Sha256: 68ee09acc20df0151c8453ae00eb91245fdf7833e7e12108218b1f73b0902da6

Contents?: true

Size: 1.31 KB

Versions: 25

Compression:

Stored size: 1.31 KB

Contents

require 'spec_helper'

describe "Mass assignment protection" do
  before(:all) do
    class ProtectedParams < ActiveSupport::HashWithIndifferentAccess
      attr_accessor :permitted
      alias :permitted? :permitted

      def initialize(attributes)
        super(attributes)
        @permitted = false
      end

      def permit!
        @permitted = true
        self
      end

      def dup
        super.tap do |duplicate|
          duplicate.instance_variable_set :@permitted, @permitted
        end
      end
    end

    class Person < ActiveFedora::Base
      property :first_name, predicate: ::RDF::FOAF.firstName, multiple: false
      property :gender, predicate: ::RDF::FOAF.gender, multiple: false
    end
  end

  after(:all) do
    Object.send(:remove_const, :ProtectedParams)
    Object.send(:remove_const, :Person)
  end


  context "forbidden attributes" do
    let(:params) { ProtectedParams.new(first_name: 'Guille', gender: 'm') }
    it "cannot be used for mass assignment" do
      expect { Person.new(params) }.to raise_error ActiveModel::ForbiddenAttributesError
    end
  end

  context "permitted attributes" do
    let(:params) { ProtectedParams.new(first_name: 'Guille', gender: 'm').permit! }
    it "can be used for mass assignment" do
      expect { Person.new(params) }.not_to raise_error
    end
  end

end

Version data entries

25 entries across 25 versions & 1 rubygems

Version Path
active-fedora-9.0.8 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.5.0 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.4.3 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.4.2 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.4.1 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.4.0 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.3.0 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.2.1 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.2.0 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.2.0.rc2 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.2.0.rc1 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.1.2 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.1.1 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.1.0 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.1.0.rc1 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.0.6 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.0.5 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.0.4 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.0.3 spec/unit/forbidden_attributes_protection_spec.rb
active-fedora-9.0.2 spec/unit/forbidden_attributes_protection_spec.rb