Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Deprecated should_protect_attributes in favor of should_not_allow_mas…

…s_assignment_of
  • Loading branch information...
commit f937c08144229a8f677aa26d3623e38622a30cb4 1 parent f12d1ab
Joe Ferris authored January 29, 2009
13  lib/shoulda/active_record/macros.rb
@@ -9,7 +9,7 @@ module ActiveRecord # :nodoc:
9 9
     #     should_not_allow_values_for :phone_number, "abcd", "1234"
10 10
     #     should_allow_values_for :phone_number, "(123) 456-7890"
11 11
     #
12  
-    #     should_protect_attributes :password
  12
+    #     should_not_allow_mass_assignment_of :password
13 13
     #
14 14
     #     should_have_one :profile
15 15
     #     should_have_many :dogs
@@ -107,9 +107,9 @@ def should_require_unique_attributes(*attributes)
107 107
 
108 108
       # Ensures that the attribute cannot be set on mass update.
109 109
       #
110  
-      #   should_protect_attributes :password, :admin_flag
  110
+      #   should_not_allow_mass_assignment_of :password, :admin_flag
111 111
       #
112  
-      def should_protect_attributes(*attributes)
  112
+      def should_not_allow_mass_assignment_of(*attributes)
113 113
         get_options!(attributes)
114 114
         klass = model_class
115 115
 
@@ -121,6 +121,13 @@ def should_protect_attributes(*attributes)
121 121
         end
122 122
       end
123 123
 
  124
+      # Deprecated. See should_not_allow_mass_assignment_of
  125
+      def should_protect_attributes(*attributes)
  126
+        warn "[DEPRECATION] should_protect_attributes is deprecated. " <<
  127
+             "Use should_not_allow_mass_assignment_of instead."
  128
+        should_not_allow_mass_assignment_of(*attributes)
  129
+      end
  130
+
124 131
       # Ensures that the attribute cannot be changed once the record has been created.
125 132
       #
126 133
       #   should_have_readonly_attributes :password, :admin_flag
2  test/fail_macros.rb
@@ -9,7 +9,7 @@ module ClassMethods
9 9
     #
10 10
     #   should_fail do
11 11
     #     should_validate_presence_of :comments
12  
-    #     should_protect_attributes :name
  12
+    #     should_not_allow_mass_assignment_of :name
13 13
     #   end
14 14
     def should_fail(&block)
15 15
       context "should fail when trying to run:" do
2  test/unit/tag_test.rb
@@ -9,6 +9,6 @@ class TagTest < Test::Unit::TestCase
9 9
   should_protect_attributes :secret
10 10
 
11 11
   should_fail do
12  
-    should_protect_attributes :name
  12
+    should_not_allow_mass_assignment_of :name
13 13
   end
14 14
 end
4  test/unit/user_test.rb
@@ -39,7 +39,7 @@ class UserTest < Test::Unit::TestCase
39 39
   should_allow_values_for :email, "a@b.com", "asdf@asdf.com"
40 40
   should_ensure_length_in_range :email, 1..100
41 41
   should_ensure_value_in_range :age, 1..100
42  
-  should_protect_attributes :password
  42
+  should_not_allow_mass_assignment_of :password
43 43
   should_have_class_methods :find, :destroy
44 44
   should_have_instance_methods :email, :age, :email=, :valid?
45 45
   should_have_db_columns :name, :email, :age
@@ -56,6 +56,6 @@ class UserTest < Test::Unit::TestCase
56 56
   should_have_readonly_attributes :name
57 57
 
58 58
   should_fail do
59  
-    should_protect_attributes :name, :age
  59
+    should_not_allow_mass_assignment_of :name, :age
60 60
   end
61 61
 end

4 notes on commit f937c08

Amos King

Isn’t this going backwards form the recent deprecations. All the others have been moving to look more like what would be typed in the model, but this one is moving away form that. What is the reason?

Cristi Balan

My random opinion is that should_attr_accesible and should_attr_protected sound kinda crappy.

Also, it seems that you have to list all your columns because there’s no difference in how attr_accessible and attr_protected are tested. I’d like these a bit more:

  • should_white_list_mass_assignement_to :blah
  • should_black_list_mass_assignement_to :blah
Amos King

I wasn’t thinking should_attr_accesible. I was really thinking that the old name was better.

Ryan McGeary
Collaborator

The new name conveys what is actually happening. The old name of should_protect_attributes never conveyed this, and for that matter, neither does attr_protected or attr_accessible.

This was also done to more easily name the new should_allow_mass_assignment_of macro that was committed here

For more info, see Ticket #106 in LH.

Please sign in to comment.
Something went wrong with that request. Please try again.