restful_json 3.2.1 → 3.2.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/Rakefile +3 -1
  2. data/lib/restful_json/controller.rb +12 -10
  3. data/lib/restful_json/model.rb +1 -1
  4. data/lib/restful_json/railtie.rb +5 -5
  5. data/lib/restful_json/version.rb +1 -1
  6. data/lib/restful_json.rb +9 -5
  7. metadata +10 -10
data/Rakefile CHANGED
@@ -1,3 +1,5 @@
1
+ require 'rubygems'
2
+ require 'bundler/setup'
3
+ require 'appraisal'
1
4
  require 'rspec/core/rake_task'
2
5
  RSpec::Core::RakeTask.new('spec')
3
- task :default => :spec
data/lib/restful_json/controller.rb CHANGED
@@ -1,8 +1,8 @@
1
- require 'restful_json/config'
2
- require 'twinturbo/controller'
3
- require 'active_model_serializers'
4
- require 'strong_parameters'
5
- require 'cancan'
1
+ #require 'restful_json/config'
2
+ #require 'twinturbo/controller'
3
+ #require 'active_model_serializers'
4
+ #require 'strong_parameters'
5
+ #require 'cancan'
6
6
 
7
7
  # The restful_json controller module. This module (RestfulJson::Controller) is included on ActionController
8
8
  # and then each individual controller should call acts_as_restful_json.
@@ -20,7 +20,7 @@ require 'cancan'
20
20
  #
21
21
  module RestfulJson
22
22
  module Controller
23
- extend ActiveSupport::Concern
23
+ extend ::ActiveSupport::Concern
24
24
 
25
25
  module ClassMethods
26
26
 
@@ -43,13 +43,13 @@ module RestfulJson
43
43
  end
44
44
 
45
45
  module ActsAsRestfulJson
46
- extend ActiveSupport::Concern
46
+ extend ::ActiveSupport::Concern
47
47
 
48
48
  NILS = ['NULL','null','nil']
49
49
 
50
50
  included do
51
51
  # this can be overriden in the controller via defining respond_to
52
- formats = RestfulJson.formats || Mime::EXTENSION_LOOKUP.keys.collect{|m|m.to_sym}
52
+ formats = RestfulJson.formats || ::Mime::EXTENSION_LOOKUP.keys.collect{|m|m.to_sym}
53
53
  respond_to *formats
54
54
 
55
55
  # create class attributes for each controller option and set the value to the value in the app configuration
@@ -262,7 +262,9 @@ module RestfulJson
262
262
 
263
263
  self.param_to_attr_and_arel_predicate.keys.each do |param_name|
264
264
  options = param_to_attr_and_arel_predicate[param_name][2]
265
- param = params[param_name] || options[:with_default]
265
+ # to_s as safety measure for vulnerabilities similar to CVE-2013-1854
266
+ param = params[param_name].to_s || options[:with_default]
267
+
266
268
  if param.present? && param_to_attr_and_arel_predicate[param_name]
267
269
  attr_sym = param_to_attr_and_arel_predicate[param_name][0]
268
270
  predicate_sym = param_to_attr_and_arel_predicate[param_name][1]
@@ -306,7 +308,7 @@ module RestfulJson
306
308
  else
307
309
  self.ordered_by.each do |attr_to_direction|
308
310
  # this looks nasty, but makes no sense to iterate keys if only single of each
309
- value = value.order(t[attr_to_direction.keys[0]].call(attr_to_direction.values[0]))
311
+ value = value.order(t[attr_to_direction.keys[0]].send(attr_to_direction.values[0]))
310
312
  end
311
313
  value = value.to_a
312
314
  end
data/lib/restful_json/model.rb CHANGED
@@ -1,4 +1,4 @@
1
- require 'cancan'
1
+ #require 'cancan'
2
2
 
3
3
  module RestfulJson
4
4
  module Model
data/lib/restful_json/railtie.rb CHANGED
@@ -1,18 +1,18 @@
1
1
  require 'restful_json'
2
2
 
3
3
  module RestfulJson
4
- class Railtie < Rails::Railtie
4
+ class Railtie < ::Rails::Railtie
5
5
  initializer "restful_json.action_controller" do
6
6
  ActiveSupport.on_load(:action_controller) do
7
- puts "Extending #{self} with RestfulJson::Controller" if RestfulJson.debug?
8
- include RestfulJson::Controller
7
+ puts "Extending #{self} with RestfulJson::Controller" if ::RestfulJson.debug?
8
+ include ::RestfulJson::Controller
9
9
  end
10
10
  end
11
11
 
12
12
  initializer "restful_json.active_record" do
13
13
  ActiveSupport.on_load(:active_record) do
14
- puts "Extending #{self} with RestfulJson::Model" if RestfulJson.debug?
15
- include RestfulJson::Model
14
+ puts "Extending #{self} with RestfulJson::Model" if ::RestfulJson.debug?
15
+ include ::RestfulJson::Model
16
16
  end
17
17
  end
18
18
  end
data/lib/restful_json/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RestfulJson
2
- VERSION = '3.2.1'
2
+ VERSION = '3.2.2'
3
3
  end
data/lib/restful_json.rb CHANGED
@@ -1,7 +1,11 @@
1
1
  require 'restful_json/version'
2
2
  require 'restful_json/config'
3
- require 'application_permitter'
4
- require 'twinturbo/controller'
5
- require 'restful_json/model'
6
- require 'restful_json/controller'
7
- require 'restful_json/railtie' if defined?(Rails)
3
+ #if defined?(::Rails)
4
+ if defined?(::ActionController::StrongParameters) && defined?(::CanCan::ModelAdditions)
5
+ require 'application_permitter'
6
+ require 'twinturbo/controller'
7
+ end
8
+ require 'restful_json/model'
9
+ require 'restful_json/controller'
10
+ require 'restful_json/railtie'
11
+ #end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: restful_json
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.1
4
+ version: 3.2.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,40 +10,40 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2013-03-26 00:00:00.000000000 Z
13
+ date: 2013-03-27 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
- name: actionpack
16
+ name: bundler
17
17
  requirement: !ruby/object:Gem::Requirement
18
18
  none: false
19
19
  requirements:
20
20
  - - ! '>='
21
21
  - !ruby/object:Gem::Version
22
- version: 3.1.0
23
- type: :runtime
22
+ version: 1.2.2
23
+ type: :development
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  none: false
27
27
  requirements:
28
28
  - - ! '>='
29
29
  - !ruby/object:Gem::Version
30
- version: 3.1.0
30
+ version: 1.2.2
31
31
  - !ruby/object:Gem::Dependency
32
- name: activerecord
32
+ name: appraisal
33
33
  requirement: !ruby/object:Gem::Requirement
34
34
  none: false
35
35
  requirements:
36
36
  - - ! '>='
37
37
  - !ruby/object:Gem::Version
38
- version: 3.1.0
39
- type: :runtime
38
+ version: '0'
39
+ type: :development
40
40
  prerelease: false
41
41
  version_requirements: !ruby/object:Gem::Requirement
42
42
  none: false
43
43
  requirements:
44
44
  - - ! '>='
45
45
  - !ruby/object:Gem::Version
46
- version: 3.1.0
46
+ version: '0'
47
47
  description: Develop declarative, featureful JSON RESTful-ish service controllers
48
48
  to use with modern Javascript MVC frameworks like AngularJS, Ember, etc. with much
49
49
  less code.