strong_parameters 0.2.1 → 0.2.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +13 -0
  3. data/lib/action_controller/parameters.rb +17 -6
  4. data/lib/strong_parameters/version.rb +1 -1
  5. data/test/gemfiles/Gemfile.rails-3.0.x +1 -1
  6. data/test/gemfiles/Gemfile.rails-3.1.x +1 -1
  7. data/test/gemfiles/Gemfile.rails-3.2.x +1 -1
  8. data/test/parameters_permit_test.rb +33 -2
  9. metadata +10 -23
  10. data/test/dummy/db/test.sqlite3 +0 -0
  11. data/test/dummy/log/test.log +0 -88
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 68061cec78793c90c4dffaefad764efbe8358313
4
+ data.tar.gz: 2078326f601731323e69251b4e24b6e22eea19ef
5
+ SHA512:
6
+ metadata.gz: 8c1f8bf98587698cd24b65cfa12f1aadf2b62ca6d67de48d9c10d254adaf3f3296cbf843d32c462683eb46c1ef4cd4367329d28eec042241545a711143593eb7
7
+ data.tar.gz: 26e983eb07378e1720ba0cef6e128c52a8dda2ac30ebc7809b9fc12c4531db855bb648d97b645effd8416673cfc7d9544ccea594ef13f2fcd47830314b208f3a
data/README.md CHANGED
@@ -70,6 +70,15 @@ This declaration whitelists the `name`, `emails` and `friends` attributes. It is
70
70
 
71
71
  Thanks to Nick Kallen for the permit idea!
72
72
 
73
+ ## Require Multiple Parameters
74
+
75
+ If you want to make sure that multiple keys are present in a params hash, you can call the method twice:
76
+
77
+ ``` ruby
78
+ params.require(:token)
79
+ params.require(:post).permit(:title)
80
+ ```
81
+
73
82
  ## Handling of Unpermitted Keys
74
83
 
75
84
  By default parameter keys that are not explicitly permitted will be logged in the development and test environment. In other environments these parameters will simply be filtered out and ignored.
@@ -92,6 +101,10 @@ parameters = ActionController::Parameters.new(raw_parameters)
92
101
  user = User.create(parameters.permit(:name, :email))
93
102
  ```
94
103
 
104
+ ## More Examples
105
+
106
+ Head over to the [Rails guide about Action Controller](http://guides.rubyonrails.org/action_controller_overview.html#more-examples).
107
+
95
108
  ## Installation
96
109
 
97
110
  In Gemfile:
data/lib/action_controller/parameters.rb CHANGED
@@ -13,7 +13,7 @@ module ActionController
13
13
 
14
14
  def initialize(param)
15
15
  @param = param
16
- super("key not found: #{param}")
16
+ super("param is missing or the value is empty: #{param}")
17
17
  end
18
18
  end
19
19
 
@@ -111,11 +111,18 @@ module ActionController
111
111
  private
112
112
 
113
113
  def convert_hashes_to_parameters(key, value)
114
- if value.is_a?(Parameters) || !value.is_a?(Hash)
114
+ converted = convert_value_to_parameters(value)
115
+ self[key] = converted unless converted.equal?(value)
116
+ converted
117
+ end
118
+
119
+ def convert_value_to_parameters(value)
120
+ if value.is_a?(Array)
121
+ value.map { |_| convert_value_to_parameters(_) }
122
+ elsif value.is_a?(Parameters) || !value.is_a?(Hash)
115
123
  value
116
124
  else
117
- # Convert to Parameters on first access
118
- self[key] = self.class.new(value)
125
+ self.class.new(value)
119
126
  end
120
127
  end
121
128
 
@@ -179,7 +186,7 @@ module ActionController
179
186
 
180
187
  # Slicing filters out non-declared keys.
181
188
  slice(*filter.keys).each do |key, value|
182
- return unless value
189
+ next unless value
183
190
 
184
191
  if filter[key] == []
185
192
  # Declaration {:comment_ids => []}.
@@ -202,7 +209,7 @@ module ActionController
202
209
  if value.is_a?(Array)
203
210
  value.map { |el| yield el }.compact
204
211
  # fields_for on an array of records uses numeric hash keys.
205
- elsif value.is_a?(Hash) && value.keys.all? { |k| k =~ /\A-?\d+\z/ }
212
+ elsif fields_for_style?(value)
206
213
  hash = value.class.new
207
214
  value.each { |k,v| hash[k] = yield(v, k) }
208
215
  hash
@@ -211,6 +218,10 @@ module ActionController
211
218
  end
212
219
  end
213
220
 
221
+ def fields_for_style?(object)
222
+ object.is_a?(Hash) && object.all? { |k, v| k =~ /\A-?\d+\z/ && v.is_a?(Hash) }
223
+ end
224
+
214
225
  def unpermitted_parameters!(params)
215
226
  return unless self.class.action_on_unpermitted_parameters
216
227
 
data/lib/strong_parameters/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module StrongParameters
2
- VERSION = "0.2.1"
2
+ VERSION = "0.2.2"
3
3
  end
data/test/gemfiles/Gemfile.rails-3.0.x CHANGED
@@ -1,4 +1,4 @@
1
- source :rubygems
1
+ source 'http://rubygems.org'
2
2
  gemspec :path => "./../.."
3
3
 
4
4
  gem "actionpack", "~> 3.0.0"
data/test/gemfiles/Gemfile.rails-3.1.x CHANGED
@@ -1,4 +1,4 @@
1
- source :rubygems
1
+ source 'http://rubygems.org'
2
2
  gemspec :path => "./../.."
3
3
 
4
4
  gem "actionpack", "~> 3.1.0"
data/test/gemfiles/Gemfile.rails-3.2.x CHANGED
@@ -1,4 +1,4 @@
1
- source :rubygems
1
+ source 'http://rubygems.org'
2
2
  gemspec :path => "./../.."
3
3
 
4
4
  gem "actionpack", "~> 3.2.0"
data/test/parameters_permit_test.rb CHANGED
@@ -16,8 +16,8 @@ class NestedParametersTest < ActiveSupport::TestCase
16
16
  test 'if nothing is permitted, the hash becomes empty' do
17
17
  params = ActionController::Parameters.new(:id => '1234')
18
18
  permitted = params.permit
19
- permitted.permitted?
20
- permitted.empty?
19
+ assert permitted.permitted?
20
+ assert permitted.empty?
21
21
  end
22
22
 
23
23
  # --- key --------------------------------------------------------------------
@@ -95,6 +95,15 @@ class NestedParametersTest < ActiveSupport::TestCase
95
95
  assert !permitted.has_key?(:id)
96
96
  end
97
97
 
98
+ test 'do not break params filtering on nil values' do
99
+ params = ActionController::Parameters.new(:a => 1, :b => [1, 2, 3], :c => nil)
100
+
101
+ permitted = params.permit(:a, :c => [], :b => [])
102
+ assert_equal 1, permitted[:a]
103
+ assert_equal [1, 2, 3], permitted[:b]
104
+ assert_equal nil, permitted[:c]
105
+ end
106
+
98
107
  # --- key to empty array -----------------------------------------------------
99
108
 
100
109
  test 'key to empty array: empty arrays pass' do
@@ -309,4 +318,26 @@ class NestedParametersTest < ActiveSupport::TestCase
309
318
  assert_equal 'William Shakespeare', permitted[:book][:authors_attributes]['0'][0]
310
319
  assert_equal 'Unattributed Assistant', permitted[:book][:authors_attributes]['1'][0]
311
320
  end
321
+
322
+ test "nested number as key" do
323
+ params = ActionController::Parameters.new({
324
+ :product => {
325
+ :properties => {
326
+ '0' => "prop0",
327
+ '1' => "prop1"
328
+ }
329
+ }
330
+ })
331
+ params = params.require(:product).permit(:properties => ["0"])
332
+ assert_not_nil params[:properties]["0"]
333
+ assert_nil params[:properties]["1"]
334
+ assert_equal "prop0", params[:properties]["0"]
335
+ end
336
+
337
+ test 'hashes in array values get wrapped' do
338
+ params = ActionController::Parameters.new(foo: [{}, {}])
339
+ params[:foo].each do |hash|
340
+ assert !hash.permitted?
341
+ end
342
+ end
312
343
  end
metadata CHANGED
@@ -1,20 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: strong_parameters
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
5
- prerelease:
4
+ version: 0.2.2
6
5
  platform: ruby
7
6
  authors:
8
7
  - David Heinemeier Hansson
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2013-05-08 00:00:00.000000000 Z
11
+ date: 2013-12-21 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: actionpack
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
17
  - - ~>
20
18
  - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
22
20
  type: :runtime
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
24
  - - ~>
28
25
  - !ruby/object:Gem::Version
@@ -30,7 +27,6 @@ dependencies:
30
27
  - !ruby/object:Gem::Dependency
31
28
  name: activemodel
32
29
  requirement: !ruby/object:Gem::Requirement
33
- none: false
34
30
  requirements:
35
31
  - - ~>
36
32
  - !ruby/object:Gem::Version
@@ -38,7 +34,6 @@ dependencies:
38
34
  type: :runtime
39
35
  prerelease: false
40
36
  version_requirements: !ruby/object:Gem::Requirement
41
- none: false
42
37
  requirements:
43
38
  - - ~>
44
39
  - !ruby/object:Gem::Version
@@ -46,7 +41,6 @@ dependencies:
46
41
  - !ruby/object:Gem::Dependency
47
42
  name: railties
48
43
  requirement: !ruby/object:Gem::Requirement
49
- none: false
50
44
  requirements:
51
45
  - - ~>
52
46
  - !ruby/object:Gem::Version
@@ -54,7 +48,6 @@ dependencies:
54
48
  type: :runtime
55
49
  prerelease: false
56
50
  version_requirements: !ruby/object:Gem::Requirement
57
- none: false
58
51
  requirements:
59
52
  - - ~>
60
53
  - !ruby/object:Gem::Version
@@ -62,17 +55,15 @@ dependencies:
62
55
  - !ruby/object:Gem::Dependency
63
56
  name: rake
64
57
  requirement: !ruby/object:Gem::Requirement
65
- none: false
66
58
  requirements:
67
- - - ! '>='
59
+ - - '>='
68
60
  - !ruby/object:Gem::Version
69
61
  version: '0'
70
62
  type: :development
71
63
  prerelease: false
72
64
  version_requirements: !ruby/object:Gem::Requirement
73
- none: false
74
65
  requirements:
75
- - - ! '>='
66
+ - - '>='
76
67
  - !ruby/object:Gem::Version
77
68
  version: '0'
78
69
  description:
@@ -98,8 +89,6 @@ files:
98
89
  - test/action_controller_tainted_params_test.rb
99
90
  - test/active_model_mass_assignment_taint_protection_test.rb
100
91
  - test/controller_generator_test.rb
101
- - test/dummy/db/test.sqlite3
102
- - test/dummy/log/test.log
103
92
  - test/gemfiles/Gemfile.rails-3.0.x
104
93
  - test/gemfiles/Gemfile.rails-3.0.x.lock
105
94
  - test/gemfiles/Gemfile.rails-3.1.x
@@ -113,35 +102,32 @@ files:
113
102
  - test/test_helper.rb
114
103
  homepage: https://github.com/rails/strong_parameters
115
104
  licenses: []
105
+ metadata: {}
116
106
  post_install_message:
117
107
  rdoc_options: []
118
108
  require_paths:
119
109
  - lib
120
110
  required_ruby_version: !ruby/object:Gem::Requirement
121
- none: false
122
111
  requirements:
123
- - - ! '>='
112
+ - - '>='
124
113
  - !ruby/object:Gem::Version
125
114
  version: '0'
126
115
  required_rubygems_version: !ruby/object:Gem::Requirement
127
- none: false
128
116
  requirements:
129
- - - ! '>='
117
+ - - '>='
130
118
  - !ruby/object:Gem::Version
131
119
  version: '0'
132
120
  requirements: []
133
121
  rubyforge_project:
134
- rubygems_version: 1.8.23
122
+ rubygems_version: 2.1.11
135
123
  signing_key:
136
- specification_version: 3
124
+ specification_version: 4
137
125
  summary: Permitted and required parameters for Action Pack
138
126
  test_files:
139
127
  - test/action_controller_required_params_test.rb
140
128
  - test/action_controller_tainted_params_test.rb
141
129
  - test/active_model_mass_assignment_taint_protection_test.rb
142
130
  - test/controller_generator_test.rb
143
- - test/dummy/db/test.sqlite3
144
- - test/dummy/log/test.log
145
131
  - test/gemfiles/Gemfile.rails-3.0.x
146
132
  - test/gemfiles/Gemfile.rails-3.0.x.lock
147
133
  - test/gemfiles/Gemfile.rails-3.1.x
@@ -153,3 +139,4 @@ test_files:
153
139
  - test/parameters_taint_test.rb
154
140
  - test/raise_on_unpermitted_params_test.rb
155
141
  - test/test_helper.rb
142
+ has_rdoc:
data/test/dummy/db/test.sqlite3 DELETED
File without changes
data/test/dummy/log/test.log DELETED
@@ -1,88 +0,0 @@
1
-  (0.2ms) begin transaction
2
-  (0.0ms) rollback transaction
3
-  (0.0ms) begin transaction
4
-  (0.0ms) rollback transaction
5
-  (0.0ms) begin transaction
6
-  (0.0ms) rollback transaction
7
-  (0.0ms) begin transaction
8
-  (0.0ms) rollback transaction
9
-  (0.0ms) begin transaction
10
-  (0.0ms) rollback transaction
11
-  (0.0ms) begin transaction
12
-  (0.0ms) rollback transaction
13
-  (0.2ms) begin transaction
14
-  (0.0ms) rollback transaction
15
-  (0.0ms) begin transaction
16
-  (0.0ms) rollback transaction
17
-  (0.0ms) begin transaction
18
-  (0.0ms) rollback transaction
19
-  (0.0ms) begin transaction
20
-  (0.0ms) rollback transaction
21
-  (0.0ms) begin transaction
22
-  (0.0ms) rollback transaction
23
-  (0.0ms) begin transaction
24
-  (0.0ms) rollback transaction
25
-  (0.2ms) begin transaction
26
-  (0.0ms) rollback transaction
27
-  (0.0ms) begin transaction
28
-  (0.0ms) rollback transaction
29
-  (0.0ms) begin transaction
30
-  (0.0ms) rollback transaction
31
-  (0.0ms) begin transaction
32
-  (0.0ms) rollback transaction
33
-  (0.0ms) begin transaction
34
-  (0.0ms) rollback transaction
35
-  (0.0ms) begin transaction
36
-  (0.0ms) rollback transaction
37
-  (0.2ms) begin transaction
38
-  (0.0ms) rollback transaction
39
-  (0.0ms) begin transaction
40
-  (0.0ms) rollback transaction
41
-  (0.0ms) begin transaction
42
-  (0.0ms) rollback transaction
43
-  (0.0ms) begin transaction
44
-  (0.0ms) rollback transaction
45
-  (0.0ms) begin transaction
46
-  (0.0ms) rollback transaction
47
-  (0.0ms) begin transaction
48
-  (0.0ms) rollback transaction
49
-  (0.2ms) begin transaction
50
-  (0.0ms) rollback transaction
51
-  (0.0ms) begin transaction
52
-  (0.0ms) rollback transaction
53
-  (0.0ms) begin transaction
54
-  (0.0ms) rollback transaction
55
-  (0.0ms) begin transaction
56
-  (0.0ms) rollback transaction
57
-  (0.0ms) begin transaction
58
-  (0.0ms) rollback transaction
59
-  (0.0ms) begin transaction
60
-  (0.0ms) rollback transaction
61
-  (0.2ms) begin transaction
62
-  (0.0ms) rollback transaction
63
-  (0.0ms) begin transaction
64
-  (0.0ms) rollback transaction
65
-  (0.0ms) begin transaction
66
-  (0.0ms) rollback transaction
67
-  (0.0ms) begin transaction
68
-  (0.0ms) rollback transaction
69
-  (0.0ms) begin transaction
70
-  (0.0ms) rollback transaction
71
-  (0.0ms) begin transaction
72
-  (0.0ms) rollback transaction
73
-  (0.2ms) begin transaction
74
-  (0.0ms) rollback transaction
75
-  (0.0ms) begin transaction
76
-  (0.0ms) rollback transaction
77
-  (0.0ms) begin transaction
78
-  (0.0ms) rollback transaction
79
-  (0.0ms) begin transaction
80
-  (0.0ms) rollback transaction
81
-  (0.0ms) begin transaction
82
-  (0.0ms) rollback transaction
83
-  (0.0ms) begin transaction
84
-  (0.0ms) rollback transaction
85
-  (0.3ms) begin transaction
86
-  (0.0ms) rollback transaction
87
-  (0.3ms) begin transaction
88
-  (0.0ms) rollback transaction