From fa8dfad7654baa831c8de515118008b3382df515 Mon Sep 17 00:00:00 2001 From: benedikt Date: Thu, 9 Jun 2011 13:10:20 +0200 Subject: Don't wrap operations on collection associations in transactions when they are not needed, so the connection adapter does not send empty BEGIN COMMIT transactions blocks to the database. --- .../associations/has_many_associations_test.rb | 45 ++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/associations/has_many_associations_test.rb b/activerecord/test/cases/associations/has_many_associations_test.rb index 49999630b6..79b56d81df 100644 --- a/activerecord/test/cases/associations/has_many_associations_test.rb +++ b/activerecord/test/cases/associations/has_many_associations_test.rb @@ -537,6 +537,18 @@ class HasManyAssociationsTest < ActiveRecord::TestCase assert_equal 3, companies(:first_firm).clients_of_firm(true).size end + def test_transactions_when_adding_to_persisted + force_signal37_to_load_all_clients_of_firm + Client.expects(:transaction) + companies(:first_firm).clients_of_firm.concat(Client.new("name" => "Natural Company")) + end + + def test_transactions_when_adding_to_new_record + Client.expects(:transaction).never + firm = Firm.new + firm.clients_of_firm.concat(Client.new("name" => "Natural Company")) + end + def test_new_aliased_to_build company = companies(:first_firm) new_client = assert_no_queries { company.clients_of_firm.new("name" => "Another Client") } @@ -778,6 +790,21 @@ class HasManyAssociationsTest < ActiveRecord::TestCase assert_equal 0, companies(:first_firm).clients_of_firm(true).size end + def test_transaction_when_deleting_persisted + force_signal37_to_load_all_clients_of_firm + client = companies(:first_firm).clients_of_firm.create("name" => "Another Client") + Client.expects(:transaction) + companies(:first_firm).clients_of_firm.delete(client) + end + + def test_transaction_when_deleting_new_record + client = Client.new("name" => "New Client") + firm = Firm.new + firm.clients_of_firm << client + Client.expects(:transaction).never + firm.clients_of_firm.delete(client) + end + def test_clearing_an_association_collection firm = companies(:first_firm) client_id = firm.clients_of_firm.first.id @@ -1111,6 +1138,24 @@ class HasManyAssociationsTest < ActiveRecord::TestCase assert_equal orig_accounts, firm.accounts end + def test_transactions_when_replacing_on_persisted + firm = Firm.find(:first, :order => "id") + firm.clients = [companies(:first_client)] + assert firm.save, "Could not save firm" + firm.reload + + Client.expects(:transaction) + firm.clients_of_firm = [Client.new("name" => "Natural Company")] + end + + def test_transactions_when_replacing_on_new_record + firm = Firm.new + firm.clients_of_firm << Client.new("name" => "Natural Company") + + Client.expects(:transaction).never + firm.clients_of_firm = [Client.new("name" => "New Client")] + end + def test_get_ids assert_equal [companies(:first_client).id, companies(:second_client).id], companies(:first_firm).client_ids end -- cgit v1.2.3 From de01a6410207efd9554e9d1ed901c180e54d632a Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Sun, 12 Jun 2011 17:29:53 +0100 Subject: Move BEGIN and COMMIT into IGNORED_SQL rather than having them as a special case in assert_queries --- activerecord/test/cases/helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/helper.rb b/activerecord/test/cases/helper.rb index d0dc9cb03d..85c20179ec 100644 --- a/activerecord/test/cases/helper.rb +++ b/activerecord/test/cases/helper.rb @@ -58,7 +58,7 @@ end module ActiveRecord class SQLCounter - IGNORED_SQL = [/^PRAGMA (?!(table_info))/, /^SELECT currval/, /^SELECT CAST/, /^SELECT @@IDENTITY/, /^SELECT @@ROWCOUNT/, /^SAVEPOINT/, /^ROLLBACK TO SAVEPOINT/, /^RELEASE SAVEPOINT/, /^SHOW max_identifier_length/] + IGNORED_SQL = [/^PRAGMA (?!(table_info))/, /^SELECT currval/, /^SELECT CAST/, /^SELECT @@IDENTITY/, /^SELECT @@ROWCOUNT/, /^SAVEPOINT/, /^ROLLBACK TO SAVEPOINT/, /^RELEASE SAVEPOINT/, /^SHOW max_identifier_length/, /^BEGIN/, /^COMMIT/] # FIXME: this needs to be refactored so specific database can add their own # ignored SQL. This ignored SQL is for Oracle. -- cgit v1.2.3 From 14e6bbb149a7045d73d34deed2c8ef4a47e4233f Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Sun, 12 Jun 2011 18:09:09 +0100 Subject: Refactor tests to be less brittle --- .../associations/has_many_associations_test.rb | 83 +++++++++++++++------- activerecord/test/cases/helper.rb | 7 +- 2 files changed, 62 insertions(+), 28 deletions(-) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/associations/has_many_associations_test.rb b/activerecord/test/cases/associations/has_many_associations_test.rb index 79b56d81df..e16a573a1f 100644 --- a/activerecord/test/cases/associations/has_many_associations_test.rb +++ b/activerecord/test/cases/associations/has_many_associations_test.rb @@ -538,15 +538,27 @@ class HasManyAssociationsTest < ActiveRecord::TestCase end def test_transactions_when_adding_to_persisted - force_signal37_to_load_all_clients_of_firm - Client.expects(:transaction) - companies(:first_firm).clients_of_firm.concat(Client.new("name" => "Natural Company")) + good = Client.new(:name => "Good") + bad = Client.new(:name => "Bad", :raise_on_save => true) + + begin + companies(:first_firm).clients_of_firm.concat(good, bad) + rescue Client::RaisedOnSave + end + + assert !companies(:first_firm).clients_of_firm(true).include?(good) end def test_transactions_when_adding_to_new_record - Client.expects(:transaction).never - firm = Firm.new - firm.clients_of_firm.concat(Client.new("name" => "Natural Company")) + prev_ignored_sql = ActiveRecord::SQLCounter.ignored_sql + ActiveRecord::SQLCounter.ignored_sql = [] + + assert_no_queries do + firm = Firm.new + firm.clients_of_firm.concat(Client.new("name" => "Natural Company")) + end + ensure + ActiveRecord::SQLCounter.ignored_sql = prev_ignored_sql end def test_new_aliased_to_build @@ -791,18 +803,31 @@ class HasManyAssociationsTest < ActiveRecord::TestCase end def test_transaction_when_deleting_persisted - force_signal37_to_load_all_clients_of_firm - client = companies(:first_firm).clients_of_firm.create("name" => "Another Client") - Client.expects(:transaction) - companies(:first_firm).clients_of_firm.delete(client) + good = Client.new(:name => "Good") + bad = Client.new(:name => "Bad", :raise_on_destroy => true) + + companies(:first_firm).clients_of_firm = [good, bad] + + begin + companies(:first_firm).clients_of_firm.destroy(good, bad) + rescue Client::RaisedOnDestroy + end + + assert_equal [good, bad], companies(:first_firm).clients_of_firm(true) end def test_transaction_when_deleting_new_record - client = Client.new("name" => "New Client") - firm = Firm.new - firm.clients_of_firm << client - Client.expects(:transaction).never - firm.clients_of_firm.delete(client) + prev_ignored_sql = ActiveRecord::SQLCounter.ignored_sql + ActiveRecord::SQLCounter.ignored_sql = [] + + assert_no_queries do + firm = Firm.new + client = Client.new("name" => "New Client") + firm.clients_of_firm << client + firm.clients_of_firm.destroy(client) + end + ensure + ActiveRecord::SQLCounter.ignored_sql = prev_ignored_sql end def test_clearing_an_association_collection @@ -1139,21 +1164,29 @@ class HasManyAssociationsTest < ActiveRecord::TestCase end def test_transactions_when_replacing_on_persisted - firm = Firm.find(:first, :order => "id") - firm.clients = [companies(:first_client)] - assert firm.save, "Could not save firm" - firm.reload + good = Client.new(:name => "Good") + bad = Client.new(:name => "Bad", :raise_on_save => true) - Client.expects(:transaction) - firm.clients_of_firm = [Client.new("name" => "Natural Company")] + companies(:first_firm).clients_of_firm = [good] + + begin + companies(:first_firm).clients_of_firm = [bad] + rescue Client::RaisedOnSave + end + + assert_equal [good], companies(:first_firm).clients_of_firm(true) end def test_transactions_when_replacing_on_new_record - firm = Firm.new - firm.clients_of_firm << Client.new("name" => "Natural Company") + prev_ignored_sql = ActiveRecord::SQLCounter.ignored_sql + ActiveRecord::SQLCounter.ignored_sql = [] - Client.expects(:transaction).never - firm.clients_of_firm = [Client.new("name" => "New Client")] + assert_no_queries do + firm = Firm.new + firm.clients_of_firm = [Client.new("name" => "New Client")] + end + ensure + ActiveRecord::SQLCounter.ignored_sql = prev_ignored_sql end def test_get_ids diff --git a/activerecord/test/cases/helper.rb b/activerecord/test/cases/helper.rb index 85c20179ec..aa5f1f528f 100644 --- a/activerecord/test/cases/helper.rb +++ b/activerecord/test/cases/helper.rb @@ -58,11 +58,12 @@ end module ActiveRecord class SQLCounter - IGNORED_SQL = [/^PRAGMA (?!(table_info))/, /^SELECT currval/, /^SELECT CAST/, /^SELECT @@IDENTITY/, /^SELECT @@ROWCOUNT/, /^SAVEPOINT/, /^ROLLBACK TO SAVEPOINT/, /^RELEASE SAVEPOINT/, /^SHOW max_identifier_length/, /^BEGIN/, /^COMMIT/] + cattr_accessor :ignored_sql + self.ignored_sql = [/^PRAGMA (?!(table_info))/, /^SELECT currval/, /^SELECT CAST/, /^SELECT @@IDENTITY/, /^SELECT @@ROWCOUNT/, /^SAVEPOINT/, /^ROLLBACK TO SAVEPOINT/, /^RELEASE SAVEPOINT/, /^SHOW max_identifier_length/, /^BEGIN/, /^COMMIT/] # FIXME: this needs to be refactored so specific database can add their own # ignored SQL. This ignored SQL is for Oracle. - IGNORED_SQL.concat [/^select .*nextval/i, /^SAVEPOINT/, /^ROLLBACK TO/, /^\s*select .* from all_triggers/im] + ignored_sql.concat [/^select .*nextval/i, /^SAVEPOINT/, /^ROLLBACK TO/, /^\s*select .* from all_triggers/im] def initialize $queries_executed = [] @@ -74,7 +75,7 @@ module ActiveRecord # FIXME: this seems bad. we should probably have a better way to indicate # the query was cached unless 'CACHE' == values[:name] - $queries_executed << sql unless IGNORED_SQL.any? { |r| sql =~ r } + $queries_executed << sql unless self.class.ignored_sql.any? { |r| sql =~ r } end end end -- cgit v1.2.3 From 232c66a1ba3c683655856d277b7227faa37fb8c3 Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Sun, 12 Jun 2011 18:38:39 +0100 Subject: If we're going to use a global variable, let's at least namespace it --- activerecord/test/cases/helper.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/helper.rb b/activerecord/test/cases/helper.rb index aa5f1f528f..6735bc521b 100644 --- a/activerecord/test/cases/helper.rb +++ b/activerecord/test/cases/helper.rb @@ -65,9 +65,8 @@ module ActiveRecord # ignored SQL. This ignored SQL is for Oracle. ignored_sql.concat [/^select .*nextval/i, /^SAVEPOINT/, /^ROLLBACK TO/, /^\s*select .* from all_triggers/im] - def initialize - $queries_executed = [] - end + cattr_accessor :log + self.log = [] def call(name, start, finish, message_id, values) sql = values[:sql] @@ -75,10 +74,11 @@ module ActiveRecord # FIXME: this seems bad. we should probably have a better way to indicate # the query was cached unless 'CACHE' == values[:name] - $queries_executed << sql unless self.class.ignored_sql.any? { |r| sql =~ r } + self.class.log << sql unless self.class.ignored_sql.any? { |r| sql =~ r } end end end + ActiveSupport::Notifications.subscribe('sql.active_record', SQLCounter.new) end -- cgit v1.2.3 From c52520166be48299b589dbccd7d1ee22b1095ffb Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Sun, 12 Jun 2011 18:50:24 +0100 Subject: Make assert_no_queries literally enforce that there are no queries. As in, not a single line of SQL should be sent to the database, not even stuff that is ignored by assert_queries. The argument being that if you write assert_no_queries, you really do not want there to be any queries. --- .../test/cases/associations/has_many_associations_test.rb | 15 --------------- 1 file changed, 15 deletions(-) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/associations/has_many_associations_test.rb b/activerecord/test/cases/associations/has_many_associations_test.rb index e16a573a1f..9af1f7249f 100644 --- a/activerecord/test/cases/associations/has_many_associations_test.rb +++ b/activerecord/test/cases/associations/has_many_associations_test.rb @@ -550,15 +550,10 @@ class HasManyAssociationsTest < ActiveRecord::TestCase end def test_transactions_when_adding_to_new_record - prev_ignored_sql = ActiveRecord::SQLCounter.ignored_sql - ActiveRecord::SQLCounter.ignored_sql = [] - assert_no_queries do firm = Firm.new firm.clients_of_firm.concat(Client.new("name" => "Natural Company")) end - ensure - ActiveRecord::SQLCounter.ignored_sql = prev_ignored_sql end def test_new_aliased_to_build @@ -817,17 +812,12 @@ class HasManyAssociationsTest < ActiveRecord::TestCase end def test_transaction_when_deleting_new_record - prev_ignored_sql = ActiveRecord::SQLCounter.ignored_sql - ActiveRecord::SQLCounter.ignored_sql = [] - assert_no_queries do firm = Firm.new client = Client.new("name" => "New Client") firm.clients_of_firm << client firm.clients_of_firm.destroy(client) end - ensure - ActiveRecord::SQLCounter.ignored_sql = prev_ignored_sql end def test_clearing_an_association_collection @@ -1178,15 +1168,10 @@ class HasManyAssociationsTest < ActiveRecord::TestCase end def test_transactions_when_replacing_on_new_record - prev_ignored_sql = ActiveRecord::SQLCounter.ignored_sql - ActiveRecord::SQLCounter.ignored_sql = [] - assert_no_queries do firm = Firm.new firm.clients_of_firm = [Client.new("name" => "New Client")] end - ensure - ActiveRecord::SQLCounter.ignored_sql = prev_ignored_sql end def test_get_ids -- cgit v1.2.3 From 15e289147e72ab113299f806b4f6e7a0daddd684 Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Sun, 12 Jun 2011 19:05:29 +0100 Subject: Oops, this should have been in the last commit :zap: --- activerecord/test/cases/autosave_association_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/autosave_association_test.rb b/activerecord/test/cases/autosave_association_test.rb index 8f55b7ebe6..4ad2cdfc7e 100644 --- a/activerecord/test/cases/autosave_association_test.rb +++ b/activerecord/test/cases/autosave_association_test.rb @@ -837,7 +837,7 @@ class TestDestroyAsPartOfAutosaveAssociation < ActiveRecord::TestCase @pirate.parrots.each { |parrot| parrot.mark_for_destruction } assert @pirate.save - assert_no_queries do + assert_queries(0) do assert @pirate.save end end -- cgit v1.2.3 From 987afa583e06a186a2c7235931dfd18d8d2d63a3 Mon Sep 17 00:00:00 2001 From: Andrew White Date: Mon, 13 Jun 2011 10:01:19 +0100 Subject: Rename tests to reflect associations --- .../test/cases/mass_assignment_security_test.rb | 60 +++++++++++----------- 1 file changed, 30 insertions(+), 30 deletions(-) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/mass_assignment_security_test.rb b/activerecord/test/cases/mass_assignment_security_test.rb index 33737e12a8..609d63ded4 100644 --- a/activerecord/test/cases/mass_assignment_security_test.rb +++ b/activerecord/test/cases/mass_assignment_security_test.rb @@ -384,81 +384,81 @@ class MassAssignmentSecurityBelongsToRelationsTest < ActiveRecord::TestCase # build - def test_has_one_build_with_attr_protected_attributes + def test_belongs_to_build_with_attr_protected_attributes best_friend = @person.build_best_friend_of(attributes_hash) assert_default_attributes(best_friend) end - def test_has_one_build_with_attr_accessible_attributes + def test_belongs_to_build_with_attr_accessible_attributes best_friend = @person.build_best_friend_of(attributes_hash) assert_default_attributes(best_friend) end - def test_has_one_build_with_admin_role_with_attr_protected_attributes + def test_belongs_to_build_with_admin_role_with_attr_protected_attributes best_friend = @person.build_best_friend_of(attributes_hash, :as => :admin) assert_admin_attributes(best_friend) end - def test_has_one_build_with_admin_role_with_attr_accessible_attributes + def test_belongs_to_build_with_admin_role_with_attr_accessible_attributes best_friend = @person.build_best_friend_of(attributes_hash, :as => :admin) assert_admin_attributes(best_friend) end - def test_has_one_build_without_protection + def test_belongs_to_build_without_protection best_friend = @person.build_best_friend_of(attributes_hash, :without_protection => true) assert_all_attributes(best_friend) end # create - def test_has_one_create_with_attr_protected_attributes + def test_belongs_to_create_with_attr_protected_attributes best_friend = @person.create_best_friend_of(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_attr_accessible_attributes + def test_belongs_to_create_with_attr_accessible_attributes best_friend = @person.create_best_friend_of(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_admin_role_with_attr_protected_attributes + def test_belongs_to_create_with_admin_role_with_attr_protected_attributes best_friend = @person.create_best_friend_of(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_with_admin_role_with_attr_accessible_attributes + def test_belongs_to_create_with_admin_role_with_attr_accessible_attributes best_friend = @person.create_best_friend_of(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_without_protection + def test_belongs_to_create_without_protection best_friend = @person.create_best_friend_of(attributes_hash, :without_protection => true) assert_all_attributes(best_friend) end # create! - def test_has_one_create_with_bang_with_attr_protected_attributes + def test_belongs_to_create_with_bang_with_attr_protected_attributes best_friend = @person.create_best_friend!(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_bang_with_attr_accessible_attributes + def test_belongs_to_create_with_bang_with_attr_accessible_attributes best_friend = @person.create_best_friend!(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_bang_with_admin_role_with_attr_protected_attributes + def test_belongs_to_create_with_bang_with_admin_role_with_attr_protected_attributes best_friend = @person.create_best_friend!(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_with_bang_with_admin_role_with_attr_accessible_attributes + def test_belongs_to_create_with_bang_with_admin_role_with_attr_accessible_attributes best_friend = @person.create_best_friend!(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_with_bang_without_protection + def test_belongs_to_create_with_bang_without_protection best_friend = @person.create_best_friend!(attributes_hash, :without_protection => true) assert_all_attributes(best_friend) end @@ -472,81 +472,81 @@ class MassAssignmentSecurityHasManyRelationsTest < ActiveRecord::TestCase # build - def test_has_one_build_with_attr_protected_attributes + def test_has_many_build_with_attr_protected_attributes best_friend = @person.best_friends.build(attributes_hash) assert_default_attributes(best_friend) end - def test_has_one_build_with_attr_accessible_attributes + def test_has_many_build_with_attr_accessible_attributes best_friend = @person.best_friends.build(attributes_hash) assert_default_attributes(best_friend) end - def test_has_one_build_with_admin_role_with_attr_protected_attributes + def test_has_many_build_with_admin_role_with_attr_protected_attributes best_friend = @person.best_friends.build(attributes_hash, :as => :admin) assert_admin_attributes(best_friend) end - def test_has_one_build_with_admin_role_with_attr_accessible_attributes + def test_has_many_build_with_admin_role_with_attr_accessible_attributes best_friend = @person.best_friends.build(attributes_hash, :as => :admin) assert_admin_attributes(best_friend) end - def test_has_one_build_without_protection + def test_has_many_build_without_protection best_friend = @person.best_friends.build(attributes_hash, :without_protection => true) assert_all_attributes(best_friend) end # create - def test_has_one_create_with_attr_protected_attributes + def test_has_many_create_with_attr_protected_attributes best_friend = @person.best_friends.create(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_attr_accessible_attributes + def test_has_many_create_with_attr_accessible_attributes best_friend = @person.best_friends.create(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_admin_role_with_attr_protected_attributes + def test_has_many_create_with_admin_role_with_attr_protected_attributes best_friend = @person.best_friends.create(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_with_admin_role_with_attr_accessible_attributes + def test_has_many_create_with_admin_role_with_attr_accessible_attributes best_friend = @person.best_friends.create(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_without_protection + def test_has_many_create_without_protection best_friend = @person.best_friends.create(attributes_hash, :without_protection => true) assert_all_attributes(best_friend) end # create! - def test_has_one_create_with_bang_with_attr_protected_attributes + def test_has_many_create_with_bang_with_attr_protected_attributes best_friend = @person.best_friends.create!(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_bang_with_attr_accessible_attributes + def test_has_many_create_with_bang_with_attr_accessible_attributes best_friend = @person.best_friends.create!(attributes_hash) assert_default_attributes(best_friend, true) end - def test_has_one_create_with_bang_with_admin_role_with_attr_protected_attributes + def test_has_many_create_with_bang_with_admin_role_with_attr_protected_attributes best_friend = @person.best_friends.create!(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_with_bang_with_admin_role_with_attr_accessible_attributes + def test_has_many_create_with_bang_with_admin_role_with_attr_accessible_attributes best_friend = @person.best_friends.create!(attributes_hash, :as => :admin) assert_admin_attributes(best_friend, true) end - def test_has_one_create_with_bang_without_protection + def test_has_many_create_with_bang_without_protection best_friend = @person.best_friends.create!(attributes_hash, :without_protection => true) assert_all_attributes(best_friend) end -- cgit v1.2.3 From 5d655aabcb47a68e7ce1dfb60222e951a6d30169 Mon Sep 17 00:00:00 2001 From: Andrew White Date: Mon, 13 Jun 2011 13:02:51 +0100 Subject: Pass mass-assignment options to nested models - closes #1673. --- .../test/cases/mass_assignment_security_test.rb | 245 +++++++++++++++++++++ 1 file changed, 245 insertions(+) (limited to 'activerecord/test/cases') diff --git a/activerecord/test/cases/mass_assignment_security_test.rb b/activerecord/test/cases/mass_assignment_security_test.rb index 609d63ded4..ef35f3341e 100644 --- a/activerecord/test/cases/mass_assignment_security_test.rb +++ b/activerecord/test/cases/mass_assignment_security_test.rb @@ -552,3 +552,248 @@ class MassAssignmentSecurityHasManyRelationsTest < ActiveRecord::TestCase end end + + +class MassAssignmentSecurityNestedAttributesTest < ActiveRecord::TestCase + include MassAssignmentTestHelpers + + def nested_attributes_hash(association, collection = false, except = [:id]) + if collection + { :first_name => 'David' }.merge(:"#{association}_attributes" => [attributes_hash.except(*except)]) + else + { :first_name => 'David' }.merge(:"#{association}_attributes" => attributes_hash.except(*except)) + end + end + + # build + + def test_has_one_new_with_attr_protected_attributes + person = LoosePerson.new(nested_attributes_hash(:best_friend)) + assert_default_attributes(person.best_friend) + end + + def test_has_one_new_with_attr_accessible_attributes + person = TightPerson.new(nested_attributes_hash(:best_friend)) + assert_default_attributes(person.best_friend) + end + + def test_has_one_new_with_admin_role_with_attr_protected_attributes + person = LoosePerson.new(nested_attributes_hash(:best_friend), :as => :admin) + assert_admin_attributes(person.best_friend) + end + + def test_has_one_new_with_admin_role_with_attr_accessible_attributes + person = TightPerson.new(nested_attributes_hash(:best_friend), :as => :admin) + assert_admin_attributes(person.best_friend) + end + + def test_has_one_new_without_protection + person = LoosePerson.new(nested_attributes_hash(:best_friend, false, nil), :without_protection => true) + assert_all_attributes(person.best_friend) + end + + def test_belongs_to_new_with_attr_protected_attributes + person = LoosePerson.new(nested_attributes_hash(:best_friend_of)) + assert_default_attributes(person.best_friend_of) + end + + def test_belongs_to_new_with_attr_accessible_attributes + person = TightPerson.new(nested_attributes_hash(:best_friend_of)) + assert_default_attributes(person.best_friend_of) + end + + def test_belongs_to_new_with_admin_role_with_attr_protected_attributes + person = LoosePerson.new(nested_attributes_hash(:best_friend_of), :as => :admin) + assert_admin_attributes(person.best_friend_of) + end + + def test_belongs_to_new_with_admin_role_with_attr_accessible_attributes + person = TightPerson.new(nested_attributes_hash(:best_friend_of), :as => :admin) + assert_admin_attributes(person.best_friend_of) + end + + def test_belongs_to_new_without_protection + person = LoosePerson.new(nested_attributes_hash(:best_friend_of, false, nil), :without_protection => true) + assert_all_attributes(person.best_friend_of) + end + + def test_has_many_new_with_attr_protected_attributes + person = LoosePerson.new(nested_attributes_hash(:best_friends, true)) + assert_default_attributes(person.best_friends.first) + end + + def test_has_many_new_with_attr_accessible_attributes + person = TightPerson.new(nested_attributes_hash(:best_friends, true)) + assert_default_attributes(person.best_friends.first) + end + + def test_has_many_new_with_admin_role_with_attr_protected_attributes + person = LoosePerson.new(nested_attributes_hash(:best_friends, true), :as => :admin) + assert_admin_attributes(person.best_friends.first) + end + + def test_has_many_new_with_admin_role_with_attr_accessible_attributes + person = TightPerson.new(nested_attributes_hash(:best_friends, true), :as => :admin) + assert_admin_attributes(person.best_friends.first) + end + + def test_has_many_new_without_protection + person = LoosePerson.new(nested_attributes_hash(:best_friends, true, nil), :without_protection => true) + assert_all_attributes(person.best_friends.first) + end + + # create + + def test_has_one_create_with_attr_protected_attributes + person = LoosePerson.create(nested_attributes_hash(:best_friend)) + assert_default_attributes(person.best_friend, true) + end + + def test_has_one_create_with_attr_accessible_attributes + person = TightPerson.create(nested_attributes_hash(:best_friend)) + assert_default_attributes(person.best_friend, true) + end + + def test_has_one_create_with_admin_role_with_attr_protected_attributes + person = LoosePerson.create(nested_attributes_hash(:best_friend), :as => :admin) + assert_admin_attributes(person.best_friend, true) + end + + def test_has_one_create_with_admin_role_with_attr_accessible_attributes + person = TightPerson.create(nested_attributes_hash(:best_friend), :as => :admin) + assert_admin_attributes(person.best_friend, true) + end + + def test_has_one_create_without_protection + person = LoosePerson.create(nested_attributes_hash(:best_friend, false, nil), :without_protection => true) + assert_all_attributes(person.best_friend) + end + + def test_belongs_to_create_with_attr_protected_attributes + person = LoosePerson.create(nested_attributes_hash(:best_friend_of)) + assert_default_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_attr_accessible_attributes + person = TightPerson.create(nested_attributes_hash(:best_friend_of)) + assert_default_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_admin_role_with_attr_protected_attributes + person = LoosePerson.create(nested_attributes_hash(:best_friend_of), :as => :admin) + assert_admin_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_admin_role_with_attr_accessible_attributes + person = TightPerson.create(nested_attributes_hash(:best_friend_of), :as => :admin) + assert_admin_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_without_protection + person = LoosePerson.create(nested_attributes_hash(:best_friend_of, false, nil), :without_protection => true) + assert_all_attributes(person.best_friend_of) + end + + def test_has_many_create_with_attr_protected_attributes + person = LoosePerson.create(nested_attributes_hash(:best_friends, true)) + assert_default_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_attr_accessible_attributes + person = TightPerson.create(nested_attributes_hash(:best_friends, true)) + assert_default_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_admin_role_with_attr_protected_attributes + person = LoosePerson.create(nested_attributes_hash(:best_friends, true), :as => :admin) + assert_admin_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_admin_role_with_attr_accessible_attributes + person = TightPerson.create(nested_attributes_hash(:best_friends, true), :as => :admin) + assert_admin_attributes(person.best_friends.first, true) + end + + def test_has_many_create_without_protection + person = LoosePerson.create(nested_attributes_hash(:best_friends, true, nil), :without_protection => true) + assert_all_attributes(person.best_friends.first) + end + + # create! + + def test_has_one_create_with_bang_with_attr_protected_attributes + person = LoosePerson.create!(nested_attributes_hash(:best_friend)) + assert_default_attributes(person.best_friend, true) + end + + def test_has_one_create_with_bang_with_attr_accessible_attributes + person = TightPerson.create!(nested_attributes_hash(:best_friend)) + assert_default_attributes(person.best_friend, true) + end + + def test_has_one_create_with_bang_with_admin_role_with_attr_protected_attributes + person = LoosePerson.create!(nested_attributes_hash(:best_friend), :as => :admin) + assert_admin_attributes(person.best_friend, true) + end + + def test_has_one_create_with_bang_with_admin_role_with_attr_accessible_attributes + person = TightPerson.create!(nested_attributes_hash(:best_friend), :as => :admin) + assert_admin_attributes(person.best_friend, true) + end + + def test_has_one_create_with_bang_without_protection + person = LoosePerson.create!(nested_attributes_hash(:best_friend, false, nil), :without_protection => true) + assert_all_attributes(person.best_friend) + end + + def test_belongs_to_create_with_bang_with_attr_protected_attributes + person = LoosePerson.create!(nested_attributes_hash(:best_friend_of)) + assert_default_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_bang_with_attr_accessible_attributes + person = TightPerson.create!(nested_attributes_hash(:best_friend_of)) + assert_default_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_bang_with_admin_role_with_attr_protected_attributes + person = LoosePerson.create!(nested_attributes_hash(:best_friend_of), :as => :admin) + assert_admin_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_bang_with_admin_role_with_attr_accessible_attributes + person = TightPerson.create!(nested_attributes_hash(:best_friend_of), :as => :admin) + assert_admin_attributes(person.best_friend_of, true) + end + + def test_belongs_to_create_with_bang_without_protection + person = LoosePerson.create!(nested_attributes_hash(:best_friend_of, false, nil), :without_protection => true) + assert_all_attributes(person.best_friend_of) + end + + def test_has_many_create_with_bang_with_attr_protected_attributes + person = LoosePerson.create!(nested_attributes_hash(:best_friends, true)) + assert_default_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_bang_with_attr_accessible_attributes + person = TightPerson.create!(nested_attributes_hash(:best_friends, true)) + assert_default_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_bang_with_admin_role_with_attr_protected_attributes + person = LoosePerson.create!(nested_attributes_hash(:best_friends, true), :as => :admin) + assert_admin_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_bang_with_admin_role_with_attr_accessible_attributes + person = TightPerson.create!(nested_attributes_hash(:best_friends, true), :as => :admin) + assert_admin_attributes(person.best_friends.first, true) + end + + def test_has_many_create_with_bang_without_protection + person = LoosePerson.create!(nested_attributes_hash(:best_friends, true, nil), :without_protection => true) + assert_all_attributes(person.best_friends.first) + end + +end -- cgit v1.2.3