sorted 0.4.2 → 0.4.3
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +4 -1
- data/lib/sorted/railtie.rb +5 -8
- data/lib/sorted/toggler.rb +1 -1
- data/lib/sorted/version.rb +1 -1
- data/lib/sorted/view_helpers/action_view.rb +31 -3
- data/spec/sorted/parser_spec.rb +9 -0
- metadata +11 -11
data/README.rdoc
CHANGED
|
@@ -9,7 +9,7 @@ sort string to let you sort large datasets over many pages (using
|
|
|
9
9
|
|
|
10
10
|
=== Gemfile
|
|
11
11
|
|
|
12
|
-
gem 'sorted', '~> 0.4.
|
|
12
|
+
gem 'sorted', '~> 0.4.3'
|
|
13
13
|
|
|
14
14
|
=== View
|
|
15
15
|
|
|
@@ -17,6 +17,9 @@ Generate a sorted link with the email attribute:
|
|
|
17
17
|
|
|
18
18
|
link_to_sorted "Email", :email
|
|
19
19
|
|
|
20
|
+
Works the same as the +link_to+ method except a second argument for the
|
|
21
|
+
sort attribute is needed.
|
|
22
|
+
|
|
20
23
|
=== Model
|
|
21
24
|
|
|
22
25
|
Using the +sorted+ method with the optional default order argument:
|
data/lib/sorted/railtie.rb
CHANGED
|
@@ -2,17 +2,14 @@ require 'sorted'
|
|
|
2
2
|
|
|
3
3
|
module Sorted
|
|
4
4
|
class Railtie < Rails::Railtie
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
initializer "sorted.configure" do |app|
|
|
6
|
+
ActiveSupport.on_load :active_record do
|
|
7
7
|
require 'sorted/orms/active_record'
|
|
8
|
-
|
|
8
|
+
include Sorted::Orms::ActiveRecord
|
|
9
9
|
end
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
if defined? ::ActionView
|
|
13
|
-
initializer "sorted.action_view" do |app|
|
|
10
|
+
ActiveSupport.on_load :action_view do
|
|
14
11
|
require 'sorted/view_helpers/action_view'
|
|
15
|
-
|
|
12
|
+
include Sorted::ViewHelpers::ActionView
|
|
16
13
|
end
|
|
17
14
|
end
|
|
18
15
|
end
|
data/lib/sorted/toggler.rb
CHANGED
|
@@ -4,7 +4,7 @@ module Sorted
|
|
|
4
4
|
#
|
|
5
5
|
# Example:
|
|
6
6
|
# sorts = [['name', 'asc'], ['phone', 'desc']]
|
|
7
|
-
#
|
|
7
|
+
# orders = [['name', 'asc']]
|
|
8
8
|
# Sorted::Toggler.new(sorts, orders).to_a #-> [['name', 'desc'], ['phone', 'desc']]
|
|
9
9
|
class Toggler
|
|
10
10
|
def initialize(sorts, orders)
|
data/lib/sorted/version.rb
CHANGED
|
@@ -7,7 +7,7 @@ module Sorted
|
|
|
7
7
|
class SortedViewHelper
|
|
8
8
|
attr_reader :params
|
|
9
9
|
|
|
10
|
-
def initialize(order, params)
|
|
10
|
+
def initialize(order, params = {})
|
|
11
11
|
sort = params.delete :sort
|
|
12
12
|
@params = params
|
|
13
13
|
@parser = ::Sorted::Parser.new(sort, order).toggle
|
|
@@ -23,10 +23,38 @@ module Sorted
|
|
|
23
23
|
end
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
-
|
|
26
|
+
# Creates a link tag of the given +name+ and +attribute+ creating
|
|
27
|
+
# a url using a set of +options+.
|
|
28
|
+
#
|
|
29
|
+
# ==== Examples
|
|
30
|
+
#
|
|
31
|
+
# Basic usage
|
|
32
|
+
#
|
|
33
|
+
# link_to_sorted "Email", :email
|
|
34
|
+
# # => <a href="/profiles?sort=email_asc" class="desc">Email</a>
|
|
35
|
+
#
|
|
36
|
+
# Or use a block
|
|
37
|
+
#
|
|
38
|
+
# link_to_sorted :email do
|
|
39
|
+
# <strong>Sort by email</strong> -- <span></span>
|
|
40
|
+
# end
|
|
41
|
+
# # => <a href="/profiles?sort=email_asc" class="desc"><strong>Sort by email</strong> -- <span></span></a>
|
|
42
|
+
#
|
|
43
|
+
def link_to_sorted(*args, &block)
|
|
44
|
+
if block_given?
|
|
45
|
+
order = args[0]
|
|
46
|
+
options = args[1] || {}
|
|
47
|
+
html_options = args[2] || {}
|
|
48
|
+
else
|
|
49
|
+
block = proc { args[0].to_s }
|
|
50
|
+
order = args[1]
|
|
51
|
+
options = args[2] || {}
|
|
52
|
+
html_options = args[3] || {}
|
|
53
|
+
end
|
|
54
|
+
|
|
27
55
|
sorter = SortedViewHelper.new(order, ((request.get? && !params.nil?) ? params.dup : {}))
|
|
28
56
|
options[:class] = [options[:class], sorter.css].join(' ').strip
|
|
29
|
-
link_to(
|
|
57
|
+
link_to(sorter.params, options, html_options, &block)
|
|
30
58
|
end
|
|
31
59
|
end
|
|
32
60
|
end
|
data/spec/sorted/parser_spec.rb
CHANGED
|
@@ -87,4 +87,13 @@ describe Sorted::Parser, "return types" do
|
|
|
87
87
|
sorter = Sorted::Parser.new(sort, order)
|
|
88
88
|
sorter.to_s.should eq result
|
|
89
89
|
end
|
|
90
|
+
|
|
91
|
+
it "sql injection using order by clause should not work" do
|
|
92
|
+
sort = "(case+when+((ASCII(SUBSTR((select+table_name+from+all_tables+where+rownum%3d1),1))>%3D128))+then+id+else+something+end)"
|
|
93
|
+
order = "email ASC, phone ASC, name DESC"
|
|
94
|
+
result = "email ASC, phone ASC, name DESC"
|
|
95
|
+
|
|
96
|
+
sorter = Sorted::Parser.new(sort, order)
|
|
97
|
+
sorter.to_sql.should eq result
|
|
98
|
+
end
|
|
90
99
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sorted
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,11 +9,11 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-03
|
|
12
|
+
date: 2012-06-03 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70131329800380 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: 1.0.0
|
|
22
22
|
type: :development
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70131329800380
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rails
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70131329799320 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: 3.1.2
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70131329799320
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: rspec
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &70131329817920 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ! '>='
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: 2.0.0
|
|
44
44
|
type: :development
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *70131329817920
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: sqlite3
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &70131329816300 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,7 +54,7 @@ dependencies:
|
|
|
54
54
|
version: 1.3.5
|
|
55
55
|
type: :development
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *70131329816300
|
|
58
58
|
description: lets you sort large data sets using view helpers and a scope
|
|
59
59
|
email:
|
|
60
60
|
- rufuspost@gmail.com
|
|
@@ -95,7 +95,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
95
95
|
version: '0'
|
|
96
96
|
segments:
|
|
97
97
|
- 0
|
|
98
|
-
hash:
|
|
98
|
+
hash: -4246959904636690833
|
|
99
99
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
100
100
|
none: false
|
|
101
101
|
requirements:
|