Skip to content
This repository was archived by the owner on Aug 17, 2017. It is now read-only.

add ability to globally disable/enable strong parameters #55

Closed
garysweaver wants to merge 2 commits into from
Closed

add ability to globally disable/enable strong parameters #55

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6ec161b
add ability to globally disable/enable strong parameters
garysweaver Oct 25, 2012
b39b34f
parameters initialization should still set @permitted = false, even w…
garysweaver Oct 25, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions lib/action_controller/parameters.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
require 'active_support/concern'
require 'active_support/core_ext/hash/indifferent_access'
require 'action_controller'
require 'strong_parameters/config'

module ActionController
class ParameterMissing < IndexError
Expand Down Expand Up @@ -32,7 +33,7 @@ def permit!
end

def require(key)
self[key].presence || raise(ActionController::ParameterMissing.new(key))
!::StrongParameters.enabled? || self[key].presence || raise(ActionController::ParameterMissing.new(key))
end

alias :required :require
Expand Down Expand Up @@ -73,7 +74,7 @@ def [](key)
def fetch(key, *args)
convert_hashes_to_parameters(key, super)
rescue KeyError
raise ActionController::ParameterMissing.new(key)
raise ActionController::ParameterMissing.new(key) if ::StrongParameters.enabled?
end

def slice(*keys)
Expand Down
4 changes: 3 additions & 1 deletion lib/active_model/forbidden_attributes_protection.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
require 'strong_parameters/config'

module ActiveModel
class ForbiddenAttributes < StandardError
end

module ForbiddenAttributesProtection
def sanitize_for_mass_assignment(new_attributes, options = {})
if !new_attributes.respond_to?(:permitted?) || new_attributes.permitted?
if ::StrongParameters.enabled? && (!new_attributes.respond_to?(:permitted?) || new_attributes.permitted?)
super
else
raise ActiveModel::ForbiddenAttributes
Expand Down
1 change: 1 addition & 0 deletions lib/strong_parameters.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
require 'action_controller/parameters'
require 'active_model/forbidden_attributes_protection'
require 'strong_parameters/railtie'
require 'strong_parameters/config'
8 changes: 8 additions & 0 deletions lib/strong_parameters/config.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
module StrongParameters
class << self
attr_accessor :enabled
def enabled?;!!enabled;end
end
end

StrongParameters.enabled = true
17 changes: 17 additions & 0 deletions test/disabling_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
require 'test_helper'
require 'action_controller/parameters'

class DisablingTest < ActiveSupport::TestCase
test "should be able to disable and re-enable strong_parameters" do
# assume is enabled by default
assert_raises(ActionController::ParameterMissing) do
ActionController::Parameters.new(person: {}).require(:person)
end
StrongParameters.enabled = false
ActionController::Parameters.new(person: {}).require(:person)
StrongParameters.enabled = true
assert_raises(ActionController::ParameterMissing) do
ActionController::Parameters.new(person: {}).require(:person)
end
end
end