Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Change AMo::ForbiddenAttributesProtection tests to use a subclass of …

…Hash instead of monkey patch permitted? method in regular hashes
  • Loading branch information...
commit 52aa5343f49abc2adc4c64d44d7a6bbe4de3373b 1 parent 0168c7a
@guilleiguaran guilleiguaran authored
Showing with 18 additions and 8 deletions.
  1. +18 −8 activemodel/test/cases/forbidden_attributes_protection_test.rb
View
26 activemodel/test/cases/forbidden_attributes_protection_test.rb
@@ -1,22 +1,32 @@
require 'cases/helper'
+require 'active_support/core_ext/hash/indifferent_access'
require 'models/account'
+class ProtectedParams < ActiveSupport::HashWithIndifferentAccess
+ attr_accessor :permitted
+ alias :permitted? :permitted
+
+ def initialize(attributes)
+ super(attributes)
+ @permitted = false
+ end
+
+ def permit!
+ @permitted = true
+ self
+ end
+end
+
class ActiveModelMassUpdateProtectionTest < ActiveSupport::TestCase
test "forbidden attributes cannot be used for mass updating" do
- params = { "a" => "b" }
- class << params
- define_method(:permitted?) { false }
- end
+ params = ProtectedParams.new({ "a" => "b" })
assert_raises(ActiveModel::ForbiddenAttributes) do
Account.new.sanitize_for_mass_assignment(params)
end
end
test "permitted attributes can be used for mass updating" do
- params = { "a" => "b" }
- class << params
- define_method(:permitted?) { true }
- end
+ params = ProtectedParams.new({ "a" => "b" }).permit!
assert_nothing_raised do
assert_equal({ "a" => "b" },
Account.new.sanitize_for_mass_assignment(params))
Please sign in to comment.
Something went wrong with that request. Please try again.