails-3.0.x
+- test/gemfiles/Gemfile.rails-3.2.x
+- test/gemfiles/Gemfile.rails-3.0.x.lock
+- test/gemfiles/Gemfile.rails-3.1.x
+- test/action_controller_required_params_test.rb
+- test/active_model_mass_assignment_taint_protection_test.rb
+- test/strong_array_test.rb
+- test/hash_from_test.rb
+- test/parameters_taint_test.rb
+- test/strengthen_test.rb
+- test/action_controller_tainted_params_test.rb
+- test/nested_parameters_test.rb
+- test/test_helper.rb
+- test/parameters_require_test.rb
+- test/multi_parameter_attributes_test.rb
+- test/chained_require_and_permit_test.rb
+homepage: https://github.com/reggieb/remembering_strong_parameters
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Permitted and required parameters for Action Pack
+test_files:
+- test/gemfiles/Gemfile.rails-3.0.x
+- test/gemfiles/Gemfile.rails-3.2.x
+- test/gemfiles/Gemfile.rails-3.0.x.lock
+- test/gemfiles/Gemfile.rails-3.1.x
+- test/action_controller_required_params_test.rb
+- test/active_model_mass_assignment_taint_protection_test.rb
+- test/strong_array_test.rb
+- test/hash_from_test.rb
+- test/parameters_taint_test.rb
+- test/strengthen_test.rb
+- test/action_controller_tainted_params_test.rb
+- test/nested_parameters_test.rb
+- test/test_helper.rb
+- test/parameters_require_test.rb
+- test/multi_parameter_attributes_test.rb
+- test/chained_require_and_permit_test.rb