diff options
| author | Rafael França <rafaelmfranca@gmail.com> | 2016-02-24 10:10:45 -0300 |
|---|---|---|
| committer | Rafael França <rafaelmfranca@gmail.com> | 2016-02-24 10:10:45 -0300 |
| commit | 709a554d1b08231defd2d7b34760c706e692dd8c (patch) | |
| tree | 6722770ff795c9c1898495030392abe8b74cc636 | |
| parent | ba004484cd3456fc8cb6391e7927f3ddc8e32dad (diff) | |
| parent | 5f59c10471fee7bca43f65bb2bc776ed047715b6 (diff) | |
| download | rails-709a554d1b08231defd2d7b34760c706e692dd8c.tar.gz rails-709a554d1b08231defd2d7b34760c706e692dd8c.tar.bz2 rails-709a554d1b08231defd2d7b34760c706e692dd8c.zip | |
Merge pull request #23849 from prathamesh-sonpatki/fix-23822
Show permitted flag in the output of AC::Parameters#inspect
| -rw-r--r-- | actionpack/CHANGELOG.md | 24 | ||||
| -rw-r--r-- | actionpack/lib/action_controller/metal/strong_parameters.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/controller/parameters/accessors_test.rb | 16 | ||||
| -rw-r--r-- | railties/test/application/configuration_test.rb | 2 |
4 files changed, 35 insertions, 9 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 4425a90798..cc336c0a02 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,4 +1,20 @@ -* Update session to have indifferent access across multiple requests +* Show `permitted` flag in the output of ActionController::Parameters#inspect. + + Before: + >> a = ActionController::Parameters.new(foo: 'bar') + => <ActionController::Parameters {"foo"=>"bar"}> + + After: + >> a = ActionController::Parameters.new(foo: 'bar') + => <ActionController::Parameters {"foo"=>"bar"} permitted: false> + >> a.permit(:foo) + => <ActionController::Parameters {"foo"=>"bar"} permitted: true> + + Fixes #23822. + + *Prathamesh Sonpatki* + +* Update session to have indifferent access across multiple requests. session[:deep][:hash] = "Magic" @@ -46,13 +62,13 @@ end end ``` - + Passing `as: :json` to integration test request helpers will set the format, content type and encode the parameters as JSON. - + Then on the response side, `parsed_body` will parse the body according to the content type the response has. - + Currently JSON is the only supported MIME type. Add your own with `ActionDispatch::IntegrationTest.register_encoder`. diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index 25ec3cf5b6..a01110d474 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -579,7 +579,7 @@ module ActionController end def inspect - "<#{self.class} #{@parameters}>" + "<#{self.class} #{@parameters} permitted: #{@permitted}>" end def method_missing(method_sym, *args, &block) diff --git a/actionpack/test/controller/parameters/accessors_test.rb b/actionpack/test/controller/parameters/accessors_test.rb index 4ef5bed30d..cea265f9ab 100644 --- a/actionpack/test/controller/parameters/accessors_test.rb +++ b/actionpack/test/controller/parameters/accessors_test.rb @@ -4,6 +4,8 @@ require 'active_support/core_ext/hash/transform_values' class ParametersAccessorsTest < ActiveSupport::TestCase setup do + ActionController::Parameters.permit_all_parameters = false + @params = ActionController::Parameters.new( person: { age: '32', @@ -176,12 +178,20 @@ class ParametersAccessorsTest < ActiveSupport::TestCase assert(@params != false) end - test "inspect shows both class name and parameters" do + test "inspect shows both class name, parameters and permitted flag" do assert_equal( '<ActionController::Parameters {"person"=>{"age"=>"32", '\ - '"name"=>{"first"=>"David", "last"=>"Heinemeier Hansson"}, ' \ - '"addresses"=>[{"city"=>"Chicago", "state"=>"Illinois"}]}}>', + '"name"=>{"first"=>"David", "last"=>"Heinemeier Hansson"}, ' \ + '"addresses"=>[{"city"=>"Chicago", "state"=>"Illinois"}]}} permitted: false>', @params.inspect ) end + + test "inspect prints updated permitted flag in the output" do + assert_match(/permitted: false/, @params.inspect) + + @params.permit! + + assert_match(/permitted: true/, @params.inspect) + end end diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index 1c7d1e1f5f..d03dd1afcc 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -999,7 +999,7 @@ module ApplicationTests app 'development' post "/posts.json", '{ "title": "foo", "name": "bar" }', "CONTENT_TYPE" => "application/json" - assert_equal '<ActionController::Parameters {"title"=>"foo"}>', last_response.body + assert_equal '<ActionController::Parameters {"title"=>"foo"} permitted: false>', last_response.body end test "config.action_controller.permit_all_parameters = true" do |