Browse files

Merge pull request #235 from aderyabin/without_protection_feature

added without_protection feature
  • Loading branch information...
2 parents e9bda94 + ea062a8 commit cf88956a36f55f78101a3985c764fd450acb139c @joelmoss joelmoss committed Aug 27, 2012
Showing with 41 additions and 7 deletions.
  1. +17 −4 lib/inherited_resources/base_helpers.rb
  2. +5 −1 lib/inherited_resources/class_methods.rb
  3. +19 −2 test/base_test.rb
View
21 lib/inherited_resources/base_helpers.rb
@@ -306,18 +306,31 @@ def resource_params
# extract attributes from params
def build_resource_params
rparams = [params[resource_request_name] || params[resource_instance_name] || {}]
- rparams << as_role if role_given?
+ if without_protection_given?
+ rparams << without_protection
+ else
+ rparams << as_role if role_given?
+ end
+
rparams
end
-
+
# checking if role given
def role_given?
self.resources_configuration[:self][:role].present?
end
-
+
# getting role for mass-asignment
def as_role
- { :as => self.resources_configuration[:self][:role] }
+ { :as => self.resources_configuration[:self][:role] }
+ end
+
+ def without_protection_given?
+ self.resources_configuration[:self][:without_protection].present?
+ end
+
+ def without_protection
+ { :without_protection => self.resources_configuration[:self][:without_protection] }
end
end
end
View
6 lib/inherited_resources/class_methods.rb
@@ -260,7 +260,11 @@ def custom_actions(options)
# Makes sense when using rails 3.1 mass assignment conventions
def with_role(role)
self.resources_configuration[:self][:role] = role.try(:to_sym)
- end
+ end
+
+ def without_protection(flag)
+ self.resources_configuration[:self][:without_protection] = flag
+ end
private
View
21 test/base_test.rb
@@ -178,7 +178,7 @@ def test_expose_a_newly_create_user_when_saved_with_success
post :create, :user => {:these => 'params'}
assert_equal mock_user, assigns(:user)
end
-
+
def test_expose_a_newly_create_user_when_saved_with_success_and_role_setted
@controller.class.send(:with_role, :admin)
User.expects(:new).with({'these' => 'params'}, {:as => :admin}).returns(mock_user(:save => true))
@@ -187,6 +187,14 @@ def test_expose_a_newly_create_user_when_saved_with_success_and_role_setted
@controller.class.send(:with_role, nil)
end
+ def test_expose_a_newly_create_user_when_saved_with_success_and_without_protection_setted
+ @controller.class.send(:without_protection, true)
+ User.expects(:new).with({'these' => 'params'}, {:without_protection => true}).returns(mock_user(:save => true))
+ post :create, :user => {:these => 'params'}
+ assert_equal mock_user, assigns(:user)
+ @controller.class.send(:without_protection, nil)
+ end
+
def test_redirect_to_the_created_user
User.stubs(:new).returns(mock_user(:save => true))
@controller.expects(:resource_url).returns('http://test.host/')
@@ -229,7 +237,7 @@ def test_update_the_requested_object
put :update, :id => '42', :user => {:these => 'params'}
assert_equal mock_user, assigns(:user)
end
-
+
def test_update_the_requested_object_when_setted_role
@controller.class.send(:with_role, :admin)
User.expects(:find).with('42').returns(mock_user)
@@ -239,6 +247,15 @@ def test_update_the_requested_object_when_setted_role
@controller.class.send(:with_role, nil)
end
+ def test_update_the_requested_object_when_setted_without_protection
+ @controller.class.send(:without_protection, true)
+ User.expects(:find).with('42').returns(mock_user)
+ mock_user.expects(:update_attributes).with({'these' => 'params'}, {:without_protection => true}).returns(true)
+ put :update, :id => '42', :user => {:these => 'params'}
+ assert_equal mock_user, assigns(:user)
+ @controller.class.send(:without_protection, nil)
+ end
+
def test_redirect_to_the_updated_user
User.stubs(:find).returns(mock_user(:update_attributes => true))
@controller.expects(:resource_url).returns('http://test.host/')

0 comments on commit cf88956

Please sign in to comment.