restful_json 3.2.1 → 3.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/Rakefile +3 -1
  2. data/lib/restful_json/controller.rb +12 -10
  3. data/lib/restful_json/model.rb +1 -1
  4. data/lib/restful_json/railtie.rb +5 -5
  5. data/lib/restful_json/version.rb +1 -1
  6. data/lib/restful_json.rb +9 -5
  7. metadata +10 -10
data/Rakefile CHANGED
@@ -1,3 +1,5 @@
1
+ require 'rubygems'
2
+ require 'bundler/setup'
3
+ require 'appraisal'
1
4
  require 'rspec/core/rake_task'
2
5
  RSpec::Core::RakeTask.new('spec')
3
- task :default => :spec
data/lib/restful_json/controller.rb CHANGED
@@ -1,8 +1,8 @@
1
- require 'restful_json/config'
2
- require 'twinturbo/controller'
3
- require 'active_model_serializers'
4
- require 'strong_parameters'
5
- require 'cancan'
1
+ #require 'restful_json/config'
2
+ #require 'twinturbo/controller'
3
+ #require 'active_model_serializers'
4
+ #require 'strong_parameters'
5
+ #require 'cancan'
6
6
 
7
7
  # The restful_json controller module. This module (RestfulJson::Controller) is included on ActionController
8
8
  # and then each individual controller should call acts_as_restful_json.
@@ -20,7 +20,7 @@ require 'cancan'
20
20
  #
21
21
  module RestfulJson
22
22
  module Controller
23
- extend ActiveSupport::Concern
23
+ extend ::ActiveSupport::Concern
24
24
 
25
25
  module ClassMethods
26
26
 
@@ -43,13 +43,13 @@ module RestfulJson
43
43
  end
44
44
 
45
45
  module ActsAsRestfulJson
46
- extend ActiveSupport::Concern
46
+ extend ::ActiveSupport::Concern
47
47
 
48
48
  NILS = ['NULL','null','nil']
49
49
 
50
50
  included do
51
51
  # this can be overriden in the controller via defining respond_to
52
- formats = RestfulJson.formats || Mime::EXTENSION_LOOKUP.keys.collect{|m|m.to_sym}
52
+ formats = RestfulJson.formats || ::Mime::EXTENSION_LOOKUP.keys.collect{|m|m.to_sym}
53
53
  respond_to *formats
54
54
 
55
55
  # create class attributes for each controller option and set the value to the value in the app configuration
@@ -262,7 +262,9 @@ module RestfulJson
262
262
 
263
263
  self.param_to_attr_and_arel_predicate.keys.each do |param_name|
264
264
  options = param_to_attr_and_arel_predicate[param_name][2]
265
- param = params[param_name] || options[:with_default]
265
+ # to_s as safety measure for vulnerabilities similar to CVE-2013-1854
266
+ param = params[param_name].to_s || options[:with_default]
267
+
266
268
  if param.present? && param_to_attr_and_arel_predicate[param_name]
267
269
  attr_sym = param_to_attr_and_arel_predicate[param_name][0]
268
270
  predicate_sym = param_to_attr_and_arel_predicate[param_name][1]
@@ -306,7 +308,7 @@ module RestfulJson
306
308
  else
307
309
  self.ordered_by.each do |attr_to_direction|
308
310
  # this looks nasty, but makes no sense to iterate keys if only single of each
309
- value = value.order(t[attr_to_direction.keys[0]].call(attr_to_direction.values[0]))
311
+ value = value.order(t[attr_to_direction.keys[0]].send(attr_to_direction.values[0]))
310
312
  end
311
313
  value = value.to_a
312
314
  end
data/lib/restful_json/model.rb CHANGED
@@ -1,4 +1,4 @@
1
- require 'cancan'
1
+ #require 'cancan'
2
2
 
3
3
  module RestfulJson
4
4
  module Model
data/lib/restful_json/railtie.rb CHANGED
@@ -1,18 +1,18 @@
1
1
  require 'restful_json'
2
2
 
3
3
  module RestfulJson
4
- class Railtie < Rails::Railtie
4
+ class Railtie < ::Rails::Railtie
5
5
  initializer "restful_json.action_controller" do
6
6
  ActiveSupport.on_load(:action_controller) do
7
- puts "Extending #{self} with RestfulJson::Controller" if RestfulJson.debug?
8
- include RestfulJson::Controller
7
+ puts "Extending #{self} with RestfulJson::Controller" if ::RestfulJson.debug?
8
+ include ::RestfulJson::Controller
9
9
  end
10
10
  end
11
11
 
12
12
  initializer "restful_json.active_record" do
13
13
  ActiveSupport.on_load(:active_record) do
14
- puts "Extending #{self} with RestfulJson::Model" if RestfulJson.debug?
15
- include RestfulJson::Model
14
+ puts "Extending #{self} with RestfulJson::Model" if ::RestfulJson.debug?
15
+ include ::RestfulJson::Model
16
16
  end
17
17
  end
18
18
  end
data/lib/restful_json/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RestfulJson
2
- VERSION = '3.2.1'
2
+ VERSION = '3.2.2'
3
3
  end
data/lib/restful_json.rb CHANGED
@@ -1,7 +1,11 @@
1
1
  require 'restful_json/version'
2
2
  require 'restful_json/config'
3
- require 'application_permitter'
4
- require 'twinturbo/controller'
5
- require 'restful_json/model'
6
- require 'restful_json/controller'
7
- require 'restful_json/railtie' if defined?(Rails)
3
+ #if defined?(::Rails)
4
+ if defined?(::ActionController::StrongParameters) && defined?(::CanCan::ModelAdditions)
5
+ require 'application_permitter'
6
+ require 'twinturbo/controller'
7
+ end
8
+ require 'restful_json/model'
9
+ require 'restful_json/controller'
10
+ require 'restful_json/railtie'
11
+ #end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: restful_json
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.1
4
+ version: 3.2.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,40 +10,40 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2013-03-26 00:00:00.000000000 Z
13
+ date: 2013-03-27 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
- name: actionpack
16
+ name: bundler
17
17
  requirement: !ruby/object:Gem::Requirement
18
18
  none: false
19
19
  requirements:
20
20
  - - ! '>='
21
21
  - !ruby/object:Gem::Version
22
- version: 3.1.0
23
- type: :runtime
22
+ version: 1.2.2
23
+ type: :development
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  none: false
27
27
  requirements:
28
28
  - - ! '>='
29
29
  - !ruby/object:Gem::Version
30
- version: 3.1.0
30
+ version: 1.2.2
31
31
  - !ruby/object:Gem::Dependency
32
- name: activerecord
32
+ name: appraisal
33
33
  requirement: !ruby/object:Gem::Requirement
34
34
  none: false
35
35
  requirements:
36
36
  - - ! '>='
37
37
  - !ruby/object:Gem::Version
38
- version: 3.1.0
39
- type: :runtime
38
+ version: '0'
39
+ type: :development
40
40
  prerelease: false
41
41
  version_requirements: !ruby/object:Gem::Requirement
42
42
  none: false
43
43
  requirements:
44
44
  - - ! '>='
45
45
  - !ruby/object:Gem::Version
46
- version: 3.1.0
46
+ version: '0'
47
47
  description: Develop declarative, featureful JSON RESTful-ish service controllers
48
48
  to use with modern Javascript MVC frameworks like AngularJS, Ember, etc. with much
49
49
  less code.