diff options
| author | José Valim <jose.valim@gmail.com> | 2012-05-04 12:44:34 -0700 |
|---|---|---|
| committer | José Valim <jose.valim@gmail.com> | 2012-05-04 21:45:32 +0200 |
| commit | 7a093606f662cda2de597d81dde974ecbe375701 (patch) | |
| tree | e23fbeed2662c8793c26090ac660793e926878eb /actionpack | |
| parent | 2919fd8980dd753a72c4121c77768470e4aafd6b (diff) | |
| download | rails-7a093606f662cda2de597d81dde974ecbe375701.tar.gz rails-7a093606f662cda2de597d81dde974ecbe375701.tar.bz2 rails-7a093606f662cda2de597d81dde974ecbe375701.zip | |
Merge pull request #4445 from nragaz/role_based_params_wrapping
specify a role for identifying accessible attributes when wrapping params
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_controller/metal/params_wrapper.rb | 5 | ||||
| -rw-r--r-- | actionpack/test/controller/params_wrapper_test.rb | 17 |
2 files changed, 18 insertions, 4 deletions
diff --git a/actionpack/lib/action_controller/metal/params_wrapper.rb b/actionpack/lib/action_controller/metal/params_wrapper.rb index 7e2316d01c..fc8a8c9dcd 100644 --- a/actionpack/lib/action_controller/metal/params_wrapper.rb +++ b/actionpack/lib/action_controller/metal/params_wrapper.rb @@ -166,8 +166,9 @@ module ActionController unless options[:include] || options[:exclude] model ||= _default_wrap_model - if model.respond_to?(:accessible_attributes) && model.accessible_attributes.present? - options[:include] = model.accessible_attributes.to_a + role = options.has_key?(:as) ? options[:as] : :default + if model.respond_to?(:accessible_attributes) && model.accessible_attributes(role).present? + options[:include] = model.accessible_attributes(role).to_a elsif model.respond_to?(:attribute_names) && model.attribute_names.present? options[:include] = model.attribute_names end diff --git a/actionpack/test/controller/params_wrapper_test.rb b/actionpack/test/controller/params_wrapper_test.rb index c4d2614200..fa1608b9df 100644 --- a/actionpack/test/controller/params_wrapper_test.rb +++ b/actionpack/test/controller/params_wrapper_test.rb @@ -174,7 +174,7 @@ class ParamsWrapperTest < ActionController::TestCase def test_accessible_wrapped_keys_from_matching_model User.expects(:respond_to?).with(:accessible_attributes).returns(true) - User.expects(:accessible_attributes).twice.returns(["username"]) + User.expects(:accessible_attributes).with(:default).twice.returns(["username"]) with_default_wrapper_options do @request.env['CONTENT_TYPE'] = 'application/json' @@ -186,7 +186,7 @@ class ParamsWrapperTest < ActionController::TestCase def test_accessible_wrapped_keys_from_specified_model with_default_wrapper_options do Person.expects(:respond_to?).with(:accessible_attributes).returns(true) - Person.expects(:accessible_attributes).twice.returns(["username"]) + Person.expects(:accessible_attributes).with(:default).twice.returns(["username"]) UsersController.wrap_parameters Person @@ -195,6 +195,19 @@ class ParamsWrapperTest < ActionController::TestCase assert_parameters({ 'username' => 'sikachu', 'title' => 'Developer', 'person' => { 'username' => 'sikachu' }}) end end + + def test_accessible_wrapped_keys_with_role_from_specified_model + with_default_wrapper_options do + Person.expects(:respond_to?).with(:accessible_attributes).returns(true) + Person.expects(:accessible_attributes).with(:admin).twice.returns(["username"]) + + UsersController.wrap_parameters Person, :as => :admin + + @request.env['CONTENT_TYPE'] = 'application/json' + post :parse, { 'username' => 'sikachu', 'title' => 'Developer' } + assert_parameters({ 'username' => 'sikachu', 'title' => 'Developer', 'person' => { 'username' => 'sikachu' }}) + end + end def test_not_wrapping_abstract_model User.expects(:respond_to?).with(:accessible_attributes).returns(false) |