aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/parameters
Commit message (Collapse)AuthorAgeFilesLines
* Simple Sungularize ActionController::UnpermittedParameters error in case ↵Serj L2014-02-241-4/+26
| | | | when only 1 parameter is unpermitted.
* unify param.require testsArthur Neves2014-01-231-10/+0
|
* AC::Parameters#permit! permits hashes in array valuesXavier Noria2013-12-231-3/+11
|
* optimizes array conversion in AC::ParametersXavier Noria2013-12-211-0/+5
|
* converts hashes in arrays of unfiltered params to unpermitted params [fixes ↵Xavier Noria2013-12-211-0/+7
| | | | #13382]
* Revert "Merge pull request #9660 from ↵Guillermo Iguaran2013-11-021-7/+1
| | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493
* Merge pull request #9660 from ↵Guillermo Iguaran2013-11-011-1/+7
|\ | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty
| * Change ActionController::Parameters#require behavior when value is emptySebastian Sogamoso2013-03-111-1/+7
| | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty.
* | don't mutate hash with fetchDoug Cole2013-10-261-0/+6
| |
* | Strong parameters should permit nested number as key. Closes #12293kennyj2013-09-271-0/+15
| |
* | do not break params filtering on nil valuesVasiliy Ermolovich2013-09-071-0/+9
|/ | | | closes #12149
* Rack::Test::UploadedFile is a permitted scalarFabio Kreusch2013-02-211-1/+2
|
* ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051]Xavier Noria2013-01-231-1/+2
|
* Lets kepp using Ruby 1.9 syntaxRafael Mendonça França2013-01-222-37/+37
|
* Add missing assert callsCarlos Antonio da Silva2013-01-201-2/+2
|
* strong parameters filters permitted scalarsXavier Noria2013-01-202-17/+164
|
* Restore and adapt the implementation reverted atRafael Mendonça França2013-01-192-8/+8
| | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test
* Added ability to raise or log on unpermitted params.Thomas Drake-Brockman2013-01-202-0/+83
|
* Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-081-43/+0
| | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-0/+10
|
* Rename the last occurrence of UnexpectedParametersRafael Mendonça França2013-01-051-2/+2
|
* Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-051-4/+4
| | | | Also changed the exception to UnpermittedParameters
* Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-051-0/+33
| | | | provided.
* hash filters should be accessed with symbols or stringsFrancesco Rodriguez2012-11-301-0/+25
|
* Test that permitted? is sticky on accessors, mutators, and mergesBenjamin Quorning2012-11-061-0/+24
|
* Test that not permitted is sticky on #exceptBenjamin Quorning2012-11-061-0/+1
|
* Current tests are testing stickiness of non-permitted parametersBenjamin Quorning2012-11-061-3/+3
|
* Fix buggy testsBenjamin Quorning2012-11-061-4/+4
|
* No need for the debuggerDavid Heinemeier Hansson2012-10-311-1/+0
|
* Allow #permit to take its list of permitted parameters as an arrayDavid Heinemeier Hansson2012-10-311-0/+5
|
* Permit string and float values in the multiparameter attributesRafael Mendonça França2012-10-181-9/+14
|
* Cleanup trailing whitespacesdfens2012-10-121-1/+1
|
* When executing permit with just a key that points to a hash, DO NOT allow ↵Santiago Pastorino2012-10-121-1/+5
| | | | | | | | | | | | | | all the hash params.require(:person).permit(:projects_attributes) was returning => {"projects_attributes"=>{"0"=>{"name"=>"Project 1"}}} When should return => {} You should be doing ... params.require(:person).permit(projects_attributes: :name) to get just the projects attributes you want to allow
* Allow parameter filters to match multi-parameter attributesRafael Mendonça França2012-10-051-0/+33
| | | | | | | This will make easier to permit date/time attributes generated by helpers like date_select. [Sven Schwyn + Rafael Mendonça França]
* ActionController::Parameters#permit! is recursiveBrendan Loudermilk2012-10-041-0/+7
|
* Correct parameter access.Philip Arndt2012-09-191-1/+1
| | | * The params as supplied pass born in authors[0] but not authors[1] so it seems like the test isn't covering what it should be covering.
* Support fields_for attributes, which may have numeric symbols as hash keysGuillermo Iguaran2012-09-161-0/+18
|
* Add config.action_controller.permit_all_attributes to bypass ↵Guillermo Iguaran2012-09-161-0/+14
| | | | StrongParameters protection
* Change tainted/untainted wording to permitted/forbiddenGuillermo Iguaran2012-09-161-1/+1
|
* Don't use assert_nothing_raised when assert_equal is usedGuillermo Iguaran2012-09-161-4/+2
|
* require abstract_unit in parameters testsGuillermo Iguaran2012-09-163-0/+3
|
* Integrate ActionController::Parameters from StrongParameters gemGuillermo Iguaran2012-09-163-0/+163