ref: refs/heads/jr-basemodel
commit 1ece5a70882938519f0748636e3de70ca7323eda
Author: Josef Reidinger
Date: Wed Dec 9 10:51:51 2009 +0100
add mass assignments whitelisting and blacklisting
---
webservice/lib/base_model/base.rb | 14 +++++++++++-
webservice/lib/base_model/mass_assignment.rb | 30 +++++++++++++++++++++++++-
webservice/test/unit/base_model_test.rb | 20 ++++++++++++++++-
3 files changed, 61 insertions(+), 3 deletions(-)
diff --git a/webservice/lib/base_model/base.rb b/webservice/lib/base_model/base.rb
index e1387e1..f9ed7f3 100644
--- a/webservice/lib/base_model/base.rb
+++ b/webservice/lib/base_model/base.rb
@@ -1,5 +1,8 @@
module BaseModel
class Base
+ def initialize(attr={})
+ load(attr)
+ end
def save
create_or_update
@@ -29,9 +32,18 @@ module BaseModel
def destroy
end
- include BaseModel::MassAssignment
+#remove overwritten method_missing from activeRecord
+ alias :method_missing_orig :method_missing
include ActiveRecord::AttributeMethods
+ alias :method_missing :method_missing_orig
+#remove overwritten respond_to
+ alias :respond_to? :respond_to_without_attributes?
+
include ActiveRecord::Validations
include ActiveRecord::Callbacks
+
+
+ include BaseModel::MassAssignment
+
end
end
diff --git a/webservice/lib/base_model/mass_assignment.rb b/webservice/lib/base_model/mass_assignment.rb
index ce5dd52..b90ce0d 100644
--- a/webservice/lib/base_model/mass_assignment.rb
+++ b/webservice/lib/base_model/mass_assignment.rb
@@ -2,7 +2,35 @@ module BaseModel
module MassAssignment
def load(attributes)
attributes.each do |k,v|
- instance_variable_set ( "@#{k.to_s}",v )
+ whitelist = self.class.accessible_attributes
+ next if whitelist && !(whitelist.include?(k.to_sym))
+ blacklist = self.class.protected_attributes
+ next if blacklist && blacklist.include?(k.to_sym)
+ instance_variable_set("@#{k.to_s}",v)
+ end
+ end
+
+ def self.included(base)
+ base.send(:extend,ClassMethods)
+ end
+
+ module ClassMethods
+ def attr_accessible ( *args )
+ @attr_accessible ||= []
+ @attr_accessible.concat args
+ end
+
+ def accessible_attributes
+ @attr_accessible
+ end
+
+ def attr_protected ( *args )
+ @attr_protected ||= []
+ @attr_protected.concat args
+ end
+
+ def protected_attributes
+ @attr_protected
end
end
end
diff --git a/webservice/test/unit/base_model_test.rb b/webservice/test/unit/base_model_test.rb
index 977c364..edde777 100644
--- a/webservice/test/unit/base_model_test.rb
+++ b/webservice/test/unit/base_model_test.rb
@@ -6,11 +6,22 @@ class BaseModelTest < ActiveSupport::TestCase
before_save :call
attr_accessor :arg1, :arg2, :callback_used
+ attr_protected :callback_used
def call
@callback_used = true;
end
end
+ class Test2 < BaseModel::Base
+
+ attr_accessor :arg1, :arg2
+ attr_accessible :arg1
+ def call
+ @callback_used = true;
+ end
+ end
+
+
def test_validations
test = Test.new
test.arg1 = "last"
@@ -28,11 +39,18 @@ class BaseModelTest < ActiveSupport::TestCase
assert test.callback_used
end
-MASS_DATA = { :arg1 => "last", :arg2 => "5" }
+MASS_DATA = { :arg1 => "last", :arg2 => "5", :callback_used => false }
def test_mass_assignment
test = Test.new
+ test.callback_used = true
test.load MASS_DATA
assert_equal "last", test.arg1
assert_equal "5", test.arg2
+#test blacklisting
+ assert test.callback_used
+#test whitelisting
+ test2 = Test2.new(MASS_DATA)
+ assert_equal "last", test2.arg1
+ assert test2.arg2.nil?
end
end
--
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org