diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-06-27 18:11:31 -0300 |
---|---|---|
committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-06-27 18:16:52 -0300 |
commit | ebdedaec32957d5dd81b15e0cf1b60d3f5ccbcb1 (patch) | |
tree | f247087c0de5d26adaefb5e109118d658735fc3e /actionpack/test/controller/parameters/always_permitted_parameters_test.rb | |
parent | 67d7dfd082ba395bca5d937d039f50965dfc03ab (diff) | |
parent | 58399e1dc3e40b0f6cf8f5da31d694267afdf328 (diff) | |
download | rails-ebdedaec32957d5dd81b15e0cf1b60d3f5ccbcb1.tar.gz rails-ebdedaec32957d5dd81b15e0cf1b60d3f5ccbcb1.tar.bz2 rails-ebdedaec32957d5dd81b15e0cf1b60d3f5ccbcb1.zip |
Merge pull request #15933 from rafael/master
Add always permitted parameters as a configurable option.
[Rafael Mendonça França + Gary S. Weaver]
Diffstat (limited to 'actionpack/test/controller/parameters/always_permitted_parameters_test.rb')
-rw-r--r-- | actionpack/test/controller/parameters/always_permitted_parameters_test.rb | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/actionpack/test/controller/parameters/always_permitted_parameters_test.rb b/actionpack/test/controller/parameters/always_permitted_parameters_test.rb new file mode 100644 index 0000000000..059f310d49 --- /dev/null +++ b/actionpack/test/controller/parameters/always_permitted_parameters_test.rb @@ -0,0 +1,29 @@ +require 'abstract_unit' +require 'action_controller/metal/strong_parameters' + +class AlwaysPermittedParametersTest < ActiveSupport::TestCase + def setup + ActionController::Parameters.action_on_unpermitted_parameters = :raise + ActionController::Parameters.always_permitted_parameters = %w( controller action format ) + end + + def teardown + ActionController::Parameters.action_on_unpermitted_parameters = false + ActionController::Parameters.always_permitted_parameters = %w( controller action ) + end + + test "shows deprecations warning on NEVER_UNPERMITTED_PARAMS" do + assert_deprecated do + ActionController::Parameters::NEVER_UNPERMITTED_PARAMS + end + end + + test "permits parameters that are whitelisted" do + params = ActionController::Parameters.new({ + book: { pages: 65 }, + format: "json" + }) + permitted = params.permit book: [:pages] + assert permitted.permitted? + end +end |