| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Follow up of #32605.
|
|\
| |
| |
| | |
Fixes StrongParameters `permit!` to work with nested arrays
|
| |
| |
| |
| |
| | |
`permit!` is intended to mark all instances of `ActionController::Parameters` as permitted, however nested arrays of params were not being marked permitted because the method did shallow iteration.
This fixes that by flattening the array before calling `permit!` on all each item.
|
|/
|
|
|
| |
This autocorrects the violations after adding a custom cop in
3305c78dcd.
|
|
|
|
|
|
| |
73e7aab behaved as expected on codeship, failing the build with
exactly these RuboCop violations. Hopefully `rubocop -a` will
have been enough to get a passing build!
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`BigDecimal.new` has been deprecated in BigDecimal 1.3.3
which will be a default for Ruby 2.5.
Refer
https://github.com/ruby/bigdecimal/commit/533737338db915b00dc7168c3602e4b462b23503
* This commit has been made as follows:
```
cd rails
git grep -l BigDecimal.new | grep -v guides/source/5_0_release_notes.md | grep -v activesupport/test/xml_mini_test.rb | xargs sed -i -e "s/BigDecimal.new/BigDecimal/g"
```
- `activesupport/test/xml_mini_test.rb`
Editmanually to remove `.new` and `::`
- guides/source/5_0_release_notes.md
This is a Rails 5.0 release notes.
|
| |
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Now methods that implicit convert objects to a hash will be able to work
without requiring the users to change their implementation.
This method will return a Hash instead of a HashWithIndefirentAccess
to mimic the same implementation of HashWithIndefirentAccess#to_hash.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before we returned either an empty hash or only the always permitted
parameters (:controller and :action by default).
The previous behavior was dangerous because in order to get the
attributes users usually fallback to use to_unsafe_h that could
potentially introduce security issues.
The to_unsafe_h API is also not good since Parameters is a object that
quacks like a Hash but not in all cases since to_h would return an empty
hash and users were forced to check if to_unsafe_h is defined or if the
instance is a ActionController::Parameters in order to work with it.
This end up coupling a lot of libraries and parts of the application
with something that is from the controller layer.
|
| |
|
|
|
|
|
|
| |
In the context of controller parameters, reverse_merge is commonly used
to provide defaults for user input. Having an alias to reverse_merge
called with_defaults feels more idiomatic for Rails.
|
| |
|
|
|
|
|
| |
- This PR adds the `reverse_merge` and `reverse_merge!` method to `ActionController::Parameters`
- Fixes #28353
|
|
|
|
|
|
| |
These are followups for 307065f959f2b34bdad16487bae906eb3bfeaf28,
but TBH I'm personally not very much confortable with this style.
Maybe we could override assert_equal in our test_helper not to warn?
|
|
|
|
| |
[26dd9b26ab7317f94fd285245879e888344143b2] as it broke Parameters#to_h on at least fields_for-style nested params.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current implementation of AC::Parameters#permit builds permitted hashes and
then calls permit! on them.
This filtering is recursive, so we call permit! on terminal branches, but then
ascendants call permit! on themselves when the recursion goes up the stack,
which recurses all the way down again because permit! is recursive itself.
Repeat this for every parent node and you get some scary O-something going on
that I don't even want to compute.
Instead, since the whole point of the permit recursion is to build permitted
hashes along the way and at that point you know you've just come up with a
valid filtered version, you can already switch the toggle on the spot.
I have seen 2x speedups in casual benchmarks with small structures. As the
previous description shows, the difference in performance is going to be a
function of the nesting.
Note that that the involved methods are private and used only by permit.
|
| |
|
|\
| |
| | |
add `ActionController::Parameters#merge!`
|
| |
| |
| |
| |
| | |
This method has the same behavior as `Hash#merge!`, returns current
`ActionController::Parameters`.
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
| |
`ActionController::Parameters#merge` call `HashWithIndifferentAccess#merge`.
In addition, it calls `HashWithIndifferentAccess#update` from
`HashWithIndifferentAccess#merge`, where it is called the `#to_hash` of argument.
But `ActionController::Parameters#to_hash` is deprecated, warning message is
displayed.
To avoid this, modify to convert object to `Hash`.
Fixes #26415
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
| |
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
|
| |
- Tests for dup'ing params was separately added in a separate file in
https://github.com/rails/rails/pull/25735.
|
|
|
|
|
| |
In the docs: "+permit_all_parameters+ - If it's +true+, all the parameters will
be permitted by default. The default is +false+."
|
|
|
|
|
|
| |
This brings the behavior more inline with other similar cases, such as
receiving a hash when an array of scalars was expected. Prior to this
commit, the key would be present, but the value would be `nil`
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While iterating an AC::Parameters object, the object will mutate itself
and stick AC::Parameters objects where there used to be hashes:
https://github.com/rails/rails/blob/f57092ad728fa1de06c4f5fd9d09dcc2c4738fd9/actionpack/lib/action_controller/metal/strong_parameters.rb#L632
If you use `permit` after this iteration, the `fields_for_style` method
wouldn't return true because the child objects are now AC::Parameters
objects rather than Hashes.
fixes #23701
|
| |
|
|\
| |
| | |
Fix AC::Parameters#to_unsafe_h to return all unfiltered values
|
| |
| |
| |
| |
| |
| |
| | |
- AC::Parameters#convert_parameters_to_hashes should return filtered or
unfiltered values based on whether it is called from `to_h` or `to_unsafe_h`
instead of always defaulting to `to_h`.
- Fixes #22841
|
|/
|
|
| |
- Test should call `to_unsafe_h` instead of `to_h`
|
|
|
|
| |
Fixes #22818
|
|
|
|
|
|
|
|
| |
When calling `to_h` on an `ActionController::Parameters` instance it would
`deep_dup` its internal parameters.
This inadvertently called `dup` on a passed Active Record model which would
create new models. Fix by only dupping Ruby's Arrays and Hashes.
|
|
|
|
|
|
|
| |
This makes these two methods to be more inline with the previous
behavior of Parameters as Parameters used to be inherited from HWIA.
Fixes #21391
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This clears the transaction record state when the transaction finishes
with a `:committed` status.
Considering the following example where `name` is a required attribute.
Before we had `new_record?` returning `true` for a persisted record:
```ruby
author = Author.create! name: 'foo'
author.name = nil
author.save # => false
author.new_record? # => true
```
|
|
|
|
|
|
|
|
|
| |
When executing an `ActionController::Parameters#fetch` with a block
that raises a `KeyError` the raised `KeyError` will be rescued and
converted to an `ActionController::ParameterMissing` exception,
covering up the original exception.
[Jonas Schubert Erlandsson & Roque Pinel]
|
|
|
|
|
|
|
|
| |
This is another take at #14384 as we decided to wait until `master` is
targeting Rails 5.0. This commit is implementation-complete, as it
guarantees that all the public methods on the hash-inherited Parameters
are still working (based on test case). We can decide to follow-up later
if we want to remove some methods out from Parameters.
|
|
|
|
|
|
|
|
|
| |
As suggested in #16299([1]), this method should be a new public API for
retrieving unfiltered parameters from `ActionController::Parameters`
object, given that `Parameters#to_hash` will no longer work in Rails
5.0+ as we stop inheriting `Parameters` from `Hash`.
[1]: https://github.com/rails/rails/pull/16299#issuecomment-50220919
|