Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
a8f6d5c6
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a8f6d5c6
编写于
7月 13, 2012
作者:
G
Guillermo Iguaran
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Integrate ActiveModel::ForbiddenAttributesProtection from StrongParameters gem
上级
88500546
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
54 addition
and
0 deletion
+54
-0
activemodel/lib/active_model.rb
activemodel/lib/active_model.rb
+1
-0
activemodel/lib/active_model/forbidden_attributes_protection.rb
...model/lib/active_model/forbidden_attributes_protection.rb
+14
-0
activemodel/test/cases/forbidden_attributes_protection_test.rb
...emodel/test/cases/forbidden_attributes_protection_test.rb
+32
-0
activemodel/test/models/mass_assignment_specific.rb
activemodel/test/models/mass_assignment_specific.rb
+7
-0
未找到文件。
activemodel/lib/active_model.rb
浏览文件 @
a8f6d5c6
...
...
@@ -34,6 +34,7 @@ module ActiveModel
autoload
:Conversion
autoload
:Dirty
autoload
:EachValidator
,
'active_model/validator'
autoload
:ForbiddenAttributesProtection
autoload
:Lint
autoload
:MassAssignmentSecurity
autoload
:Model
...
...
activemodel/lib/active_model/forbidden_attributes_protection.rb
0 → 100644
浏览文件 @
a8f6d5c6
module
ActiveModel
class
ForbiddenAttributes
<
StandardError
end
module
ForbiddenAttributesProtection
def
sanitize_for_mass_assignment
(
new_attributes
,
options
=
{})
if
!
new_attributes
.
respond_to?
(
:permitted?
)
||
(
new_attributes
.
respond_to?
(
:permitted?
)
&&
new_attributes
.
permitted?
)
super
else
raise
ActiveModel
::
ForbiddenAttributes
end
end
end
end
activemodel/test/cases/forbidden_attributes_protection_test.rb
0 → 100644
浏览文件 @
a8f6d5c6
require
'cases/helper'
require
'models/mass_assignment_specific'
class
ActiveModelMassUpdateProtectionTest
<
ActiveSupport
::
TestCase
test
"forbidden attributes cannot be used for mass updating"
do
params
=
{
"a"
=>
"b"
}
class
<<
params
define_method
(
:permitted?
)
{
false
}
end
assert_raises
(
ActiveModel
::
ForbiddenAttributes
)
do
SpecialPerson
.
new
.
sanitize_for_mass_assignment
(
params
)
end
end
test
"permitted attributes can be used for mass updating"
do
params
=
{
"a"
=>
"b"
}
class
<<
params
define_method
(
:permitted?
)
{
true
}
end
assert_nothing_raised
do
assert_equal
({
"a"
=>
"b"
},
SpecialPerson
.
new
.
sanitize_for_mass_assignment
(
params
))
end
end
test
"regular attributes should still be allowed"
do
assert_nothing_raised
do
assert_equal
({
a:
"b"
},
SpecialPerson
.
new
.
sanitize_for_mass_assignment
(
a:
"b"
))
end
end
end
activemodel/test/models/mass_assignment_specific.rb
浏览文件 @
a8f6d5c6
...
...
@@ -20,6 +20,13 @@ class Person
public
:sanitize_for_mass_assignment
end
class
SpecialPerson
include
ActiveModel
::
MassAssignmentSecurity
include
ActiveModel
::
ForbiddenAttributesProtection
public
:sanitize_for_mass_assignment
end
class
Account
include
ActiveModel
::
MassAssignmentSecurity
attr_accessible
:name
,
:email
,
:as
=>
[
:default
,
:admin
]
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录