restful_json 3.3.2 → 3.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +8 -8
- data/lib/restful_json/controller.rb +8 -12
- data/lib/restful_json/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
YWE3ZThlMmNjMjNkNTgyYjVhMmE0Mjk4NzgyZTljNjI5NWEwYzRmZA==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
ZjkzZjY5YThhOGFiYmY1MGE2NWZjYTEwMTQ3NWViMTZlMjVjOWNiMQ==
|
7
7
|
!binary "U0hBNTEy":
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
NjE5OGM5NWU5ZWFmNGZiZDRjZjUyNDAxOGM5MDRlOWQ2NzVjOWMzNzNiMDMz
|
10
|
+
MWUyOGUxMmNkNWM0OTJjZTNmY2RjMGQ2YmJkZGExNDZmMDhiMTRkMmQzMDk1
|
11
|
+
NDMxZTM5NzVlZTNkYzI1NWNiYjZkZmVhYzFhNDllMGY2Y2UzZDI=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
NDgyM2RmNzRhZTdmNjcxZWZkMzg4OWM3MWYxMDVhOTUwYTQ5MjcyZDQ3ZjFi
|
14
|
+
YTFhZGY5NjVlMmE5ZWE3MDdlODgyNzdmM2Q1ODkwMjNmYzIzY2JkNWUyNWQ2
|
15
|
+
ZWI4NWEyN2ViZmYwMzExMTVhNmRhNjkyMjE2OGQxZGE5MzBjZGM=
|
@@ -345,21 +345,22 @@ module RestfulJson
|
|
345
345
|
# The controller's show (get) method to return a resource.
|
346
346
|
def show
|
347
347
|
# to_s as safety measure for vulnerabilities similar to CVE-2013-1854
|
348
|
-
@value = @model_class.
|
348
|
+
@value = @model_class.where(id: params[:id].to_s).first # don't raise exception if not found
|
349
349
|
instance_variable_set(@model_at_singular_name_sym, @value)
|
350
|
-
render_or_respond(true)
|
350
|
+
render_or_respond(true, @value.nil? ? :not_found : :ok)
|
351
351
|
end
|
352
352
|
|
353
353
|
# The controller's new method (e.g. used for new record in html format).
|
354
354
|
def new
|
355
355
|
@value = @model_class.new
|
356
|
+
instance_variable_set(@model_at_singular_name_sym, @value)
|
356
357
|
render_or_respond(true)
|
357
358
|
end
|
358
359
|
|
359
360
|
# The controller's edit method (e.g. used for edit record in html format).
|
360
361
|
def edit
|
361
362
|
# to_s as safety measure for vulnerabilities similar to CVE-2013-1854
|
362
|
-
@value = @model_class.
|
363
|
+
@value = @model_class.where(id: params[:id].to_s).first! # raise exception if not found
|
363
364
|
instance_variable_set(@model_at_singular_name_sym, @value)
|
364
365
|
@value
|
365
366
|
end
|
@@ -395,21 +396,16 @@ module RestfulJson
|
|
395
396
|
allowed_params = params
|
396
397
|
end
|
397
398
|
# to_s as safety measure for vulnerabilities similar to CVE-2013-1854
|
398
|
-
@value = @model_class.where(id: params[:id].to_s).
|
399
|
-
|
400
|
-
if @value.nil?
|
401
|
-
status = :not_found
|
402
|
-
else
|
403
|
-
@value.update_attributes(allowed_params)
|
404
|
-
end
|
399
|
+
@value = @model_class.where(id: params[:id].to_s).first # don't raise exception
|
400
|
+
@value.update_attributes(allowed_params) unless @value.nil?
|
405
401
|
instance_variable_set(@model_at_singular_name_sym, @value)
|
406
|
-
render_or_respond(
|
402
|
+
render_or_respond(true, @value.nil? ? :not_found : :ok)
|
407
403
|
end
|
408
404
|
|
409
405
|
# The controller's destroy (delete) method to destroy a resource.
|
410
406
|
def destroy
|
411
407
|
# to_s as safety measure for vulnerabilities similar to CVE-2013-1854
|
412
|
-
@value = @model_class.where(id: params[:id].to_s).
|
408
|
+
@value = @model_class.where(id: params[:id].to_s).first # don't raise exception
|
413
409
|
@value.destroy if @value
|
414
410
|
instance_variable_set(@model_at_singular_name_sym, @value)
|
415
411
|
render_or_respond(false)
|
data/lib/restful_json/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: restful_json
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.3.
|
4
|
+
version: 3.3.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Gary S. Weaver
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-04-
|
12
|
+
date: 2013-04-11 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|