social_stream-base 0.24.2 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,10 +1,4 @@
1
1
  class ActivityActionsController < ApplicationController
2
- # Last tendencies in rails talk about filtering params in the controller,
3
- # instead of using attr_protected
4
- #
5
- # We hope it will be shiped in Rails 4, so we write our custom method for now
6
- before_filter :clean_params
7
-
8
2
  before_filter :can_read_activity_object, :only => :create
9
3
 
10
4
  respond_to :js
@@ -15,20 +9,19 @@ class ActivityActionsController < ApplicationController
15
9
  sent_actions.
16
10
  find_or_create_by_activity_object_id @activity_object.id
17
11
 
18
- @activity_action.update_attributes params[:activity_action]
12
+ @activity_action.update_attributes activity_action_params
19
13
  end
20
14
 
21
15
  def update
22
- activity_action.update_attributes params[:activity_action]
16
+ activity_action.update_attributes activity_action_params
23
17
  end
24
18
 
25
19
  private
26
20
 
27
- def clean_params
28
- return if params[:activity_action].blank?
29
-
30
- params[:activity_action].delete(:actor_id)
31
- params[:activity_action].delete(:activity_object_id) if params[:id].present?
21
+ def activity_action_params
22
+ params.
23
+ require(:activity_action).
24
+ permit(:follow)
32
25
  end
33
26
 
34
27
  def can_read_activity_object
@@ -5,4 +5,10 @@ class CommentsController < ApplicationController
5
5
  parent = resource.post_activity.parent
6
6
  redirect_to polymorphic_path(parent.direct_object,:anchor => dom_id(parent))
7
7
  end
8
+
9
+ private
10
+
11
+ def allowed_params
12
+ [:text]
13
+ end
8
14
  end
@@ -1,3 +1,9 @@
1
1
  class PostsController < ApplicationController
2
2
  include SocialStream::Controllers::Objects
3
+
4
+ private
5
+
6
+ def allowed_params
7
+ [:text]
8
+ end
3
9
  end
@@ -12,7 +12,7 @@ class ProfilesController < ApplicationController
12
12
  end
13
13
 
14
14
  def update
15
- current_profile.update_attributes params[:profile]
15
+ current_profile.update_attributes profile_params
16
16
 
17
17
  respond_to do |format|
18
18
  format.html{ redirect_to [profile_subject, :profile] }
@@ -22,6 +22,12 @@ class ProfilesController < ApplicationController
22
22
 
23
23
  private
24
24
 
25
+ def profile_params
26
+ params.
27
+ require(:profile).
28
+ permit(:organization, :birthday, :city, :country, :description, :phone, :mobile, :fax, :address, :website, :experience, actor_attributes: [ :id, :name, :email, :tag_list ])
29
+ end
30
+
25
31
  def subject_profile
26
32
  @profile ||=
27
33
  profile_subject!.profile
@@ -2,6 +2,8 @@
2
2
  # on {ActivityObject activity objects}
3
3
  #
4
4
  class ActivityAction < ActiveRecord::Base
5
+ include ActiveModel::ForbiddenAttributesProtection
6
+
5
7
  belongs_to :actor
6
8
  belongs_to :activity_object
7
9
 
data/app/models/actor.rb CHANGED
@@ -31,7 +31,9 @@ class Actor < ActiveRecord::Base
31
31
 
32
32
  acts_as_url :name, :url_attribute => :slug
33
33
 
34
- has_one :profile, :dependent => :destroy
34
+ has_one :profile,
35
+ dependent: :destroy,
36
+ inverse_of: :actor
35
37
 
36
38
  has_many :avatars,
37
39
  :validate => true,
@@ -29,7 +29,7 @@ class Contact < ActiveRecord::Base
29
29
 
30
30
  has_many :ties,
31
31
  :dependent => :destroy,
32
- :before_add => :set_user_author
32
+ :inverse_of => :contact
33
33
 
34
34
  has_many :relations,
35
35
  :through => :ties,
@@ -172,15 +172,6 @@ class Contact < ActiveRecord::Base
172
172
  raise "Cannot determine user_author for #{ sender.inspect }"
173
173
  end
174
174
 
175
- # user_author is not preserved when the associated tie is build, in:
176
- #
177
- # contact.ties.build
178
- #
179
- # so we need to preserve so the tie activity is recorded
180
- def set_user_author(tie)
181
- tie.contact.user_author = @user_author
182
- end
183
-
184
175
  # after_remove callback
185
176
  #
186
177
  # has_many collection=objects method does not trigger destroy callbacks,
data/app/models/group.rb CHANGED
@@ -51,9 +51,11 @@ class Group < ActiveRecord::Base
51
51
  participant_ids = ([ author_id, user_author_id ] | Array.wrap(@_participants)).uniq
52
52
 
53
53
  participant_ids.each do |a|
54
- sent_contacts.create! :receiver_id => a,
55
- :user_author => user_author,
56
- :relation_ids => Array(relation_customs.sort.first.id)
54
+ c =
55
+ sent_contacts.create! :receiver_id => a,
56
+ :user_author => user_author
57
+
58
+ c.relation_ids = Array.wrap(relation_customs.sort.first.id)
57
59
  end
58
60
  end
59
61
  end
@@ -1,8 +1,11 @@
1
1
  class Profile < ActiveRecord::Base
2
- belongs_to :actor
3
-
2
+ include ActiveModel::ForbiddenAttributesProtection
3
+
4
+ belongs_to :actor,
5
+ inverse_of: :profile
6
+
4
7
  accepts_nested_attributes_for :actor
5
-
8
+
6
9
  validates_presence_of :actor_id
7
10
 
8
11
  validates_format_of :mobile, :phone, :fax,
data/app/models/tie.rb CHANGED
@@ -22,7 +22,9 @@
22
22
  # integer, array
23
23
  #
24
24
  class Tie < ActiveRecord::Base
25
- belongs_to :contact, :counter_cache => true
25
+ belongs_to :contact,
26
+ :counter_cache => true,
27
+ :inverse_of => :ties
26
28
 
27
29
  has_one :sender, :through => :contact
28
30
  has_one :receiver, :through => :contact
@@ -1,7 +1,7 @@
1
1
  # Monkey path inherited_resources
2
2
  #
3
3
  #
4
- # Fix https://github.com/josevalim/inherited_resources/issues/216
4
+ # Pull request https://github.com/josevalim/inherited_resources/pull/237
5
5
  module InheritedResources::BaseHelpers
6
6
  private
7
7
 
@@ -11,8 +11,13 @@ module InheritedResources::BaseHelpers
11
11
  end
12
12
 
13
13
  def build_resource_params
14
- rparams = [params[resource_request_name] || params[resource_instance_name] || {}]
14
+ rparams = [whitelisted_params || params[resource_request_name] || params[resource_instance_name] || {}]
15
15
  rparams << as_role if role_given?
16
16
  rparams
17
17
  end
18
+
19
+ def whitelisted_params
20
+ whitelist_method = :"#{ resource_request_name }_params"
21
+ respond_to?(whitelist_method, true) && self.send(whitelist_method)
22
+ end
18
23
  end
@@ -54,4 +54,6 @@ require 'social_cheesecake'
54
54
  # I18n-js
55
55
  require 'i18n-js'
56
56
  require 'i18n-js/social_stream-base'
57
+ # Strong parameters
58
+ require 'strong_parameters'
57
59
 
@@ -1,5 +1,5 @@
1
1
  module SocialStream
2
2
  module Base
3
- VERSION = "0.24.2".freeze
3
+ VERSION = "1.0.0".freeze
4
4
  end
5
5
  end
@@ -22,6 +22,16 @@ module SocialStream
22
22
 
23
23
  # Methods that should be included after the included block
24
24
  module UpperInstanceMethods
25
+ def allowed_params
26
+ [] # This should be overriden in controllers to allow extra params
27
+ end
28
+
29
+ def whitelisted_params
30
+ return {} if request.present? and request.get?
31
+ all_allowed_params = allowed_params + [:created_at, :updated_at, :title, :description, :author_id, :owner_id, :user_author_id, :_activity_parent_id]
32
+ params.require(self.class.model_class.to_s.underscore.to_sym).permit( *all_allowed_params )
33
+ end
34
+
25
35
  def search
26
36
  collection_variable_set self.class.model_class.search(params[:q], search_options)
27
37
 
@@ -47,6 +47,9 @@ module SocialStream
47
47
  joins(:activity_object).
48
48
  merge(ActivityObject.followed_by(subject))
49
49
  }
50
+
51
+ # Strong parameters
52
+ include ActiveModel::ForbiddenAttributesProtection
50
53
  end
51
54
 
52
55
  module ClassMethods
@@ -19,7 +19,8 @@ module SocialStream #:nodoc:
19
19
  belongs_to supertype_name, { # belongs_to :actor, {
20
20
  :validate => true, # :validate => true
21
21
  :autosave => true, # :autosave => true
22
- :dependent => :destroy # :dependent => :destroy
22
+ :dependent => :destroy, # :dependent => :destroy
23
+ :inverse_of => name.underscore.to_sym # :inverse_of => :user,
23
24
  }.merge(supertype_options[:belongs] || {}) # }.merge(supertype_options[:belongs] || {})
24
25
 
25
26
  class_eval <<-EOS
@@ -38,6 +39,10 @@ module SocialStream #:nodoc:
38
39
  end
39
40
 
40
41
  module ClassMethods
42
+ def supertype_sym
43
+ supertype_name.to_sym
44
+ end
45
+
41
46
  def supertype_foreign_key
42
47
  "#{ supertype_name }_id" # "actor_id"
43
48
  end
@@ -50,7 +55,17 @@ module SocialStream #:nodoc:
50
55
  raise subtype_error unless _delegate_to_supertype?(:method)
51
56
 
52
57
  begin
53
- supertype!.__send__ method, *args, &block
58
+ res = supertype!.__send__(method, *args, &block)
59
+
60
+ # Cache method
61
+ self.class.class_eval <<-STR, __FILE__, __LINE__ + 1
62
+ def #{ method } *args, &block
63
+ supertype!.__send__ :#{ method }, *args, &block
64
+ end
65
+ STR
66
+
67
+ res
68
+
54
69
  # We rescue supertype's NameErrors so methods not defined are raised from
55
70
  # the subtype. Example: user.foo should raise "foo is not defined in user"
56
71
  # and not "in actor"
@@ -14,9 +14,11 @@ module SocialStream #:nodoc:
14
14
  include SocialStream::ActivityStreams::Supertype
15
15
 
16
16
  included do
17
- subtypes.each do |s| # [ :user, :group ].each do |s|
18
- has_one s, :dependent => :destroy # has_one s, :dependent => :destroy
19
- end # end
17
+ subtypes.each do |s| # [ :user, :group ].each do |s|
18
+ has_one s, # has_one s,
19
+ autosave: false, # autosave: false,
20
+ inverse_of: name.underscore.to_sym # inverse_of: :actor
21
+ end # end
20
22
  end
21
23
 
22
24
  module ClassMethods
@@ -63,6 +63,8 @@ Gem::Specification.new do |s|
63
63
  s.add_runtime_dependency('social_cheesecake','~> 0.5.0')
64
64
  # I18n-js
65
65
  s.add_runtime_dependency('i18n-js','~>2.1.2')
66
+ # Strong Parameters
67
+ s.add_runtime_dependency('strong_parameters','~> 0.1.5')
66
68
 
67
69
  # Development gem dependencies
68
70
  #
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: social_stream-base
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.24.2
4
+ version: 1.0.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2012-12-20 00:00:00.000000000 Z
13
+ date: 2013-01-09 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: deep_merge
@@ -412,6 +412,22 @@ dependencies:
412
412
  - - ~>
413
413
  - !ruby/object:Gem::Version
414
414
  version: 2.1.2
415
+ - !ruby/object:Gem::Dependency
416
+ name: strong_parameters
417
+ requirement: !ruby/object:Gem::Requirement
418
+ none: false
419
+ requirements:
420
+ - - ~>
421
+ - !ruby/object:Gem::Version
422
+ version: 0.1.5
423
+ type: :runtime
424
+ prerelease: false
425
+ version_requirements: !ruby/object:Gem::Requirement
426
+ none: false
427
+ requirements:
428
+ - - ~>
429
+ - !ruby/object:Gem::Version
430
+ version: 0.1.5
415
431
  - !ruby/object:Gem::Dependency
416
432
  name: capybara
417
433
  requirement: !ruby/object:Gem::Requirement