whiny_attr_accessible 0.0.1 → 0.1.0

data/Rakefile

@@ -13,7 +13,8 @@ begin
     gem.email = "tamosunas@gmail.com"
     gem.homepage = "http://github.com/scotttam/whiny_attr_accessible"
     gem.authors = ["Scott J. Tamosunas"]
-    gem.add_development_dependency "rspec", ">= 1.2.9"
+    gem.add_development_dependency "rspec", ">= 2.0.1"
+    gem.add_development_dependency "mocha", ">= 0.9.9"
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
   end
   Jeweler::GemcutterTasks.new
@@ -26,5 +27,15 @@ RSpec::Core::RakeTask.new(:spec) do |t|
   t.rcov = false
 end
 
+RSpec::Core::RakeTask.new(:spec_mongo_mapper) do |t|
+  t.pattern = FileList['spec/mongo_mapper/**/*_spec.rb']
+  t.rcov = false
+end
+
+RSpec::Core::RakeTask.new(:spec_active_record) do |t|
+  t.pattern = FileList['spec/active_record/**/*_spec.rb']
+  t.rcov = false
+end
+
 # task :spec => :check_dependencies
 task :default => :spec

data/VERSION

@@ -1 +1 @@
-0.0.1
+0.1.0

data/lib/active_record/mass_assignment_security.rb

@@ -0,0 +1,14 @@
+module ActiveModel
+  module MassAssignmentSecurity
+      
+    protected
+    
+    def sanitize_for_mass_assignment_with_exception(attributes)
+      safe_attrs = sanitize_for_mass_assignment_without_exception(attributes)
+      check_and_raise_if_diffs(attributes, safe_attrs)
+      safe_attrs
+    end
+    alias_method_chain :sanitize_for_mass_assignment, :exception
+  end
+end
+      

data/lib/mongo_mapper/accessible.rb

@@ -3,7 +3,6 @@ if development_or_test?
     module Plugins
       module Accessible
         module InstanceMethods
-          include PrintDiffs
           
           protected
 

data/lib/mongo_mapper/protected.rb

@@ -3,7 +3,6 @@ if development_or_test?
     module Plugins
       module Protected
         module InstanceMethods
-          include PrintDiffs
           
           protected
 

data/lib/util/helpers.rb

@@ -7,3 +7,6 @@ def my_alias_method_chain(original, aliased)
   alias_method "#{original}_without_#{aliased}", original
   alias_method original, "#{original}_with_#{aliased}"
 end
+
+class WhinyAttrAccessibleError < StandardError
+end

data/lib/util/print_diffs.rb

@@ -0,0 +1,10 @@
+def check_and_raise_if_diffs(attrs, safe_attrs)
+  diff = attrs.flatten - safe_attrs.flatten
+  return if diff.blank?
+  results = []
+  diff.length.times do |idx|
+    next if idx % 2 != 0 
+    results << "#{diff[idx]} => #{diff[idx + 1]}"
+  end
+  raise WhinyAttrAccessibleError.new("You tried to assign the following attributes that are either protected or not accessible: #{results.join(", ")}")
+end

data/lib/whiny_attr_accessible.rb

@@ -1,6 +1,17 @@
 require 'util/helpers'
-require 'util/whiny_attr_accessible_error'
-require 'mongo_mapper/print_diffs'
-require 'mongo_mapper/accessible'
-require 'mongo_mapper/protected'
+require 'util/print_diffs'
 
+begin
+  require 'mongo_mapper'
+  require 'mongo_mapper/accessible'
+  require 'mongo_mapper/protected'
+rescue Exception => e
+  #puts "NOT LOADING MONGO MAPPER #{e}"
+end
+
+begin
+  require 'active_model'
+  require 'active_record/mass_assignment_security'
+rescue Exception => e
+  #puts "NOT LOADING ACTIVE RECORD #{e}"
+end

data/spec/active_record/mass_assignment_security_spec.rb

@@ -0,0 +1,36 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+class ArTest < ActiveRecord::Base
+  attr_accessible :unprotected
+end
+
+describe "ActiveRecord AttrAccessible" do
+  before(:all) do
+    begin
+      CreateModelForTesting.up
+    rescue SQLite3::SQLException
+      CreateModelForTesting.down
+      CreateModelForTesting.up
+    end
+      
+  end
+
+  after(:all) do
+    begin
+      CreateModelForTesting.down
+    rescue SQLite3::SQLException
+    end
+  end
+  
+  before(:each) do
+    @ar_test = ArTest.create!
+  end
+  
+  it "should raise an exception when trying to set an attribute that's not attr_accessible" do
+    lambda { @ar_test.update_attributes(:protected => "no") }.should raise_error(WhinyAttrAccessibleError)
+  end
+  
+  it "should not raise an exception when setting an attribute that's accessible" do
+    lambda { @ar_test.update_attributes(:unprotected => "yes") }.should_not raise_error(WhinyAttrAccessibleError)
+  end
+end

data/spec/mongo_mapper/accessible_spec.rb

@@ -1,6 +1,6 @@
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
 
-describe "AttrAccessible" do
+describe "MongoMapper AttrAccessible" do
   before(:each) do
     @foo = Accessible.create!
   end

data/spec/mongo_mapper/protected_spec.rb

@@ -1,6 +1,6 @@
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
 
-describe "Protected" do
+describe "MongoMapper AttrProtected" do
   before(:each) do
     @foo = Protected.create!
   end

data/spec/spec_helper.rb

@@ -2,36 +2,26 @@ $LOAD_PATH.unshift(File.dirname(__FILE__))
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 
 require 'rubygems'
-require 'mongo_mapper'
-require 'rspec'
-
-require 'whiny_attr_accessible'
+require 'benchmark'
 
-Rspec.configure do |config|
-  config.mock_with :mocha
+begin
+  require 'mongo_mapper'
+  require 'spec_helpers/mongo_mapper_spec_helper'
+rescue Exception
+  #puts "NOT LOADING MM"
 end
 
-config = {
-    'test' => {'host' => 'localhost', 'port' => 27017, 'database' => 'mongoa_test'},
-}
-
-MongoMapper.config = config
-MongoMapper.connect("test")
-
-class Accessible
-  include MongoMapper::Document
-
-  attr_accessible :unprotected
-  
-  key :unprotected, String
-  key :protected, String
+begin
+  require 'rails/all'
+  require 'spec_helpers/active_record_spec_helper'
+rescue Exception => e
+  #puts "NOT LOADING AR #{e}"
 end
 
-class Protected
-  include MongoMapper::Document
+require 'rspec'
+require 'whiny_attr_accessible'
 
-  attr_protected :protected
-  
-  key :unprotected, String
-  key :protected, String
+Rspec.configure do |config|
+  config.mock_with :mocha
 end
+

data/spec/spec_helpers/active_record_spec_helper.rb

@@ -0,0 +1,14 @@
+ActiveRecord::Base.establish_connection('adapter' => 'sqlite3', 'database' => 'test')
+
+class CreateModelForTesting < ActiveRecord::Migration
+  def self.up
+    create_table :ar_tests do |t|
+      t.string  :protected
+      t.string  :unprotected
+    end
+  end
+
+  def self.down
+    drop_table :ar_tests
+  end
+end

data/spec/spec_helpers/mongo_mapper_spec_helper.rb

@@ -0,0 +1,25 @@
+config = {
+    'test' => {'host' => 'localhost', 'port' => 27017, 'database' => 'mongoa_test'},
+}
+
+MongoMapper.config = config
+MongoMapper.connect("test")
+
+class Accessible
+  include MongoMapper::Document
+
+  attr_accessible :unprotected
+
+  key :unprotected, String
+  key :protected, String
+end
+
+class Protected
+  include MongoMapper::Document
+
+  attr_protected :protected
+
+  key :unprotected, String
+  key :protected, String
+end
+

data/whiny_attr_accessible.gemspec

@@ -0,0 +1,73 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{whiny_attr_accessible}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Scott J. Tamosunas"]
+  s.date = %q{2010-10-31}
+  s.description = %q{Make attr_accessible and attr_protected throw exceptions in non-production mode, yo.}
+  s.email = %q{tamosunas@gmail.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README",
+     "README.rdoc"
+  ]
+  s.files = [
+    ".document",
+     ".gitignore",
+     "LICENSE",
+     "README",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "lib/active_record/mass_assignment_security.rb",
+     "lib/mongo_mapper/accessible.rb",
+     "lib/mongo_mapper/protected.rb",
+     "lib/util/helpers.rb",
+     "lib/util/print_diffs.rb",
+     "lib/whiny_attr_accessible.rb",
+     "spec/.rspec",
+     "spec/active_record/mass_assignment_security_spec.rb",
+     "spec/mongo_mapper/accessible_spec.rb",
+     "spec/mongo_mapper/protected_spec.rb",
+     "spec/spec_helper.rb",
+     "spec/spec_helpers/active_record_spec_helper.rb",
+     "spec/spec_helpers/mongo_mapper_spec_helper.rb",
+     "whiny_attr_accessible.gemspec"
+  ]
+  s.homepage = %q{http://github.com/scotttam/whiny_attr_accessible}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Make attr_accessible and attr_protected throw exceptions in non-production mode}
+  s.test_files = [
+    "spec/active_record/mass_assignment_security_spec.rb",
+     "spec/mongo_mapper/accessible_spec.rb",
+     "spec/mongo_mapper/protected_spec.rb",
+     "spec/spec_helper.rb",
+     "spec/spec_helpers/active_record_spec_helper.rb",
+     "spec/spec_helpers/mongo_mapper_spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, [">= 2.0.1"])
+      s.add_development_dependency(%q<mocha>, [">= 0.9.9"])
+    else
+      s.add_dependency(%q<rspec>, [">= 2.0.1"])
+      s.add_dependency(%q<mocha>, [">= 0.9.9"])
+    end
+  else
+    s.add_dependency(%q<rspec>, [">= 2.0.1"])
+    s.add_dependency(%q<mocha>, [">= 0.9.9"])
+  end
+end
+

metadata

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments: 
   - 0
-  - 0
   - 1
-  version: 0.0.1
+  - 0
+  version: 0.1.0
 platform: ruby
 authors: 
 - Scott J. Tamosunas
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-10-29 00:00:00 -04:00
+date: 2010-10-31 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -26,12 +26,27 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version 
         segments: 
-        - 1
         - 2
-        - 9
-        version: 1.2.9
+        - 0
+        - 1
+        version: 2.0.1
   type: :development
   version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: mocha
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 9
+        - 9
+        version: 0.9.9
+  type: :development
+  version_requirements: *id002
 description: Make attr_accessible and attr_protected throw exceptions in non-production mode, yo.
 email: tamosunas@gmail.com
 executables: []
@@ -50,16 +65,20 @@ files:
 - README.rdoc
 - Rakefile
 - VERSION
+- lib/active_record/mass_assignment_security.rb
 - lib/mongo_mapper/accessible.rb
-- lib/mongo_mapper/print_diffs.rb
 - lib/mongo_mapper/protected.rb
 - lib/util/helpers.rb
-- lib/util/whiny_attr_accessible_error.rb
+- lib/util/print_diffs.rb
 - lib/whiny_attr_accessible.rb
+- spec/.rspec
+- spec/active_record/mass_assignment_security_spec.rb
 - spec/mongo_mapper/accessible_spec.rb
 - spec/mongo_mapper/protected_spec.rb
-- spec/spec.opts
 - spec/spec_helper.rb
+- spec/spec_helpers/active_record_spec_helper.rb
+- spec/spec_helpers/mongo_mapper_spec_helper.rb
+- whiny_attr_accessible.gemspec
 has_rdoc: true
 homepage: http://github.com/scotttam/whiny_attr_accessible
 licenses: []
@@ -93,6 +112,9 @@ signing_key:
 specification_version: 3
 summary: Make attr_accessible and attr_protected throw exceptions in non-production mode
 test_files: 
+- spec/active_record/mass_assignment_security_spec.rb
 - spec/mongo_mapper/accessible_spec.rb
 - spec/mongo_mapper/protected_spec.rb
 - spec/spec_helper.rb
+- spec/spec_helpers/active_record_spec_helper.rb
+- spec/spec_helpers/mongo_mapper_spec_helper.rb

data/lib/mongo_mapper/print_diffs.rb

@@ -1,12 +0,0 @@
-module PrintDiffs
-  def check_and_raise_if_diffs(attrs, safe_attrs)
-    diff = attrs.flatten - safe_attrs.flatten
-    return if diff.blank?
-    results = []
-    diff.length.times do |idx|
-      next if idx % 2 != 0 
-      results << "#{diff[idx]} => #{diff[idx + 1]}"
-    end
-    raise WhinyAttrAccessibleError.new("You tried to assign the following attributes that are either protected or not accessible: #{results.join(", ")}")
-  end
-end

data/lib/util/whiny_attr_accessible_error.rb

@@ -1,2 +0,0 @@
-class WhinyAttrAccessibleError < StandardError
-end