From 2b97b8fb9e648aa866e42e8f386bf1bcee89e071 Mon Sep 17 00:00:00 2001 From: Shane Hanna Date: Fri, 9 Mar 2012 15:46:24 +1100 Subject: Added missing ActiveModel::Naming dependency. ActiveModel::Name constructor expects to be able to call #blank? on a String but the core Object#blank? extension is never required. --- activemodel/lib/active_model/naming.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/naming.rb b/activemodel/lib/active_model/naming.rb index 755e54efcd..fd0bc4e8e9 100644 --- a/activemodel/lib/active_model/naming.rb +++ b/activemodel/lib/active_model/naming.rb @@ -2,6 +2,7 @@ require 'active_support/inflector' require 'active_support/core_ext/hash/except' require 'active_support/core_ext/module/introspection' require 'active_support/core_ext/module/deprecation' +require 'active_support/core_ext/object/blank' module ActiveModel class Name < String -- cgit v1.2.3 From 10c3304db6fbb7d7b04c6651a793927fcb6e201a Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Fri, 9 Mar 2012 21:51:12 -0300 Subject: Make sure serializable hash with :include always returns string keys --- activemodel/lib/active_model/serialization.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/serialization.rb b/activemodel/lib/active_model/serialization.rb index 51f078e662..efc507c168 100644 --- a/activemodel/lib/active_model/serialization.rb +++ b/activemodel/lib/active_model/serialization.rb @@ -2,7 +2,6 @@ require 'active_support/core_ext/hash/except' require 'active_support/core_ext/hash/slice' require 'active_support/core_ext/array/wrap' - module ActiveModel # == Active Model Serialization # @@ -88,7 +87,7 @@ module ActiveModel method_names.each { |n| hash[n.to_s] = send(n) } serializable_add_includes(options) do |association, records, opts| - hash[association] = if records.is_a?(Enumerable) + hash[association.to_s] = if records.is_a?(Enumerable) records.map { |a| a.serializable_hash(opts) } else records.serializable_hash(opts) -- cgit v1.2.3 From 3d04d726fde4352795204f819ff4821f8991f42e Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Fri, 9 Mar 2012 21:56:05 -0300 Subject: Remove Array#wrap usage in AMo serialization --- activemodel/lib/active_model/serialization.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/serialization.rb b/activemodel/lib/active_model/serialization.rb index efc507c168..866659e6fd 100644 --- a/activemodel/lib/active_model/serialization.rb +++ b/activemodel/lib/active_model/serialization.rb @@ -1,6 +1,5 @@ require 'active_support/core_ext/hash/except' require 'active_support/core_ext/hash/slice' -require 'active_support/core_ext/array/wrap' module ActiveModel # == Active Model Serialization @@ -128,7 +127,7 @@ module ActiveModel return unless include = options[:include] unless include.is_a?(Hash) - include = Hash[Array.wrap(include).map { |n| n.is_a?(Hash) ? n.to_a.first : [n, {}] }] + include = Hash[Array(include).map { |n| n.is_a?(Hash) ? n.to_a.first : [n, {}] }] end include.each do |association, opts| -- cgit v1.2.3 From 3508da50f02b11290245976f2dbaeef6cd794e83 Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Fri, 9 Mar 2012 21:58:56 -0300 Subject: Rename variable to avoid using name "include" Better syntax highlight :) --- activemodel/lib/active_model/serialization.rb | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/serialization.rb b/activemodel/lib/active_model/serialization.rb index 866659e6fd..4323ee1e09 100644 --- a/activemodel/lib/active_model/serialization.rb +++ b/activemodel/lib/active_model/serialization.rb @@ -9,7 +9,6 @@ module ActiveModel # A minimal implementation could be: # # class Person - # # include ActiveModel::Serialization # # attr_accessor :name @@ -17,7 +16,6 @@ module ActiveModel # def attributes # {'name' => nil} # end - # # end # # Which would provide you with: @@ -41,7 +39,6 @@ module ActiveModel # So a minimal implementation including XML and JSON would be: # # class Person - # # include ActiveModel::Serializers::JSON # include ActiveModel::Serializers::Xml # @@ -50,7 +47,6 @@ module ActiveModel # def attributes # {'name' => nil} # end - # # end # # Which would provide you with: @@ -124,13 +120,13 @@ module ActiveModel # +records+ - the association record(s) to be serialized # +opts+ - options for the association records def serializable_add_includes(options = {}) #:nodoc: - return unless include = options[:include] + return unless includes = options[:include] - unless include.is_a?(Hash) - include = Hash[Array(include).map { |n| n.is_a?(Hash) ? n.to_a.first : [n, {}] }] + unless includes.is_a?(Hash) + includes = Hash[Array(includes).map { |n| n.is_a?(Hash) ? n.to_a.first : [n, {}] }] end - include.each do |association, opts| + includes.each do |association, opts| if records = send(association) yield association, records, opts end -- cgit v1.2.3 From e78c5eeba10001223a81203c7b544c09b8394831 Mon Sep 17 00:00:00 2001 From: Grant Hutchins Date: Sat, 10 Mar 2012 17:40:27 -0500 Subject: Fix comments about to_partial_path --- activemodel/lib/active_model/conversion.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/conversion.rb b/activemodel/lib/active_model/conversion.rb index c7c805f1a2..d7f30f0920 100644 --- a/activemodel/lib/active_model/conversion.rb +++ b/activemodel/lib/active_model/conversion.rb @@ -21,7 +21,7 @@ module ActiveModel # cm.to_model == self # => true # cm.to_key # => nil # cm.to_param # => nil - # cm.to_path # => "contact_messages/contact_message" + # cm.to_partial_path # => "contact_messages/contact_message" # module Conversion extend ActiveSupport::Concern @@ -57,7 +57,7 @@ module ActiveModel end module ClassMethods #:nodoc: - # Provide a class level cache for the to_path. This is an + # Provide a class level cache for #to_partial_path. This is an # internal method and should not be accessed directly. def _to_partial_path #:nodoc: @_to_partial_path ||= begin -- cgit v1.2.3 From 7d1379ffdbbaf01e99833dc06611b7e4f3799522 Mon Sep 17 00:00:00 2001 From: Bogdan Gusiev Date: Wed, 14 Mar 2012 14:11:52 +0200 Subject: AM::MassAssingmentSecurity: improve performance --- .../mass_assignment_security/sanitizer.rb | 34 ++++++++++------------ 1 file changed, 16 insertions(+), 18 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb index cfeb4aa7cd..93c4432b7d 100644 --- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb +++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb @@ -3,20 +3,18 @@ module ActiveModel class Sanitizer # Returns all attributes not denied by the authorizer. def sanitize(attributes, authorizer) - sanitized_attributes = attributes.reject { |key, value| authorizer.deny?(key) } - debug_protected_attribute_removal(attributes, sanitized_attributes) - sanitized_attributes + attributes.reject do |attr, value| + if authorizer.deny?(attr) + process_removed_attribute(attr) + true + end + end end protected - def debug_protected_attribute_removal(attributes, sanitized_attributes) - removed_keys = attributes.keys - sanitized_attributes.keys - process_removed_attributes(removed_keys) if removed_keys.any? - end - - def process_removed_attributes(attrs) - raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten" + def process_removed_attribute(attr) + raise NotImplementedError, "#process_removed_attribute(attr) suppose to be overwritten" end end @@ -34,8 +32,8 @@ module ActiveModel @target.respond_to?(:logger) && @target.logger end - def process_removed_attributes(attrs) - logger.warn "Can't mass-assign protected attributes: #{attrs.join(', ')}" if logger? + def process_removed_attribute(attr) + logger.warn "Can't mass-assign protected attribute: #{attr}" if logger? end end @@ -44,19 +42,19 @@ module ActiveModel super() end - def process_removed_attributes(attrs) - return if (attrs - insensitive_attributes).empty? - raise ActiveModel::MassAssignmentSecurity::Error.new(attrs) + def process_removed_attribute(attr) + return if insensitive_attributes.include?(attr) + raise ActiveModel::MassAssignmentSecurity::Error.new(attr) end def insensitive_attributes - ['id'] + @insensitive_attributes ||= ['id'] end end class Error < StandardError - def initialize(attrs) - super("Can't mass-assign protected attributes: #{attrs.join(', ')}") + def initialize(attr) + super("Can't mass-assign protected attribute: #{attr}") end end end -- cgit v1.2.3 From eb8f0ddb67440d26eb0e179a0c43df8ea2a53b1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Thu, 15 Mar 2012 18:41:25 +0100 Subject: Revert "AM::MassAssingmentSecurity: improve performance" It introduces backwards incompatible changes in the API. This reverts commit 7d1379ffdbbaf01e99833dc06611b7e4f3799522. --- .../mass_assignment_security/sanitizer.rb | 34 ++++++++++++---------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb index 93c4432b7d..cfeb4aa7cd 100644 --- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb +++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb @@ -3,18 +3,20 @@ module ActiveModel class Sanitizer # Returns all attributes not denied by the authorizer. def sanitize(attributes, authorizer) - attributes.reject do |attr, value| - if authorizer.deny?(attr) - process_removed_attribute(attr) - true - end - end + sanitized_attributes = attributes.reject { |key, value| authorizer.deny?(key) } + debug_protected_attribute_removal(attributes, sanitized_attributes) + sanitized_attributes end protected - def process_removed_attribute(attr) - raise NotImplementedError, "#process_removed_attribute(attr) suppose to be overwritten" + def debug_protected_attribute_removal(attributes, sanitized_attributes) + removed_keys = attributes.keys - sanitized_attributes.keys + process_removed_attributes(removed_keys) if removed_keys.any? + end + + def process_removed_attributes(attrs) + raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten" end end @@ -32,8 +34,8 @@ module ActiveModel @target.respond_to?(:logger) && @target.logger end - def process_removed_attribute(attr) - logger.warn "Can't mass-assign protected attribute: #{attr}" if logger? + def process_removed_attributes(attrs) + logger.warn "Can't mass-assign protected attributes: #{attrs.join(', ')}" if logger? end end @@ -42,19 +44,19 @@ module ActiveModel super() end - def process_removed_attribute(attr) - return if insensitive_attributes.include?(attr) - raise ActiveModel::MassAssignmentSecurity::Error.new(attr) + def process_removed_attributes(attrs) + return if (attrs - insensitive_attributes).empty? + raise ActiveModel::MassAssignmentSecurity::Error.new(attrs) end def insensitive_attributes - @insensitive_attributes ||= ['id'] + ['id'] end end class Error < StandardError - def initialize(attr) - super("Can't mass-assign protected attribute: #{attr}") + def initialize(attrs) + super("Can't mass-assign protected attributes: #{attrs.join(', ')}") end end end -- cgit v1.2.3 From 034ccf40489d5329ac72a0a5d33b907f755cf1b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Fri, 16 Mar 2012 13:40:42 +0100 Subject: Speed up mass assignment by avoiding extra loops. --- .../lib/active_model/mass_assignment_security/sanitizer.rb | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'activemodel/lib/active_model') diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb index cfeb4aa7cd..4491e07a72 100644 --- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb +++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb @@ -3,18 +3,16 @@ module ActiveModel class Sanitizer # Returns all attributes not denied by the authorizer. def sanitize(attributes, authorizer) - sanitized_attributes = attributes.reject { |key, value| authorizer.deny?(key) } - debug_protected_attribute_removal(attributes, sanitized_attributes) + rejected = [] + sanitized_attributes = attributes.reject do |key, value| + rejected << key if authorizer.deny?(key) + end + process_removed_attributes(rejected) unless rejected.empty? sanitized_attributes end protected - def debug_protected_attribute_removal(attributes, sanitized_attributes) - removed_keys = attributes.keys - sanitized_attributes.keys - process_removed_attributes(removed_keys) if removed_keys.any? - end - def process_removed_attributes(attrs) raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten" end -- cgit v1.2.3