Naoto Takai
80a2c9e5db
Improve logging of ActiveModel::MassAssignmentSecurity::Sanitizer
2012-05-17 06:55:41 +09:00
José Valim
eb8f0ddb67
Revert "AM::MassAssingmentSecurity: improve performance"
...
It introduces backwards incompatible changes in the API.
This reverts commit 7d1379ffdb
2012-03-15 18:41:54 +01:00
Bogdan Gusiev
7d1379ffdb
AM::MassAssingmentSecurity: improve performance
2012-03-14 14:11:52 +02:00
Fabio Yamate
d204918f91
Fix sanitize_for_mass_assigment when role is nil
...
There is an example in Rails documentation that suggests implementing
assign_attributes method for ActiveModel interface, that by default
sends option role with nil. Since mass_assignment_authorizer never
is called without args, we can move the default value internally.
2012-02-15 11:13:54 -02:00
Alexander Uvarov
528f405cdc
Allow to specify mass-assignment roles as array
2011-06-23 12:56:39 +06:00
Bogdan Gusiev
c7567c9a6d
MassAssignmentSecurity: add ability to specify your own sanitizer
...
Added an ability to specify your own behavior on mass assingment
protection, controlled by option:
ActiveModel::MassAssignmentSecurity.mass_assignment_sanitizer
2011-05-26 15:58:43 +03:00
Josh Kalderimis
b2451f4a7f
renamed mass-assignment scopes to roles, updated code, tests, docs and security guide
2011-05-08 16:43:29 +02:00
Josh Kalderimis
1054ebd613
AM mass assignment security attr_accessible and attr_protected now allow for scopes using :as => scope eg.
...
attr_accessible :name
attr_accessible :name, :admin, :as => :admin
2011-04-24 09:53:18 +02:00
Xavier Noria
fb6b805620
code gardening: we have assert_(nil|blank|present), more concise, with better default failure messages - let's use them
2010-08-17 03:32:11 +02:00
Santiago Pastorino
16c14f7465
Avoid interpreted as grouped expression warnings
2010-07-11 02:55:38 -03:00
Josh Kalderimis
4b66aab00f
mass_assignment_security moved from AR to AMo, and minor test cleanup
...
Signed-off-by: José Valim <jose.valim@gmail.com>
2010-07-08 18:28:45 +02:00
