Merge remote-tracking branch 'soulcutter/protected_attributes'
This commit is contained in:
Ben Atkins
commit
a91d56cd74
|
|
@ -1,8 +1,7 @@
|
|||
require 'paper_trail/cleaner'
|
||||
require 'paper_trail/config'
|
||||
require 'paper_trail/controller'
|
||||
require 'paper_trail/has_paper_trail'
|
||||
require 'paper_trail/version'
|
||||
require 'paper_trail/cleaner'
|
||||
|
||||
require 'paper_trail/serializers/yaml'
|
||||
require 'paper_trail/serializers/json'
|
||||
|
|
@ -80,6 +79,10 @@ module PaperTrail
|
|||
PaperTrail.config.serializer
|
||||
end
|
||||
|
||||
def self.active_record_protected_attributes?
|
||||
@active_record_protected_attributes ||= ActiveRecord::VERSION::STRING.to_f < 4.0 || defined?(ProtectedAttributes)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# Thread-safe hash to hold PaperTrail's data.
|
||||
|
|
@ -101,6 +104,7 @@ module PaperTrail
|
|||
|
||||
end
|
||||
|
||||
require 'paper_trail/version'
|
||||
|
||||
ActiveSupport.on_load(:active_record) do
|
||||
include PaperTrail::Model
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ module PaperTrail
|
|||
class Version < ActiveRecord::Base
|
||||
belongs_to :item, :polymorphic => true
|
||||
validates_presence_of :event
|
||||
attr_accessible :item_type, :item_id, :event, :whodunnit, :object, :object_changes if respond_to?(:attr_accessible)
|
||||
attr_accessible :item_type, :item_id, :event, :whodunnit, :object, :object_changes if PaperTrail.active_record_protected_attributes?
|
||||
|
||||
after_create :enforce_version_limit!
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ Gem::Specification.new do |s|
|
|||
s.summary = "Track changes to your models' data. Good for auditing or versioning."
|
||||
s.description = s.summary
|
||||
s.homepage = 'http://github.com/airblade/paper_trail'
|
||||
s.authors = ['Andy Stewart']
|
||||
s.authors = ['Andy Stewart', 'Ben Atkins']
|
||||
s.email = 'boss@airbladesoftware.com'
|
||||
|
||||
s.files = `git ls-files`.split("\n")
|
||||
|
|
@ -21,7 +21,7 @@ Gem::Specification.new do |s|
|
|||
s.add_development_dependency 'rake'
|
||||
s.add_development_dependency 'shoulda', '~> 3.5'
|
||||
s.add_development_dependency 'ffaker', '>= 1.15'
|
||||
s.add_development_dependency 'protected_attributes', '~> 1.0' # this may not actually be necessary, if we do a begin/rescue statement
|
||||
|
||||
# JRuby support for the test ENV
|
||||
unless defined?(JRUBY_VERSION)
|
||||
s.add_development_dependency 'sqlite3', '~> 1.2'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
class ProtectedWidget < Widget
|
||||
attr_accessible :name, :a_text if respond_to?(:attr_accessible)
|
||||
attr_accessible :name, :a_text if ::PaperTrail.active_record_protected_attributes?
|
||||
end
|
||||
|
|
|
|||
|
|
@ -4,12 +4,6 @@ require "active_model/railtie"
|
|||
require "active_record/railtie"
|
||||
require "action_controller/railtie"
|
||||
require "action_view/railtie"
|
||||
begin
|
||||
require "protected_attributes" # Rails 4 requirement for using `attr_protected` and `attr_accessible`
|
||||
rescue LoadError
|
||||
warn "Please ensure that the 'protected_attributes' gem is available as a development dependency in `paper_trail.gemspec`, " +
|
||||
"otherwise the test suite may fail!" if ActiveRecord::VERSION::STRING.to_f >= 4.0
|
||||
end
|
||||
|
||||
Bundler.require(:default, Rails.env) if defined?(Bundler)
|
||||
require 'paper_trail'
|
||||
|
|
@ -56,7 +50,7 @@ module Dummy
|
|||
# This will create an empty whitelist of attributes available for mass-assignment for all models
|
||||
# in your app. As such, your models will need to explicitly whitelist or blacklist accessible
|
||||
# parameters by using an attr_accessible or attr_protected declaration.
|
||||
config.active_record.whitelist_attributes = false
|
||||
config.active_record.whitelist_attributes = false if ::PaperTrail.active_record_protected_attributes?
|
||||
|
||||
# Enable the asset pipeline
|
||||
config.assets.enabled = false
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ Dummy::Application.configure do
|
|||
config.action_dispatch.best_standards_support = :builtin
|
||||
|
||||
# Raise exception on mass assignment protection for Active Record models
|
||||
config.active_record.mass_assignment_sanitizer = :strict
|
||||
config.active_record.mass_assignment_sanitizer = :strict if ::PaperTrail.active_record_protected_attributes?
|
||||
|
||||
# Log the query plan for queries taking more than this (works
|
||||
# with SQLite, MySQL, and PostgreSQL)
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ Dummy::Application.configure do
|
|||
# config.action_mailer.delivery_method = :test
|
||||
|
||||
# Raise exception on mass assignment protection for Active Record models
|
||||
config.active_record.mass_assignment_sanitizer = :strict
|
||||
config.active_record.mass_assignment_sanitizer = :strict if ::PaperTrail.active_record_protected_attributes?
|
||||
|
||||
# Print deprecation notices to the stderr
|
||||
config.active_support.deprecation = :stderr
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
module PaperTrail
|
||||
class Version < ActiveRecord::Base
|
||||
attr_accessible :created_at, :updated_at, :answer, :action, :question, :article_id, :ip, :user_agent, :title if respond_to?(:attr_accessible)
|
||||
attr_accessible :created_at, :updated_at, :answer, :action, :question, :article_id, :ip, :user_agent, :title if ::PaperTrail.active_record_protected_attributes?
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue