diff options
| author | José Valim <jose.valim@plataformatec.com.br> | 2012-02-15 05:21:20 -0800 |
|---|---|---|
| committer | José Valim <jose.valim@plataformatec.com.br> | 2012-02-15 05:21:20 -0800 |
| commit | 1c22c6f0d4ff0e0ee38135801b55be8b05b21845 (patch) | |
| tree | c19d64490782c36770979f59129baaf19ff08447 /activemodel/test | |
| parent | 2f9e47713051e211a1866bb8e7af3151e70a9ba0 (diff) | |
| parent | d204918f9190afcf5f3f53adb957ca15aa644704 (diff) | |
| download | rails-1c22c6f0d4ff0e0ee38135801b55be8b05b21845.tar.gz rails-1c22c6f0d4ff0e0ee38135801b55be8b05b21845.tar.bz2 rails-1c22c6f0d4ff0e0ee38135801b55be8b05b21845.zip | |
Merge pull request #5049 from fabioyamate/master
Fix sanitize_for_mass_assigment when role is nil
Diffstat (limited to 'activemodel/test')
| -rw-r--r-- | activemodel/test/cases/mass_assignment_security_test.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/activemodel/test/cases/mass_assignment_security_test.rb b/activemodel/test/cases/mass_assignment_security_test.rb index be07e59a2f..a197dbe748 100644 --- a/activemodel/test/cases/mass_assignment_security_test.rb +++ b/activemodel/test/cases/mass_assignment_security_test.rb @@ -19,6 +19,13 @@ class MassAssignmentSecurityTest < ActiveModel::TestCase assert_equal expected, sanitized end + def test_attribute_protection_when_role_is_nil + user = User.new + expected = { "name" => "John Smith", "email" => "john@smith.com" } + sanitized = user.sanitize_for_mass_assignment(expected.merge("admin" => true), nil) + assert_equal expected, sanitized + end + def test_only_moderator_role_attribute_accessible user = SpecialUser.new expected = { "name" => "John Smith", "email" => "john@smith.com" } |