ryanlowe-audit_mass_assignment 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. data/README +6 -23
  2. data/audit_mass_assignment.gemspec +3 -2
  3. data/init.rb +1 -0
  4. metadata +3 -2
data/README CHANGED
@@ -3,37 +3,20 @@ Was hosted at http://code.google.com/p/audit-mass-assignment/
3
3
 
4
4
  = audit_mass_assignment plugin for Ruby on Rails
5
5
 
6
- The audit_mass_assignment Ruby on Rails plugin contains a rake task that
7
- checks the models in your project for the attr_accessible whitelist approach
8
- for protecting against "mass assignment" exploits. It does not check for
9
- use of attr_protected!
10
-
11
- If a Rails model does not use attr_accessible, it fails this audit. The
12
- audit does not check which parameters are accessible or protected, only
13
- that at least one is marked as accessible.
14
-
15
- Run the audit whenever you feel like it! Other audit plugins for Rails
16
- could be created to automatically check for bad patterns or insecure
17
- code. This one was easy to implement.
6
+ The audit_mass_assignment Ruby on Rails plugin contains a rake task that
7
+ checks the models in your project for the attr_accessible whitelist approach
8
+ for protecting against "mass assignment" exploits. It does not check for
9
+ use of attr_protected.
18
10
 
19
11
  == Installation
20
12
 
21
- It looks like Rails 2.1 will support "script/plugin install" with Git
22
- repositories. Until then you can put this plugin in vendor/plugins with:
23
-
24
- git clone git://github.com/ryanlowe/audit_mass_assignment.git
25
-
26
- and delete the .git directory inside it before committing it to source control.
27
-
28
- When Rails 2.1 supports Git you should be able to do:
29
-
30
- script/plugin install git://github.com/ryanlowe/audit_mass_assignment.git
13
+ gem install ryanlowe-audit_mass_assignment --source http://gems.github.com/
31
14
 
32
15
  == Usage
33
16
 
34
17
  $ rake audit:mass_assignment
35
18
 
36
- == NOTES
19
+ == Notes
37
20
 
38
21
  If you want to protect ALL attributes in your model use:
39
22
 
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "audit_mass_assignment"
3
- s.version = "0.1.3"
4
- s.date = "2008-05-26"
3
+ s.version = "0.1.4"
4
+ s.date = "2008-05-28"
5
5
  s.summary = "Checks Ruby on Rails models for use of the attr_accessible white list"
6
6
  s.email = "rails@ryanlowe.ca"
7
7
  s.homepage = "http://github.com/ryanlowe/audit_mass_assignment"
@@ -9,6 +9,7 @@ Gem::Specification.new do |s|
9
9
  s.has_rdoc = false
10
10
  s.authors = ["Ryan Lowe"]
11
11
  s.files = ["README", "CHANGELOG", "MIT-LICENSE", "audit_mass_assignment.gemspec",
12
+ "init.rb",
12
13
  "lib/audit_mass_assignment.rb",
13
14
  "tasks/audit_mass_assignment_tasks.rake"]
14
15
  s.test_files = []
data/init.rb ADDED
@@ -0,0 +1 @@
1
+ require 'audit_mass_assignment'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ryanlowe-audit_mass_assignment
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Lowe
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-05-26 00:00:00 -07:00
12
+ date: 2008-05-28 00:00:00 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -35,6 +35,7 @@ files:
35
35
  - CHANGELOG
36
36
  - MIT-LICENSE
37
37
  - audit_mass_assignment.gemspec
38
+ - init.rb
38
39
  - lib/audit_mass_assignment.rb
39
40
  - tasks/audit_mass_assignment_tasks.rake
40
41
  has_rdoc: false