Permalink
Browse files

updated README, added tests

  • Loading branch information...
zenhob committed Mar 7, 2012
1 parent c387ae0 commit 50364264293f6e2af1d7dd9329c4e246935dd659
Showing with 54 additions and 27 deletions.
  1. +31 −27 README.markdown
  2. +13 −0 test/accessible_for_test.rb
  3. +10 −0 test/mass_assignment_test.rb
View
@@ -17,21 +17,20 @@ called accessible_for. They provide identical functionality.
# Usage
-## ActiveModel-workalike API
-
- require 'mass_assignment_backport'
+This is primarily intended for use in controller code. It should be possible
+to use this with an ActiveRecord model as well, provided you use the
+accessible_for API (to avoid name conflicts).
- class TacoShop < Controller
- include MassAssignmentBackport
+## accessible_for API
- # when no role is specified, :default is used
- attr_accessible :rating
+ require 'accessible_for'
- # you can specify multiple roles
- attr_accessible :filling, :topping, :as => [:default, :manager]
+ class TacoShop < Controller
+ include AccessibleFor
- # and add to existing roles
- attr_accessible :price, :as => :manager
+ # there are no implicit roles and you can declare only one group at a time
+ accessible_for :default => [ :filling, :topping, :rating ]
+ accessible_for :manager => [ :filling, :topping, :price ]
def update
Taco.find(params[:id]).update_attributes!(taco_params)
@@ -40,22 +39,31 @@ called accessible_for. They provide identical functionality.
protected
def taco_params
- # use sanitize_for_mass_assignment to build a safe hash given a role.
- # when nothing/nil is passed for the role, :default is used
- sanitize_for_mass_assignment params[:taco], current_user.manager? ? :manager : nil
+ # use sanitize_for(role, params) to build a safe hash
+ # again, there is no implicit role
+ if current_user.manager?
+ sanitize_for :manager, params[:taco]
+ else
+ sanitize_for :default, params[:taco]
+ end
end
end
-## accessible_for API
+## ActiveModel-workalike API
- require 'accessible_for'
+ require 'mass_assignment_backport'
class TacoShop < Controller
- include AccessibleFor
+ include MassAssignmentBackport
- # there are no implicit roles and you can declare only one group at a time
- accessible_for :default => [ :filling, :topping, :rating ]
- accessible_for :manager => [ :filling, :topping, :price ]
+ # when no role is specified, :default is used
+ attr_accessible :rating
+
+ # you can specify multiple roles
+ attr_accessible :filling, :topping, :as => [:default, :manager]
+
+ # and add to existing roles
+ attr_accessible :price, :as => :manager
def update
Taco.find(params[:id]).update_attributes!(taco_params)
@@ -64,13 +72,9 @@ called accessible_for. They provide identical functionality.
protected
def taco_params
- # use sanitize_for(role, params) to build a safe hash
- # again, there is no implicit role
- if current_user.manager?
- sanitize_for :manager, params[:taco]
- else
- sanitize_for :default, params[:taco]
- end
+ # use sanitize_for_mass_assignment to build a safe hash given a role.
+ # when nothing/nil is passed for the role, :default is used
+ sanitize_for_mass_assignment params[:taco], current_user.manager? ? :manager : nil
end
end
@@ -5,6 +5,19 @@ class AccessibleForTest < MiniTest::Unit::TestCase
accessible_for :default => :topping
accessible_for :manager => [:price, :topping]
+ def test_nil_params
+ assert_nil sanitize_for(:default, nil)
+ end
+
+ def test_block_form
+ result = {}
+ sanitize_for(:default, :topping => 'salsa', :price => 123, :extra => 'foo') do |k,v|
+ result[k] = v
+ end
+ assert result.has_key?(:topping), "block gets accessible key"
+ assert !result.has_key?(:price), "block does not get inaccessible key"
+ end
+
def test_accessible_default
default = sanitize_for :default, :topping => 'salsa', :price => 123, :extra => 'foo'
assert default.has_key?(:topping), "default gets accessible key"
@@ -8,6 +8,16 @@ class MassAssignmentTest < MiniTest::Unit::TestCase
def test_nil_params
assert_nil sanitize_for_mass_assignment(nil)
end
+
+ def test_block_form
+ result = {}
+ sanitize_for_mass_assignment(:topping => 'salsa', :price => 123, :extra => 'foo') do |k,v|
+ result[k] = v
+ end
+ assert result.has_key?(:topping), "block gets accessible key"
+ assert !result.has_key?(:price), "block does not get inaccessible key"
+ end
+
def test_accessible_default
default = sanitize_for_mass_assignment :topping => 'salsa', :price => 123, :extra => 'foo'
assert default.has_key?(:topping), "default gets accessible key"

0 comments on commit 5036426

Please sign in to comment.