strongly_typed_parameters 0.0.1

data/test/parameters_require_test.rb

@@ -0,0 +1,10 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+class ParametersRequireTest < ActiveSupport::TestCase
+  test "required parameters must be present not merely not nil" do
+    assert_raises(ActionController::ParameterMissing) do
+      ActionController::Parameters.new(:person => {}).require(:person)
+    end
+  end
+end

data/test/parameters_taint_test.rb

@@ -0,0 +1,93 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+class ParametersTaintTest < ActiveSupport::TestCase
+  setup do
+    @params = ActionController::Parameters.new({ :person => {
+      :age => "32", :name => { :first => "David", :last => "Heinemeier Hansson" }
+    }})
+  end
+
+  test "fetch raises ParameterMissing exception" do
+    e = assert_raises(ActionController::ParameterMissing) do
+      @params.fetch :foo
+    end
+    assert_equal :foo, e.param
+  end
+
+  test "fetch doesnt raise ParameterMissing exception if there is a default" do
+    assert_nothing_raised do
+      assert_equal "monkey", @params.fetch(:foo, "monkey")
+      assert_equal "monkey", @params.fetch(:foo) { "monkey" }
+    end
+  end
+
+  test "not permitted is sticky on accessors" do
+    assert !@params.slice(:person).permitted?
+    assert !@params[:person][:name].permitted?
+    assert !@params[:person].except(:name).permitted?
+
+    @params.each { |key, value| assert(!value.permitted?) if key == "person" }
+
+    assert !@params.fetch(:person).permitted?
+
+    assert !@params.values_at(:person).first.permitted?
+  end
+
+  test "permitted is sticky on accessors" do
+    @params.permit!
+    assert @params.slice(:person).permitted?
+    assert @params[:person][:name].permitted?
+    assert @params[:person].except(:name).permitted?
+
+    @params.each { |key, value| assert(value.permitted?) if key == "person" }
+
+    assert @params.fetch(:person).permitted?
+
+    assert @params.values_at(:person).first.permitted?
+  end
+
+  test "not permitted is sticky on mutators" do
+    assert !@params.delete_if { |k, v| k == "person" }.permitted?
+    assert !@params.keep_if { |k, v| k == "person" }.permitted? if @params.respond_to?(:keep_if)
+  end
+
+  test "permitted is sticky on mutators" do
+    @params.permit!
+    assert @params.delete_if { |k, v| k == "person" }.permitted?
+    assert @params.keep_if { |k, v| k == "person" }.permitted? if @params.respond_to?(:keep_if)
+  end
+
+  test "not permitted is sticky beyond merges" do
+    assert !@params.merge(:a => "b").permitted?
+  end
+
+  test "permitted is sticky beyond merges" do
+    @params.permit!
+    assert @params.merge(:a => "b").permitted?
+  end
+
+  test "modifying the parameters" do
+    @params[:person][:hometown] = "Chicago"
+    @params[:person][:family] = { :brother => "Jonas" }
+
+    assert_equal "Chicago", @params[:person][:hometown]
+    assert_equal "Jonas", @params[:person][:family][:brother]
+  end
+
+  test "permitting parameters that are not there should not include the keys" do
+    assert !@params.permit(:person, :funky).has_key?(:funky)
+  end
+
+  test "permit state is kept on a dup" do
+    @params.permit!
+    assert_equal @params.permitted?, @params.dup.permitted?
+  end
+
+  test "permit is recursive" do
+    @params.permit!
+    assert @params.permitted?
+    assert @params[:person].permitted?
+    assert @params[:person][:name].permitted?
+  end
+end

data/test/raise_on_unpermitted_params_test.rb

@@ -0,0 +1,33 @@
+require 'test_helper'
+require 'action_controller/parameters'
+
+class RaiseOnUnpermittedParamsTest < ActiveSupport::TestCase
+  def setup
+    ActionController::Parameters.action_on_unpermitted_parameters = :raise
+  end
+
+  def teardown
+    ActionController::Parameters.action_on_unpermitted_parameters = false
+  end
+
+  test "raises on unexpected params" do
+    params = ActionController::Parameters.new({
+      :book => { :pages => 65 },
+      :fishing => "Turnips"
+    })
+
+    assert_raises(ActionController::UnpermittedParameters) do
+      params.permit(:book => [:pages])
+    end
+  end
+
+  test "raises on unexpected nested params" do
+    params = ActionController::Parameters.new({
+      :book => { :pages => 65, :title => "Green Cats and where to find then." }
+    })
+
+    assert_raises(ActionController::UnpermittedParameters) do
+      params.permit(:book => [:pages])
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,36 @@
+# Configure Rails Environment
+ENV["RAILS_ENV"] = "test"
+
+require 'test/unit'
+require 'rails'
+
+class FakeApplication < Rails::Application; end
+
+Rails.application = FakeApplication
+Rails.configuration.action_controller = ActiveSupport::OrderedOptions.new
+
+require 'strongly_typed_parameters'
+require 'mocha'
+
+module ActionController
+  SharedTestRoutes = ActionDispatch::Routing::RouteSet.new
+  SharedTestRoutes.draw do
+    match ':controller(/:action)'
+  end
+
+  class Base
+    include ActionController::Testing
+    include SharedTestRoutes.url_helpers
+  end
+
+  class ActionController::TestCase
+    setup do
+      @routes = SharedTestRoutes
+    end
+  end
+end
+
+ActionController::Parameters.action_on_unpermitted_parameters = false
+
+# Load support files
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }

metadata

@@ -0,0 +1,171 @@
+--- !ruby/object:Gem::Specification
+name: strongly_typed_parameters
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- David Heinemeier Hansson
+- Aaron Weiner
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-10-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.12.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.12.0
+description: 
+email:
+- aweiner@mdsol.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/action_controller/parameters.rb
+- lib/active_model/forbidden_attributes_protection.rb
+- lib/generators/rails/strong_parameters_controller_generator.rb
+- lib/generators/rails/templates/controller.rb
+- lib/generators/rails/USAGE
+- lib/strongly_typed_parameters/boolean.rb
+- lib/strongly_typed_parameters/railtie.rb
+- lib/strongly_typed_parameters/version.rb
+- lib/strongly_typed_parameters.rb
+- MIT-LICENSE
+- Rakefile
+- README.rdoc
+- test/action_controller_required_params_test.rb
+- test/action_controller_tainted_params_test.rb
+- test/active_model_mass_assignment_taint_protection_test.rb
+- test/active_model_smart_type_defaulting_test.rb
+- test/controller_generator_test.rb
+- test/gemfiles/Gemfile.rails-3.0.x
+- test/gemfiles/Gemfile.rails-3.0.x.lock
+- test/gemfiles/Gemfile.rails-3.1.x
+- test/gemfiles/Gemfile.rails-3.2.x
+- test/log_on_unpermitted_params_test.rb
+- test/multi_parameter_attributes_test.rb
+- test/parameters_permit_test.rb
+- test/parameters_require_test.rb
+- test/parameters_taint_test.rb
+- test/raise_on_unpermitted_params_test.rb
+- test/test_helper.rb
+homepage: https://github.com/mdsol/strong_parameters
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Whitelist and typecheck your parameters at the controller level
+test_files:
+- test/action_controller_required_params_test.rb
+- test/action_controller_tainted_params_test.rb
+- test/active_model_mass_assignment_taint_protection_test.rb
+- test/active_model_smart_type_defaulting_test.rb
+- test/controller_generator_test.rb
+- test/gemfiles/Gemfile.rails-3.0.x
+- test/gemfiles/Gemfile.rails-3.0.x.lock
+- test/gemfiles/Gemfile.rails-3.1.x
+- test/gemfiles/Gemfile.rails-3.2.x
+- test/log_on_unpermitted_params_test.rb
+- test/multi_parameter_attributes_test.rb
+- test/parameters_permit_test.rb
+- test/parameters_require_test.rb
+- test/parameters_taint_test.rb
+- test/raise_on_unpermitted_params_test.rb
+- test/test_helper.rb
+has_rdoc: