| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Fix deprecation warnings when using ↵ | Jon Leighton | 2012-06-15 | 1 | -0/+32 |
| | | | | | config.active_record.mass_assignment_sanitizer= | ||||
| * | Fix config.active_record.whitelist_attributes with AR::Model | Jon Leighton | 2012-06-15 | 1 | -0/+27 |
| | | |||||
| * | Need a assert here in tests | Arun Agrawal | 2012-06-12 | 1 | -2/+2 |
| | | |||||
| * | Merge pull request #6676 from aurelian/master | Rafael Mendonça França | 2012-06-12 | 1 | -0/+4 |
| |\ | | | | | Don't assign the attributes if the list is empty | ||||
| | * | Don't assign the attributes if the list is empty. | Aurelian Oancea | 2012-06-08 | 1 | -0/+4 |
| | | | |||||
| * | | Ensure that mass assignment options are preserved | Andrew White | 2012-06-10 | 1 | -0/+22 |
| |/ | | | | | | | | | | | | | | | | There are two possible scenarios where the @mass_assignment_options instance variable can become corrupted: 1. If the assign_attributes doesn't complete correctly, then subsequent calls to a nested attribute assignment method will use whatever options were passed to the previous assign_attributes call. 2. With nested assign_attributes calls, the inner call will overwrite the current options. This will only affect nested attributes as the attribute hash is sanitized before any methods are called. To fix this we save the current options in a local variable and then restore these options in an ensure block. | ||||
| * | quarantine deprecated tests | Jon Leighton | 2012-05-18 | 1 | -0/+17 |
| | | |||||
| * | added failing tests for has_many, has_one and belongs_to associations with ↵ | Jakub Kuźma | 2011-12-21 | 1 | -0/+63 |
| | | | | | strict mass assignment sanitizer, fixed build_record to not merge creation_attributes, removed failing nested attributes tests (that feature was broken anyway) #4051 | ||||
| * | More checks for instance writers. | Arun Agrawal | 2011-10-27 | 1 | -1/+2 |
| | | |||||
| * | Adding more checks for instance_writer false | Arun Agrawal | 2011-10-27 | 1 | -1/+2 |
| | | |||||
| * | Test fix Allow instances to disable record_timestamps | Arun Agrawal | 2011-10-27 | 1 | -1/+1 |
| | | | | | Removed here 0d0176c4ffe5c58fd1002efbd8f7bd45a8872e33 | ||||
| * | Pass mass-assignment options to nested models - closes #1673. | Andrew White | 2011-06-13 | 1 | -0/+245 |
| | | |||||
| * | Rename tests to reflect associations | Andrew White | 2011-06-13 | 1 | -30/+30 |
| | | |||||
| * | please use ruby -I lib:test path/to/test.rb, or export RUBY_OPT | Aaron Patterson | 2011-06-06 | 1 | -1/+1 |
| | | |||||
| * | Refactor Active Record test connection setup. Please see the ↵ | Jon Leighton | 2011-06-04 | 1 | -1/+1 |
| | | | | | RUNNING_UNIT_TESTS file for details, but essentially you can now configure things in test/config.yml. You can also run tests directly via the command line, e.g. ruby path/to/test.rb (no rake needed, uses default db connection from test/config.yml). This will help us fix the CI by enabling us to isolate the different Rails versions to different databases. | ||||
| * | Add support for passing mass assignment roles to dynamic finders. Closes #1170. | Andrew White | 2011-05-21 | 1 | -0/+48 |
| | | |||||
| * | updated AR#create! to accept an options hash so the mass-assignment security ↵ | Josh Kalderimis | 2011-05-12 | 1 | -0/+24 |
| | | | | | role can be passed in, also updated the Changelog to mention the change to some of the AR method signatures. | ||||
| * | Ensure assign_attributes and update_attributes do not fail on nil, closes #478. | José Valim | 2011-05-10 | 1 | -0/+4 |
| | | |||||
| * | renamed mass-assignment scopes to roles, updated code, tests, docs and ↵ | Josh Kalderimis | 2011-05-08 | 1 | -27/+27 |
| | | | | | security guide | ||||
| * | singular and collection relations in AR can now specify mass-assignment ↵ | Josh Kalderimis | 2011-05-01 | 1 | -33/+307 |
| | | | | | security options (:as and :without_protection) in build, create and create! methods. | ||||
| * | Added mass-assignment security :as and :without_protection support to AR.new ↵ | Josh Kalderimis | 2011-05-01 | 1 | -24/+114 |
| | | | | | and AR.create | ||||
| * | fix mass-assignment security tests, this was due to a string column limit ↵ | Josh Kalderimis | 2011-04-27 | 1 | -9/+9 |
| | | | | | which doesn't cause issues on sqlite | ||||
| * | Added assign_attributes to Active Record which accepts a mass-assignment ↵ | Josh Kalderimis | 2011-04-24 | 1 | -0/+71 |
| | | | | | security scope using the :as option, while also allowing mass-assignment security to be bypassed using :with_protected | ||||
| * | mass_assignment_security moved from AR to AMo, and minor test cleanup | Josh Kalderimis | 2010-07-08 | 1 | -62/+9 |
| | | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
| * | minor changes to mass assignment security patch to bring it in line with ↵ | Josh Kalderimis | 2010-07-08 | 1 | -0/+96 |
| rails standards Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |