sorted 0.4.2 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +4 -1
- data/lib/sorted/railtie.rb +5 -8
- data/lib/sorted/toggler.rb +1 -1
- data/lib/sorted/version.rb +1 -1
- data/lib/sorted/view_helpers/action_view.rb +31 -3
- data/spec/sorted/parser_spec.rb +9 -0
- metadata +11 -11
data/README.rdoc
CHANGED
|
@@ -9,7 +9,7 @@ sort string to let you sort large datasets over many pages (using
|
|
|
9
9
|
|
|
10
10
|
=== Gemfile
|
|
11
11
|
|
|
12
|
-
gem 'sorted', '~> 0.4.
|
|
12
|
+
gem 'sorted', '~> 0.4.3'
|
|
13
13
|
|
|
14
14
|
=== View
|
|
15
15
|
|
|
@@ -17,6 +17,9 @@ Generate a sorted link with the email attribute:
|
|
|
17
17
|
|
|
18
18
|
link_to_sorted "Email", :email
|
|
19
19
|
|
|
20
|
+
Works the same as the +link_to+ method except a second argument for the
|
|
21
|
+
sort attribute is needed.
|
|
22
|
+
|
|
20
23
|
=== Model
|
|
21
24
|
|
|
22
25
|
Using the +sorted+ method with the optional default order argument:
|
data/lib/sorted/railtie.rb
CHANGED
|
@@ -2,17 +2,14 @@ require 'sorted'
|
|
|
2
2
|
|
|
3
3
|
module Sorted
|
|
4
4
|
class Railtie < Rails::Railtie
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
initializer "sorted.configure" do |app|
|
|
6
|
+
ActiveSupport.on_load :active_record do
|
|
7
7
|
require 'sorted/orms/active_record'
|
|
8
|
-
|
|
8
|
+
include Sorted::Orms::ActiveRecord
|
|
9
9
|
end
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
if defined? ::ActionView
|
|
13
|
-
initializer "sorted.action_view" do |app|
|
|
10
|
+
ActiveSupport.on_load :action_view do
|
|
14
11
|
require 'sorted/view_helpers/action_view'
|
|
15
|
-
|
|
12
|
+
include Sorted::ViewHelpers::ActionView
|
|
16
13
|
end
|
|
17
14
|
end
|
|
18
15
|
end
|
data/lib/sorted/toggler.rb
CHANGED
|
@@ -4,7 +4,7 @@ module Sorted
|
|
|
4
4
|
#
|
|
5
5
|
# Example:
|
|
6
6
|
# sorts = [['name', 'asc'], ['phone', 'desc']]
|
|
7
|
-
#
|
|
7
|
+
# orders = [['name', 'asc']]
|
|
8
8
|
# Sorted::Toggler.new(sorts, orders).to_a #-> [['name', 'desc'], ['phone', 'desc']]
|
|
9
9
|
class Toggler
|
|
10
10
|
def initialize(sorts, orders)
|
data/lib/sorted/version.rb
CHANGED
|
@@ -7,7 +7,7 @@ module Sorted
|
|
|
7
7
|
class SortedViewHelper
|
|
8
8
|
attr_reader :params
|
|
9
9
|
|
|
10
|
-
def initialize(order, params)
|
|
10
|
+
def initialize(order, params = {})
|
|
11
11
|
sort = params.delete :sort
|
|
12
12
|
@params = params
|
|
13
13
|
@parser = ::Sorted::Parser.new(sort, order).toggle
|
|
@@ -23,10 +23,38 @@ module Sorted
|
|
|
23
23
|
end
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
-
|
|
26
|
+
# Creates a link tag of the given +name+ and +attribute+ creating
|
|
27
|
+
# a url using a set of +options+.
|
|
28
|
+
#
|
|
29
|
+
# ==== Examples
|
|
30
|
+
#
|
|
31
|
+
# Basic usage
|
|
32
|
+
#
|
|
33
|
+
# link_to_sorted "Email", :email
|
|
34
|
+
# # => <a href="/profiles?sort=email_asc" class="desc">Email</a>
|
|
35
|
+
#
|
|
36
|
+
# Or use a block
|
|
37
|
+
#
|
|
38
|
+
# link_to_sorted :email do
|
|
39
|
+
# <strong>Sort by email</strong> -- <span></span>
|
|
40
|
+
# end
|
|
41
|
+
# # => <a href="/profiles?sort=email_asc" class="desc"><strong>Sort by email</strong> -- <span></span></a>
|
|
42
|
+
#
|
|
43
|
+
def link_to_sorted(*args, &block)
|
|
44
|
+
if block_given?
|
|
45
|
+
order = args[0]
|
|
46
|
+
options = args[1] || {}
|
|
47
|
+
html_options = args[2] || {}
|
|
48
|
+
else
|
|
49
|
+
block = proc { args[0].to_s }
|
|
50
|
+
order = args[1]
|
|
51
|
+
options = args[2] || {}
|
|
52
|
+
html_options = args[3] || {}
|
|
53
|
+
end
|
|
54
|
+
|
|
27
55
|
sorter = SortedViewHelper.new(order, ((request.get? && !params.nil?) ? params.dup : {}))
|
|
28
56
|
options[:class] = [options[:class], sorter.css].join(' ').strip
|
|
29
|
-
link_to(
|
|
57
|
+
link_to(sorter.params, options, html_options, &block)
|
|
30
58
|
end
|
|
31
59
|
end
|
|
32
60
|
end
|
data/spec/sorted/parser_spec.rb
CHANGED
|
@@ -87,4 +87,13 @@ describe Sorted::Parser, "return types" do
|
|
|
87
87
|
sorter = Sorted::Parser.new(sort, order)
|
|
88
88
|
sorter.to_s.should eq result
|
|
89
89
|
end
|
|
90
|
+
|
|
91
|
+
it "sql injection using order by clause should not work" do
|
|
92
|
+
sort = "(case+when+((ASCII(SUBSTR((select+table_name+from+all_tables+where+rownum%3d1),1))>%3D128))+then+id+else+something+end)"
|
|
93
|
+
order = "email ASC, phone ASC, name DESC"
|
|
94
|
+
result = "email ASC, phone ASC, name DESC"
|
|
95
|
+
|
|
96
|
+
sorter = Sorted::Parser.new(sort, order)
|
|
97
|
+
sorter.to_sql.should eq result
|
|
98
|
+
end
|
|
90
99
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sorted
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,11 +9,11 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-03
|
|
12
|
+
date: 2012-06-03 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70131329800380 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: 1.0.0
|
|
22
22
|
type: :development
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70131329800380
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rails
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70131329799320 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: 3.1.2
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70131329799320
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: rspec
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &70131329817920 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ! '>='
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: 2.0.0
|
|
44
44
|
type: :development
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *70131329817920
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: sqlite3
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &70131329816300 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,7 +54,7 @@ dependencies:
|
|
|
54
54
|
version: 1.3.5
|
|
55
55
|
type: :development
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *70131329816300
|
|
58
58
|
description: lets you sort large data sets using view helpers and a scope
|
|
59
59
|
email:
|
|
60
60
|
- rufuspost@gmail.com
|
|
@@ -95,7 +95,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
95
95
|
version: '0'
|
|
96
96
|
segments:
|
|
97
97
|
- 0
|
|
98
|
-
hash:
|
|
98
|
+
hash: -4246959904636690833
|
|
99
99
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
100
100
|
none: false
|
|
101
101
|
requirements:
|