Permalink
Browse files

Make it work with Rails ~> 3.0

  • Loading branch information...
1 parent 1dd107b commit 5f3fb01a9d5f5adb17665a3bdabffd396d722e61 @solnic solnic committed Jan 31, 2012
Showing with 6 additions and 9 deletions.
  1. +0 −5 Gemfile
  2. +3 −1 dm-rails.gemspec
  3. +3 −3 lib/dm-rails/mass_assignment_security.rb
View
@@ -9,18 +9,13 @@ REPO_POSTFIX = SOURCE == :path ? '' : '.git'
DATAMAPPER = SOURCE == :path ? Pathname(__FILE__).dirname.parent : 'http://github.com/datamapper'
DM_VERSION = '~> 1.3.0.beta'
DO_VERSION = '~> 0.10.6'
-RAILS_VERSION = '~> 3.1.0'
DM_DO_ADAPTERS = %w[ sqlite postgres mysql oracle sqlserver ]
CURRENT_BRANCH = ENV.fetch('GIT_BRANCH', 'master')
# DataMapper dependencies
gem 'dm-core', DM_VERSION, SOURCE => "#{DATAMAPPER}/dm-core#{REPO_POSTFIX}", :branch => CURRENT_BRANCH
gem 'dm-active_model', DM_VERSION, SOURCE => "#{DATAMAPPER}/dm-active_model#{REPO_POSTFIX}", :branch => CURRENT_BRANCH
-# Rails dependencies
-gem 'actionpack', RAILS_VERSION, :require => 'action_pack'
-gem 'railties', RAILS_VERSION, :require => 'rails'
-
platforms :mri_18 do
group :quality do
View
@@ -17,7 +17,9 @@ Gem::Specification.new do |gem|
gem.version = DataMapper::Rails::VERSION
gem.add_runtime_dependency('dm-active_model', '~> 1.3.0.beta')
+ gem.add_runtime_dependency('actionpack', '~> 3.0')
+ gem.add_runtime_dependency('railties', '~> 3.0')
gem.add_development_dependency('rake', '~> 0.9.2')
gem.add_development_dependency('rspec', '~> 1.3.2')
-end
+end
@@ -8,17 +8,17 @@ module MassAssignmentSecurity
# Provides a patched version of the Sanitizer used in Rails to handle property
# and relationship objects as keys. There is no way to inject a custom sanitizer
# without reimplementing the permission sets.
- module Sanitizer
+ Sanitizer.send(Sanitizer.is_a?(Module) ? :module_eval : :class_eval) do
@postmodern

postmodern Aug 10, 2012

Member

Wouldn't just module_eval work here?

# Returns all attributes not denied by the authorizer.
#
# @param [Hash{Symbol,String,::DataMapper::Property,::DataMapper::Relationship=>Object}] attributes
# Names and values of attributes to sanitize.
# @return [Hash]
# Sanitized hash of attributes.
- def sanitize(attributes)
+ def sanitize(attributes, authorizer = nil)
sanitized_attributes = attributes.reject do |key, value|
key_name = key.name rescue key
- deny?(key_name)
+ authorizer ? authorizer.deny?(key_name) : deny?(key_name)
end
debug_protected_attribute_removal(attributes, sanitized_attributes)
sanitized_attributes

1 comment on commit 5f3fb01

1st8 commented on 5f3fb01 Feb 1, 2012

Is railties ~> 3.0 really correct?
I'm using railties ~> 3.2 in my project and therefore can't use dm-rails..

Maybe you meant railties >= 3.0 ?

Please sign in to comment.