1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

added failing tests for has_many, has_one and belongs_to associations with strict mass assignment sanitizer, fixed build_record to not merge creation_attributes, removed failing nested attributes tests (that feature was broken anyway) #4051

This commit is contained in:
Jakub Kuźma 2011-12-21 15:28:24 +01:00
parent 618cb44291
commit 1ad0a5363b
4 changed files with 66 additions and 13 deletions

View file

@ -230,13 +230,8 @@ module ActiveRecord
end
def build_record(attributes, options)
attributes = (attributes || {}).reverse_merge(creation_attributes)
reflection.build_association(attributes, options) do |record|
record.assign_attributes(
create_scope.except(*record.changed),
:without_protection => true
)
record.assign_attributes(create_scope.except(*record.changed), :without_protection => true)
end
end
end

View file

@ -50,6 +50,13 @@ module MassAssignmentTestHelpers
assert_equal 'm', person.gender
assert_equal 'rides a sweet bike', person.comments
end
def with_strict_sanitizer
ActiveRecord::Base.mass_assignment_sanitizer = :strict
yield
ensure
ActiveRecord::Base.mass_assignment_sanitizer = :logger
end
end
module MassAssignmentRelationTestHelpers
@ -323,6 +330,13 @@ class MassAssignmentSecurityHasOneRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_has_one_build_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.build_best_friend(attributes_hash.except(:id, :comments))
assert_equal @person.id, best_friend.best_friend_id
end
end
# create
def test_has_one_create_with_attr_protected_attributes
@ -350,6 +364,13 @@ class MassAssignmentSecurityHasOneRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_has_one_create_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.create_best_friend(attributes_hash.except(:id, :comments))
assert_equal @person.id, best_friend.best_friend_id
end
end
# create!
def test_has_one_create_with_bang_with_attr_protected_attributes
@ -377,6 +398,13 @@ class MassAssignmentSecurityHasOneRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_has_one_create_with_bang_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.create_best_friend!(attributes_hash.except(:id, :comments))
assert_equal @person.id, best_friend.best_friend_id
end
end
end
@ -438,6 +466,13 @@ class MassAssignmentSecurityBelongsToRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_belongs_to_create_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.create_best_friend_of(attributes_hash.except(:id, :comments))
assert_equal best_friend.id, @person.best_friend_of_id
end
end
# create!
def test_belongs_to_create_with_bang_with_attr_protected_attributes
@ -465,6 +500,13 @@ class MassAssignmentSecurityBelongsToRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_belongs_to_create_with_bang_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.create_best_friend_of!(attributes_hash.except(:id, :comments))
assert_equal best_friend.id, @person.best_friend_of_id
end
end
end
@ -499,6 +541,13 @@ class MassAssignmentSecurityHasManyRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_has_many_build_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.best_friends.build(attributes_hash.except(:id, :comments))
assert_equal @person.id, best_friend.best_friend_id
end
end
# create
def test_has_many_create_with_attr_protected_attributes
@ -526,6 +575,13 @@ class MassAssignmentSecurityHasManyRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_has_many_create_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.best_friends.create(attributes_hash.except(:id, :comments))
assert_equal @person.id, best_friend.best_friend_id
end
end
# create!
def test_has_many_create_with_bang_with_attr_protected_attributes
@ -553,6 +609,13 @@ class MassAssignmentSecurityHasManyRelationsTest < ActiveRecord::TestCase
assert_all_attributes(best_friend)
end
def test_has_many_create_with_bang_with_strict_sanitizer
with_strict_sanitizer do
best_friend = @person.best_friends.create!(attributes_hash.except(:id, :comments))
assert_equal @person.id, best_friend.best_friend_id
end
end
end

View file

@ -617,11 +617,6 @@ module NestedAttributesOnACollectionAssociationTests
assert_equal ['Grace OMalley', 'Privateers Greed'], [@child_1.name, @child_2.name]
end
def test_should_take_a_hash_with_owner_attributes_and_assign_the_attributes_to_the_associated_model
@pirate.birds.create :name => 'bird', :pirate_attributes => {:id => @pirate.id.to_s, :catchphrase => 'Holla!'}
assert_equal 'Holla!', @pirate.reload.catchphrase
end
def test_should_raise_RecordNotFound_if_an_id_is_given_but_doesnt_return_a_record
assert_raise_with_message ActiveRecord::RecordNotFound, "Couldn't find #{@child_1.class.name} with ID=1234567890 for Pirate with ID=#{@pirate.id}" do
@pirate.attributes = { association_getter => [{ :id => 1234567890 }] }

View file

@ -54,7 +54,7 @@ class LoosePerson < ActiveRecord::Base
self.table_name = 'people'
self.abstract_class = true
attr_protected :comments
attr_protected :comments, :best_friend_id, :best_friend_of_id
attr_protected :as => :admin
has_one :best_friend, :class_name => 'LoosePerson', :foreign_key => :best_friend_id