restful_json 3.3.2 → 3.3.3

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    OWY3NjI5YzkwZmQ1NGE2OWYwNTkzOGFhYmZlZWM2N2Q2NWYxZmFlZQ==
+    YWE3ZThlMmNjMjNkNTgyYjVhMmE0Mjk4NzgyZTljNjI5NWEwYzRmZA==
   data.tar.gz: !binary |-
-    MGRhODk2ZjRkNmI2NDU4NjY5OTU4YjQ4MzU4MGI1MTA4NTI3NmJhNQ==
+    ZjkzZjY5YThhOGFiYmY1MGE2NWZjYTEwMTQ3NWViMTZlMjVjOWNiMQ==
 !binary "U0hBNTEy":
   metadata.gz: !binary |-
-    NGZiZmM2Yjg2M2VhZTA1MjY3MDIyNTk0ODE1OThmMTlhY2ViZDM4OWZjOWRk
-    ODFlNWFiODM4YzE4YWRhNDQ3MDYxMDZkMzUxOGZiN2IyYWU3Y2IxM2VkOTg0
-    MjBlOWM2OTZiNjU4NmE3MTBlNDgyOGUyZGE3NDAwYWFmZTEyNjM=
+    NjE5OGM5NWU5ZWFmNGZiZDRjZjUyNDAxOGM5MDRlOWQ2NzVjOWMzNzNiMDMz
+    MWUyOGUxMmNkNWM0OTJjZTNmY2RjMGQ2YmJkZGExNDZmMDhiMTRkMmQzMDk1
+    NDMxZTM5NzVlZTNkYzI1NWNiYjZkZmVhYzFhNDllMGY2Y2UzZDI=
   data.tar.gz: !binary |-
-    YmY5YTNkYmZmZGFmY2U5OGI3ZDk1ZWM1MzliMWZiYzVhYzIwZWE5M2I0M2Rl
-    NDYwODY4N2MwMjI1YTQ5NDc0MzY1ZWQ0Njc4M2ZhOTBiNWRkMmExYTdmMDMx
-    NTAyMmNmZmNhMmYxZjJkNzRjOTg5MWZkOTI3YTE2Mzg4MDg3NWY=
+    NDgyM2RmNzRhZTdmNjcxZWZkMzg4OWM3MWYxMDVhOTUwYTQ5MjcyZDQ3ZjFi
+    YTFhZGY5NjVlMmE5ZWE3MDdlODgyNzdmM2Q1ODkwMjNmYzIzY2JkNWUyNWQ2
+    ZWI4NWEyN2ViZmYwMzExMTVhNmRhNjkyMjE2OGQxZGE5MzBjZGM=

data/lib/restful_json/controller.rb

@@ -345,21 +345,22 @@ module RestfulJson
     # The controller's show (get) method to return a resource.
     def show
       # to_s as safety measure for vulnerabilities similar to CVE-2013-1854
-      @value = @model_class.find(params[:id].to_s)
+      @value = @model_class.where(id: params[:id].to_s).first # don't raise exception if not found
       instance_variable_set(@model_at_singular_name_sym, @value)
-      render_or_respond(true)
+      render_or_respond(true, @value.nil? ? :not_found : :ok)
     end
 
     # The controller's new method (e.g. used for new record in html format).
     def new
       @value = @model_class.new
+      instance_variable_set(@model_at_singular_name_sym, @value)
       render_or_respond(true)
     end
 
     # The controller's edit method (e.g. used for edit record in html format).
     def edit
       # to_s as safety measure for vulnerabilities similar to CVE-2013-1854
-      @value = @model_class.find(params[:id].to_s)
+      @value = @model_class.where(id: params[:id].to_s).first! # raise exception if not found
       instance_variable_set(@model_at_singular_name_sym, @value)
       @value
     end
@@ -395,21 +396,16 @@ module RestfulJson
         allowed_params = params
       end
       # to_s as safety measure for vulnerabilities similar to CVE-2013-1854
-      @value = @model_class.where(id: params[:id].to_s).to_a[0]
-      status = :ok
-      if @value.nil?
-        status = :not_found
-      else
-        @value.update_attributes(allowed_params)
-      end
+      @value = @model_class.where(id: params[:id].to_s).first # don't raise exception
+      @value.update_attributes(allowed_params) unless @value.nil?
       instance_variable_set(@model_at_singular_name_sym, @value)
-      render_or_respond(false, status)
+      render_or_respond(true, @value.nil? ? :not_found : :ok)
     end
 
     # The controller's destroy (delete) method to destroy a resource.
     def destroy
       # to_s as safety measure for vulnerabilities similar to CVE-2013-1854
-      @value = @model_class.where(id: params[:id].to_s).to_a[0]
+      @value = @model_class.where(id: params[:id].to_s).first # don't raise exception
       @value.destroy if @value
       instance_variable_set(@model_at_singular_name_sym, @value)
       render_or_respond(false)

data/lib/restful_json/version.rb

@@ -1,3 +1,3 @@
 module RestfulJson
-  VERSION = '3.3.2'
+  VERSION = '3.3.3'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: restful_json
 version: !ruby/object:Gem::Version
-  version: 3.3.2
+  version: 3.3.3
 platform: ruby
 authors:
 - Gary S. Weaver
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-10 00:00:00.000000000 Z
+date: 2013-04-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler