Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

disabling attr_protected

  • Loading branch information...
commit e9c0c6f2a9e2aaf0d357bcab47c9ae23e59cdc60 1 parent 525c3f2
@ryanb authored
View
1  lib/trusted_params.rb
@@ -1,2 +1,3 @@
$:.unshift(File.dirname(__FILE__))
require 'trusted_params/hash_additions'
+require 'trusted_params/active_record_additions'
View
18 lib/trusted_params/active_record_additions.rb
@@ -0,0 +1,18 @@
+module TrustedParams
+ module ActiveRecordAdditions
+ def self.included(base)
+ base.extend(ClassMethods)
+ end
+
+ module ClassMethods
+ def attr_protected(*args)
+ raise "attr_protected has been disabled by trusted-params plugin, use attr_accessible"
+ end
+ end
+ end
+end
+
+# TODO for some reason this doesn't work for overriding methods
+# ActiveRecord::Base.class_eval do
+# include TrustedParams::ActiveRecordAdditions
+# end
View
41 spec/spec_helper.rb
@@ -7,3 +7,44 @@
Spec::Runner.configure do |config|
config.mock_with :rr
end
+
+class MockedModel < ActiveRecord::Base
+
+ include TrustedParams::ActiveRecordAdditions
+
+ class_inheritable_hash :paginate_options
+
+ def self.paginate(options)
+ self.paginate_options = options
+ end
+
+ def self.add_column(name, column_type = :string)
+ returning ActiveRecord::ConnectionAdapters::Column.new(name, nil) do |column|
+ def column.type
+ column_type
+ end
+ @columns ||= []
+ @columns << column
+ end
+ end
+
+ def self.reset_columns
+ @columns = []
+ end
+
+ def self.columns
+ @columns || []
+ end
+
+ def self.columns_hash
+ columns.index_by{|c| c.name.to_s}
+ end
+
+ def self.inspect
+ "Model Mock"
+ end
+
+ def self.table_name
+ 'mocked_models'
+ end
+end
View
12 spec/trusted_params/active_record_additions_spec.rb
@@ -0,0 +1,12 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe MockedModel do
+ before(:each) do
+ MockedModel.reset_columns
+ MockedModel.add_column(:name)
+ end
+
+ it "should not allow one to set attr_protected" do
+ lambda { MockedModel.attr_protected(:foo) }.should raise_error
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.