shields_up 0.17.0 → 0.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Appraisals +7 -0
- data/Gemfile +1 -0
- data/Gemfile.lock +1 -1
- data/README.md +6 -13
- data/Rakefile +1 -0
- data/gemfiles/activesupport_3.2.gemfile +13 -0
- data/gemfiles/activesupport_4.0.gemfile +13 -0
- data/lib/shields_up/parameters.rb +7 -5
- data/lib/shields_up/version.rb +1 -1
- data/shields_up.gemspec +1 -1
- metadata +15 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 437e1ba9fb4476f8dc720427401607320e7d4625
|
|
4
|
+
data.tar.gz: 09c5b2be9c7e5d2d84a6f3cd466be68639cb59bd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 11cc043d76fcf28e2cb50150b95a639ea8f138c5a5986f5720fbeaedc760e64bb2d73c737e06aa2fb25750f1d5ddc90035d08f4436a2f4154546490548f2d3cc
|
|
7
|
+
data.tar.gz: ee27061c271e103a51bd9c12287d19ed6108483eb16a93b2cffa6ae36bf5ffa6dfeb386c699a3a229716893e2f014e8d053ae890a4e6acb4608af5048d5046c8
|
data/Appraisals
ADDED
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
[](https://travis-ci.org/appfolio/shields_up)
|
|
2
2
|
[](https://codeclimate.com/github/appfolio/shields_up)
|
|
3
3
|
[](https://codeclimate.com/github/appfolio/shields_up)
|
|
4
|
+
[](http://badge.fury.io/rb/shields_up)
|
|
4
5
|
|
|
5
6
|
#Shields Up
|
|
6
7
|
This gem provides an alternative implementation of strong_parameters.
|
|
@@ -11,6 +12,8 @@ This gem provides an alternative implementation of strong_parameters.
|
|
|
11
12
|
##Differences to strong parameter
|
|
12
13
|
params.symbolize_keys (or similar functions) will disable strong_parameters
|
|
13
14
|
protection silently. With ShieldsUp this can not happen.
|
|
15
|
+
(For a more in depth explanation see this discussion on the rails core mailing
|
|
16
|
+
list: https://groups.google.com/forum/#!topic/rubyonrails-core/TdQVJCw1HfI)
|
|
14
17
|
|
|
15
18
|
## Enable ShieldsUp<br>
|
|
16
19
|
|
|
@@ -23,28 +26,18 @@ in controllers<br>
|
|
|
23
26
|
include ShieldsUp
|
|
24
27
|
```
|
|
25
28
|
|
|
26
|
-
- ShieldsUp::
|
|
29
|
+
- ShieldsUp::Parameters type only allows three operations: [], permit and require.
|
|
27
30
|
- You can use symbols or strings to access variables.<br>
|
|
28
31
|
|
|
29
32
|
##Example:<br>
|
|
30
33
|
```
|
|
31
|
-
params[:company]
|
|
34
|
+
params[:company] Or params["company"]
|
|
32
35
|
```
|
|
33
|
-
not:
|
|
34
|
-
```
|
|
35
|
-
params["company"]
|
|
36
|
-
```
|
|
37
|
-
or
|
|
38
|
-
```
|
|
39
|
-
params.fetch(:company)
|
|
40
|
-
params.fetch("company")
|
|
41
|
-
```
|
|
42
|
-
|
|
43
36
|
##A more complicated example:<br>
|
|
44
37
|
```
|
|
45
38
|
params.permit(:company => [:address, :enabled])
|
|
46
39
|
```
|
|
47
|
-
|
|
40
|
+
Or:
|
|
48
41
|
```
|
|
49
42
|
params.permit("company" => [:address, "enabled"])
|
|
50
43
|
```
|
data/Rakefile
CHANGED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# This file was generated by Appraisal
|
|
2
|
+
|
|
3
|
+
source "https://rubygems.org"
|
|
4
|
+
|
|
5
|
+
gem "appraisal"
|
|
6
|
+
gem "mocha"
|
|
7
|
+
gem "activemodel"
|
|
8
|
+
gem "rails"
|
|
9
|
+
gem "minitest", "~> 4.0"
|
|
10
|
+
gem "codeclimate-test-reporter", :require => nil
|
|
11
|
+
gem "activesupport", "~> 3.2.0"
|
|
12
|
+
|
|
13
|
+
gemspec :path => "../"
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# This file was generated by Appraisal
|
|
2
|
+
|
|
3
|
+
source "https://rubygems.org"
|
|
4
|
+
|
|
5
|
+
gem "appraisal"
|
|
6
|
+
gem "mocha"
|
|
7
|
+
gem "activemodel"
|
|
8
|
+
gem "rails"
|
|
9
|
+
gem "minitest", "~> 4.0"
|
|
10
|
+
gem "codeclimate-test-reporter", :require => nil
|
|
11
|
+
gem "activesupport", "~> 4.0.0"
|
|
12
|
+
|
|
13
|
+
gemspec :path => "../"
|
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
require 'active_support/core_ext/hash/indifferent_access'
|
|
2
2
|
module ShieldsUp
|
|
3
3
|
class Parameters
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
4
|
+
def self.param_type
|
|
5
|
+
@param_type ||= if defined?(ActionController) && defined?(ActionController::Parameters)
|
|
6
|
+
ActionController::Parameters
|
|
7
|
+
else
|
|
8
|
+
ActiveSupport::HashWithIndifferentAccess
|
|
9
|
+
end
|
|
8
10
|
end
|
|
9
11
|
|
|
10
12
|
PERMITTED_SCALAR_TYPES = [
|
|
@@ -143,7 +145,7 @@ module ShieldsUp
|
|
|
143
145
|
end
|
|
144
146
|
|
|
145
147
|
def deep_dup_to_hash(params)
|
|
146
|
-
return dup_if_possible(params) unless params.is_a?(
|
|
148
|
+
return dup_if_possible(params) unless params.is_a?(self.class.param_type)
|
|
147
149
|
{}.tap do |dup|
|
|
148
150
|
params.each do |key, value|
|
|
149
151
|
dup[key] = deep_dup_to_hash(value)
|
data/lib/shields_up/version.rb
CHANGED
data/shields_up.gemspec
CHANGED
|
@@ -17,5 +17,5 @@ Gem::Specification.new do |s|
|
|
|
17
17
|
s.files = Dir['**/*'].reject{ |f| f[%r{^pkg/}] || f[%r{^test/}] }
|
|
18
18
|
s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
19
19
|
s.require_paths = ['lib']
|
|
20
|
-
s.add_dependency('activesupport', '
|
|
20
|
+
s.add_dependency('activesupport', ['>= 3.2', '< 4.1'])
|
|
21
21
|
end
|
metadata
CHANGED
|
@@ -1,40 +1,49 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shields_up
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.18.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- AppFolio
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-11-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: '3.2'
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: '4.1'
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
26
|
requirements:
|
|
24
|
-
- - "
|
|
27
|
+
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: '3.2'
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '4.1'
|
|
27
33
|
description: Mass assignment Protection made by AppFolio Inc., inspired by strong_parameters.
|
|
28
34
|
email: dev@appfolio.com
|
|
29
35
|
executables: []
|
|
30
36
|
extensions: []
|
|
31
37
|
extra_rdoc_files: []
|
|
32
38
|
files:
|
|
39
|
+
- Appraisals
|
|
33
40
|
- Gemfile
|
|
34
41
|
- Gemfile.lock
|
|
35
42
|
- LICENSE
|
|
36
43
|
- README.md
|
|
37
44
|
- Rakefile
|
|
45
|
+
- gemfiles/activesupport_3.2.gemfile
|
|
46
|
+
- gemfiles/activesupport_4.0.gemfile
|
|
38
47
|
- lib/shields_up.rb
|
|
39
48
|
- lib/shields_up/exceptions.rb
|
|
40
49
|
- lib/shields_up/parameters.rb
|
|
@@ -61,8 +70,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
61
70
|
version: '0'
|
|
62
71
|
requirements: []
|
|
63
72
|
rubyforge_project:
|
|
64
|
-
rubygems_version: 2.
|
|
73
|
+
rubygems_version: 2.4.3
|
|
65
74
|
signing_key:
|
|
66
75
|
specification_version: 4
|
|
67
76
|
summary: Mass assignment Protection made by AppFolio Inc., inspired by strong_parameters.
|
|
68
77
|
test_files: []
|
|
78
|
+
has_rdoc:
|