From 7c86e8e21ba6a1f88226ddd0cf012a563f234d06 Mon Sep 17 00:00:00 2001
From: Josh Kalderimis <josh.kalderimis@gmail.com>
Date: Wed, 7 Jul 2010 17:05:42 +0200
Subject: minor changes to mass assignment security patch to bring it in line
 with rails standards
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: José Valim <jose.valim@gmail.com>
---
 .../lib/active_record/mass_assignment_security/permission_set.rb  | 7 ++-----
 .../lib/active_record/mass_assignment_security/sanitizer.rb       | 8 +++++---
 2 files changed, 7 insertions(+), 8 deletions(-)

(limited to 'activerecord/lib/active_record/mass_assignment_security')

diff --git a/activerecord/lib/active_record/mass_assignment_security/permission_set.rb b/activerecord/lib/active_record/mass_assignment_security/permission_set.rb
index 1d34dce02e..8446a4103b 100644
--- a/activerecord/lib/active_record/mass_assignment_security/permission_set.rb
+++ b/activerecord/lib/active_record/mass_assignment_security/permission_set.rb
@@ -2,11 +2,11 @@ require 'active_record/mass_assignment_security/sanitizer'
 
 module ActiveRecord
   module MassAssignmentSecurity
-    class PermissionSet < Set
 
+    class PermissionSet < Set
       attr_accessor :logger
 
-      def merge(values)
+      def +(values)
         super(values.map(&:to_s))
       end
 
@@ -19,7 +19,6 @@ module ActiveRecord
         def remove_multiparameter_id(key)
           key.gsub(/\(.+/, '')
         end
-
     end
 
     class WhiteList < PermissionSet
@@ -28,7 +27,6 @@ module ActiveRecord
       def deny?(key)
         !include?(key)
       end
-
     end
 
     class BlackList < PermissionSet
@@ -37,7 +35,6 @@ module ActiveRecord
       def deny?(key)
         include?(key)
       end
-
     end
 
   end
diff --git a/activerecord/lib/active_record/mass_assignment_security/sanitizer.rb b/activerecord/lib/active_record/mass_assignment_security/sanitizer.rb
index 4a099a147c..11de35f9d6 100644
--- a/activerecord/lib/active_record/mass_assignment_security/sanitizer.rb
+++ b/activerecord/lib/active_record/mass_assignment_security/sanitizer.rb
@@ -13,15 +13,17 @@ module ActiveRecord
 
         def debug_protected_attribute_removal(attributes, sanitized_attributes)
           removed_keys = attributes.keys - sanitized_attributes.keys
-          if removed_keys.any?
-            logger.debug "WARNING: Can't mass-assign protected attributes: #{removed_keys.join(', ')}"
-          end
+          warn!(removed_keys) if removed_keys.any?
         end
 
         def debug?
           logger.present?
         end
 
+        def warn!(attrs)
+          logger.debug "WARNING: Can't mass-assign protected attributes: #{attrs.join(', ')}"
+        end
+
     end
   end
 end
-- 
cgit v1.2.3