class ForbiddenAttributesProtectionTest

Public Instance Methods

test_blank_attributes_should_not_raise() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 85
def test_blank_attributes_should_not_raise
  person = Person.new
  assert_nil person.assign_attributes(ProtectedParams.new({}))
end
test_create_with_checks_permitted() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 90
def test_create_with_checks_permitted
  params = ProtectedParams.new(first_name: "Guille", gender: "m")

  assert_raises(ActiveModel::ForbiddenAttributesError) do
    Person.create_with(params).create!
  end
end
test_create_with_works_with_params_values() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 105
def test_create_with_works_with_params_values
  params = ProtectedParams.new(first_name: "Guille")

  person = Person.create_with(first_name: params[:first_name]).create!
  assert_equal "Guille", person.first_name
end
test_create_with_works_with_permitted_params() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 98
def test_create_with_works_with_permitted_params
  params = ProtectedParams.new(first_name: "Guille").permit!

  person = Person.create_with(params).create!
  assert_equal "Guille", person.first_name
end
test_forbidden_attributes_cannot_be_used_for_mass_assignment() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 48
def test_forbidden_attributes_cannot_be_used_for_mass_assignment
  params = ProtectedParams.new(first_name: "Guille", gender: "m")
  assert_raises(ActiveModel::ForbiddenAttributesError) do
    Person.new(params)
  end
end
test_forbidden_attributes_cannot_be_used_for_sti_inheritance_column() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 64
def test_forbidden_attributes_cannot_be_used_for_sti_inheritance_column
  params = ProtectedParams.new(type: "Client")
  assert_raises(ActiveModel::ForbiddenAttributesError) do
    Company.new(params)
  end
end
test_permitted_attributes_can_be_used_for_mass_assignment() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 55
def test_permitted_attributes_can_be_used_for_mass_assignment
  params = ProtectedParams.new(first_name: "Guille", gender: "m")
  params.permit!
  person = Person.new(params)

  assert_equal "Guille", person.first_name
  assert_equal "m", person.gender
end
test_permitted_attributes_can_be_used_for_sti_inheritance_column() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 71
def test_permitted_attributes_can_be_used_for_sti_inheritance_column
  params = ProtectedParams.new(type: "Client")
  params.permit!
  person = Company.new(params)
  assert_equal person.class, Client
end
test_regular_hash_should_still_be_used_for_mass_assignment() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 78
def test_regular_hash_should_still_be_used_for_mass_assignment
  person = Person.new(first_name: "Guille", gender: "m")

  assert_equal "Guille", person.first_name
  assert_equal "m", person.gender
end
test_strong_params_style_objects_work_with_collection_associations() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 156
def test_strong_params_style_objects_work_with_collection_associations
  params = ProtectedParams.new(
    trinkets_attributes: ProtectedParams.new(
      "0" => ProtectedParams.new(name: "Necklace").permit!,
      "1" => ProtectedParams.new(name: "Spoon").permit!)).permit!
  part = ShipPart.new(params)

  assert_equal "Necklace", part.trinkets[0].name
  assert_equal "Spoon", part.trinkets[1].name
end
test_strong_params_style_objects_work_with_singular_associations() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 148
def test_strong_params_style_objects_work_with_singular_associations
  params = ProtectedParams.new(name: "Stern", ship_attributes: ProtectedParams.new(name: "The Black Rock").permit!).permit!
  part = ShipPart.new(params)

  assert_equal "Stern", part.name
  assert_equal "The Black Rock", part.ship.name
end
test_where_checks_permitted() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 112
def test_where_checks_permitted
  params = ProtectedParams.new(first_name: "Guille", gender: "m")

  assert_raises(ActiveModel::ForbiddenAttributesError) do
    Person.where(params).create!
  end
end
test_where_not_checks_permitted() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 134
def test_where_not_checks_permitted
  params = ProtectedParams.new(first_name: "Guille", gender: "m")

  assert_raises(ActiveModel::ForbiddenAttributesError) do
    Person.where().not(params)
  end
end
test_where_not_works_with_permitted_params() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 142
def test_where_not_works_with_permitted_params
  params = ProtectedParams.new(first_name: "Guille").permit!
  Person.create!(params)
  assert_empty Person.where.not(params).select { |p| p.first_name == "Guille" }
end
test_where_works_with_params_values() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 127
def test_where_works_with_params_values
  params = ProtectedParams.new(first_name: "Guille")

  person = Person.where(first_name: params[:first_name]).create!
  assert_equal "Guille", person.first_name
end
test_where_works_with_permitted_params() click to toggle source
# File activerecord/test/cases/forbidden_attributes_protection_test.rb, line 120
def test_where_works_with_permitted_params
  params = ProtectedParams.new(first_name: "Guille").permit!

  person = Person.where(params).create!
  assert_equal "Guille", person.first_name
end