Clean up protections with regards to method_missing in AR circumventing denied methods

lib/draper/base.rb

@@ -4,7 +4,7 @@ module Draper
     class_attribute :denied, :allowed, :model_class
     attr_accessor :model
     
-    DEFAULT_DENIED = Object.new.methods
+    DEFAULT_DENIED = Object.new.methods << :method_missing
     FORCED_PROXY = [:to_param]
     self.denied = DEFAULT_DENIED
 

spec/base_spec.rb

@@ -19,9 +19,11 @@ describe Draper::Base do
   end
     
   context("selecting methods") do
-    it "echos the methods of the wrapped class" do
+    it "echos the methods of the wrapped class except default exclusions" do
       source.methods.each do |method|
-        subject.should respond_to(method)
+        unless Draper::Base::DEFAULT_DENIED.include?(method)
+          subject.should respond_to(method)
+        end
       end
     end
     
@@ -74,19 +76,24 @@ describe Draper::Base do
     end
   end
     
-  describe "a sample usage with denies" do
-    before(:all) do
-    end
-    
+  describe "a sample usage with denies" do    
     let(:subject_with_denies){ DecoratorWithDenies.new(source) }
     
+    it "should proxy methods not listed in denies" do
+      subject_with_denies.should respond_to(:hello_world)
+    end
+    
     it "should not echo methods specified with denies" do
-      subject_with_denies.should_not respond_to(:upcase)
+      subject_with_denies.should_not respond_to(:goodnight_moon)
     end
 
     it "should not clobber other decorators' methods" do
       subject.should respond_to(:hello_world)
     end    
+    
+    it "should not allow method_missing to circumvent a deny" do
+      expect{subject_with_denies.title}.to raise_error(NoMethodError)
+    end    
   end
   
   describe "a sample usage with allows" do
@@ -116,15 +123,15 @@ describe Draper::Base do
     
     let(:using_allows_then_denies){
       class DecoratorWithAllowsAndDenies < Draper::Base  
-        allows :upcase
-        denies :downcase
+        allows :hello_world
+        denies :goodnight_moon
       end
     }    
     
     let(:using_denies_then_allows){
       class DecoratorWithDeniesAndAllows < Draper::Base  
-        denies :downcase
-        allows :upcase        
+        denies :goodnight_moon
+        allows :hello_world        
       end
     }
 
@@ -163,9 +170,5 @@ describe Draper::Base do
     it "should be able to use the pluralize helper" do
       decorator.sample_truncate.should == "Once..."
     end
-    
-    it "should nullify method_missing to prevent AR from being cute" do
-      pending("How to test this without AR? Ugh.")
-    end
   end
 end

spec/samples/active_record.rb

@@ -0,0 +1,7 @@
+module ActiveRecord
+  class Base
+    def method_missing(name, *args)
+      name
+    end
+  end
+end

spec/samples/decorator_with_denies.rb

@@ -1,3 +1,3 @@
 class DecoratorWithDenies < Draper::Base  
-  denies :upcase
+  denies :goodnight_moon, :title
 end

spec/samples/product.rb

@@ -0,0 +1,21 @@
+class Product < ActiveRecord::Base
+  def self.find(id)
+    return Product.new
+  end
+  
+  def hello_world
+    "Hello, World"
+  end
+  
+  def goodnight_moon
+    "Goodnight, Moon"
+  end
+  
+  def title
+    "Sample Title"
+  end
+  
+  def block
+    yield
+  end
+end

spec/samples/product_decorator.rb

@@ -1,17 +1,3 @@
-class Product
-  def self.find(id)
-    return Product.new
-  end
-  
-  def hello_world
-    "Hello, World"
-  end
-  
-  def block
-    yield
-  end
-end
-
 class ProductDecorator < Draper::Base
   decorates :product
 end