usergrid_ironhorse 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +4 -0
- data/lib/usergrid_ironhorse/base.rb +4 -5
- data/lib/usergrid_ironhorse/version.rb +1 -1
- data/spec/usergrid_ironhorse/base_spec.rb +20 -0
- metadata +2 -2
data/README.md
CHANGED
|
@@ -149,6 +149,10 @@ usergrid_ironhorse/spec/spec_settings.yaml to match.)
|
|
|
149
149
|
|
|
150
150
|
## Release notes
|
|
151
151
|
|
|
152
|
+
### 0.0.5
|
|
153
|
+
* New Features
|
|
154
|
+
1. support MassAssignmentSecurity (attr_accessible & attr_protected)
|
|
155
|
+
|
|
152
156
|
### 0.0.4
|
|
153
157
|
* New Features
|
|
154
158
|
1. add require_login to config (with ability to skip individual logins)
|
|
@@ -11,6 +11,7 @@ module Usergrid
|
|
|
11
11
|
include ActiveModel::Validations
|
|
12
12
|
include ActiveModel::Dirty
|
|
13
13
|
include ActiveModel::Serialization
|
|
14
|
+
include ActiveModel::MassAssignmentSecurity
|
|
14
15
|
extend ActiveModel::Naming
|
|
15
16
|
extend ActiveModel::Callbacks
|
|
16
17
|
|
|
@@ -42,11 +43,8 @@ module Usergrid
|
|
|
42
43
|
RecordNotSaved = ActiveRecord::RecordNotSaved
|
|
43
44
|
|
|
44
45
|
def initialize(attrs=nil)
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
assign_attributes attrs
|
|
48
|
-
end
|
|
49
|
-
@attributes = attrs
|
|
46
|
+
@attributes = HashWithIndifferentAccess.new
|
|
47
|
+
assign_attributes attrs if attrs
|
|
50
48
|
end
|
|
51
49
|
|
|
52
50
|
def self.configure!(application_url, auth_token)
|
|
@@ -279,6 +277,7 @@ module Usergrid
|
|
|
279
277
|
|
|
280
278
|
|
|
281
279
|
def assign_attributes(attrs)
|
|
280
|
+
attrs = sanitize_for_mass_assignment(attrs)
|
|
282
281
|
attrs.each do |attr,value|
|
|
283
282
|
attr = attr.to_s
|
|
284
283
|
unless attributes[attr] == value
|
|
@@ -310,5 +310,25 @@ describe Usergrid::Ironhorse::Base do
|
|
|
310
310
|
foo.destroy
|
|
311
311
|
end
|
|
312
312
|
|
|
313
|
+
it "should fail on unaccessible mass assignment" do
|
|
314
|
+
Foo.attr_accessible :name
|
|
315
|
+
foo = Foo.create! name: 'foo', number: 43
|
|
316
|
+
foo.number.should_not eq 43
|
|
317
|
+
foo.update_attributes number: 44, foo: 'bar'
|
|
318
|
+
foo.number.should_not eq 44
|
|
319
|
+
foo.destroy
|
|
320
|
+
Foo._accessible_attributes = nil
|
|
321
|
+
end
|
|
322
|
+
|
|
323
|
+
it "should fail on protected mass assignment" do
|
|
324
|
+
Foo.attr_protected :number
|
|
325
|
+
foo = Foo.create! name: 'foo', number: 43
|
|
326
|
+
foo.number.should_not eq 43
|
|
327
|
+
foo.update_attributes number: 44, foo: 'bar'
|
|
328
|
+
foo.number.should_not eq 44
|
|
329
|
+
foo.destroy
|
|
330
|
+
Foo._protected_attributes = nil
|
|
331
|
+
end
|
|
332
|
+
|
|
313
333
|
end
|
|
314
334
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: usergrid_ironhorse
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.5
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-
|
|
12
|
+
date: 2012-12-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: usergrid_iron
|