b5d09afef5
Public Facing * through either :protected or :accessible8 flags * prevents protected attributes from being set in mass assignment Developer Facing * refactors #initialize and #update_attribute_without_saving to use same private methods to set attributes on ExtendedDocument * adds new mixin to do protection Signed-off-by: Tapajós <tapajos@gmail.com>
94 lines
2.7 KiB
Ruby
94 lines
2.7 KiB
Ruby
require File.expand_path("../../../spec_helper", __FILE__)
|
|
|
|
describe "ExtendedDocument", "no declarations" do
|
|
class NoProtection < CouchRest::ExtendedDocument
|
|
use_database TEST_SERVER.default_database
|
|
property :name
|
|
property :phone
|
|
end
|
|
|
|
it "should not protect anything through new" do
|
|
user = NoProtection.new(:name => "will", :phone => "555-5555")
|
|
|
|
user.name.should == "will"
|
|
user.phone.should == "555-5555"
|
|
end
|
|
|
|
it "should not protect anything through attributes=" do
|
|
user = NoProtection.new
|
|
user.attributes = {:name => "will", :phone => "555-5555"}
|
|
|
|
user.name.should == "will"
|
|
user.phone.should == "555-5555"
|
|
end
|
|
end
|
|
|
|
describe "ExtendedDocument", "accessible flag" do
|
|
class WithAccessible < CouchRest::ExtendedDocument
|
|
use_database TEST_SERVER.default_database
|
|
property :name, :accessible => true
|
|
property :admin, :default => false
|
|
end
|
|
|
|
it "should recognize accessible properties" do
|
|
props = WithAccessible.accessible_properties.map { |prop| prop.name}
|
|
props.should include("name")
|
|
props.should_not include("admin")
|
|
end
|
|
|
|
it "should protect non-accessible properties set through new" do
|
|
user = WithAccessible.new(:name => "will", :admin => true)
|
|
|
|
user.name.should == "will"
|
|
user.admin.should == false
|
|
end
|
|
|
|
it "should protect non-accessible properties set through attributes=" do
|
|
user = WithAccessible.new
|
|
user.attributes = {:name => "will", :admin => true}
|
|
|
|
user.name.should == "will"
|
|
user.admin.should == false
|
|
end
|
|
end
|
|
|
|
describe "ExtendedDocument", "protected flag" do
|
|
class WithProtected < CouchRest::ExtendedDocument
|
|
use_database TEST_SERVER.default_database
|
|
property :name
|
|
property :admin, :default => false, :protected => true
|
|
end
|
|
|
|
it "should recognize protected properties" do
|
|
props = WithProtected.protected_properties.map { |prop| prop.name}
|
|
props.should_not include("name")
|
|
props.should include("admin")
|
|
end
|
|
|
|
it "should protect non-accessible properties set through new" do
|
|
user = WithProtected.new(:name => "will", :admin => true)
|
|
|
|
user.name.should == "will"
|
|
user.admin.should == false
|
|
end
|
|
|
|
it "should protect non-accessible properties set through attributes=" do
|
|
user = WithProtected.new
|
|
user.attributes = {:name => "will", :admin => true}
|
|
|
|
user.name.should == "will"
|
|
user.admin.should == false
|
|
end
|
|
end
|
|
|
|
describe "ExtendedDocument", "protected flag" do
|
|
class WithBoth < CouchRest::ExtendedDocument
|
|
use_database TEST_SERVER.default_database
|
|
property :name, :accessible => true
|
|
property :admin, :default => false, :protected => true
|
|
end
|
|
|
|
it "should raise an error when both are set" do
|
|
lambda { WithBoth.new }.should raise_error
|
|
end
|
|
end
|