diff options
| author | Rafael Chacón <rafaelchacon@gmail.com> | 2014-06-27 13:08:40 -0700 |
|---|---|---|
| committer | Rafael Chacón <rafaelchacon@gmail.com> | 2014-06-27 13:08:40 -0700 |
| commit | 58399e1dc3e40b0f6cf8f5da31d694267afdf328 (patch) | |
| tree | a532ecae661ba53d9fc202f84f1d085f2fc3beca /actionpack | |
| parent | c197a7dc418cd4fe07131a41a44c8ddb66258801 (diff) | |
| download | rails-58399e1dc3e40b0f6cf8f5da31d694267afdf328.tar.gz rails-58399e1dc3e40b0f6cf8f5da31d694267afdf328.tar.bz2 rails-58399e1dc3e40b0f6cf8f5da31d694267afdf328.zip | |
Improvements per code review.
* General style fixes.
* Add changes to configuration guide.
* Add missing tests.
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_controller/metal/strong_parameters.rb | 7 | ||||
| -rw-r--r-- | actionpack/test/controller/parameters/always_permitted_parameters_test.rb | 29 |
2 files changed, 32 insertions, 4 deletions
diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index 71dca877b6..45d819c29a 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -105,11 +105,10 @@ module ActionController # params are present. The default includes both 'controller' and 'action' # because they are added by Rails and should be of no concern. One way # to change these is to specify `always_permitted_parameters` in your - # config, e.g. - # `config.always_permitted_parameters = %w( controller action format )` - + # config. For instance: + # + # config.always_permitted_parameters = %w( controller action format ) cattr_accessor :always_permitted_parameters - self.always_permitted_parameters = %w( controller action ) def self.const_missing(const_name) diff --git a/actionpack/test/controller/parameters/always_permitted_parameters_test.rb b/actionpack/test/controller/parameters/always_permitted_parameters_test.rb new file mode 100644 index 0000000000..059f310d49 --- /dev/null +++ b/actionpack/test/controller/parameters/always_permitted_parameters_test.rb @@ -0,0 +1,29 @@ +require 'abstract_unit' +require 'action_controller/metal/strong_parameters' + +class AlwaysPermittedParametersTest < ActiveSupport::TestCase + def setup + ActionController::Parameters.action_on_unpermitted_parameters = :raise + ActionController::Parameters.always_permitted_parameters = %w( controller action format ) + end + + def teardown + ActionController::Parameters.action_on_unpermitted_parameters = false + ActionController::Parameters.always_permitted_parameters = %w( controller action ) + end + + test "shows deprecations warning on NEVER_UNPERMITTED_PARAMS" do + assert_deprecated do + ActionController::Parameters::NEVER_UNPERMITTED_PARAMS + end + end + + test "permits parameters that are whitelisted" do + params = ActionController::Parameters.new({ + book: { pages: 65 }, + format: "json" + }) + permitted = params.permit book: [:pages] + assert permitted.permitted? + end +end |