Replace attr_accessible with strong parameters
This commit is contained in:
Tom Hughes
parent
3875882172
commit
f0feca800d
28 changed files with 73 additions and 75 deletions
|
|
@ -17,12 +17,12 @@ class UserBlocksTest < ActionController::IntegrationTest
|
|||
assert_response :success
|
||||
|
||||
# now block the user
|
||||
UserBlock.create({
|
||||
UserBlock.create(
|
||||
:user_id => blocked_user.id,
|
||||
:creator_id => users(:moderator_user).id,
|
||||
:reason => "testing",
|
||||
:ends_at => Time.now.getutc + 5.minutes
|
||||
}, :without_protection => true)
|
||||
)
|
||||
get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test")
|
||||
assert_response :forbidden
|
||||
end
|
||||
|
|
@ -31,12 +31,12 @@ class UserBlocksTest < ActionController::IntegrationTest
|
|||
blocked_user = users(:public_user)
|
||||
moderator = users(:moderator_user)
|
||||
|
||||
block = UserBlock.create({
|
||||
block = UserBlock.create(
|
||||
:user_id => blocked_user.id,
|
||||
:creator_id => moderator.id,
|
||||
:reason => "testing",
|
||||
:ends_at => Time.now.getutc + 5.minutes
|
||||
}, :without_protection => true)
|
||||
)
|
||||
get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test")
|
||||
assert_response :forbidden
|
||||
|
||||
|
|
|
|||
|
|
@ -44,8 +44,8 @@ class DiaryEntryTest < ActiveSupport::TestCase
|
|||
private
|
||||
|
||||
def diary_entry_valid(attrs, result = true)
|
||||
entry = DiaryEntry.new(diary_entries(:normal_user_entry_1).attributes, :without_protection => true)
|
||||
entry.assign_attributes(attrs, :without_protection => true)
|
||||
entry = DiaryEntry.new(diary_entries(:normal_user_entry_1).attributes)
|
||||
entry.assign_attributes(attrs)
|
||||
assert_equal result, entry.valid?, "Expected #{attrs.inspect} to be #{result}"
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -77,13 +77,13 @@ class NodeTest < ActiveSupport::TestCase
|
|||
|
||||
# Check that you can create a node and store it
|
||||
def test_create
|
||||
node_template = Node.new({
|
||||
node_template = Node.new(
|
||||
:latitude => 12.3456,
|
||||
:longitude => 65.4321,
|
||||
:changeset_id => changesets(:normal_user_first_change).id,
|
||||
:visible => 1,
|
||||
:version => 1
|
||||
}, :without_protection => true)
|
||||
)
|
||||
assert node_template.create_with_history(users(:normal_user))
|
||||
|
||||
node = Node.find(node_template.id)
|
||||
|
|
|
|||
|
|
@ -15,9 +15,7 @@ class OauthTokenTest < ActiveSupport::TestCase
|
|||
##
|
||||
# check that an authorized token is authorised and can be invalidated
|
||||
def test_token_authorisation
|
||||
tok = RequestToken.create({
|
||||
:client_application => client_applications(:oauth_web_app)
|
||||
}, :without_protection => true)
|
||||
tok = RequestToken.create(:client_application => client_applications(:oauth_web_app))
|
||||
assert_equal false, tok.authorized?, "Token should be created unauthorised."
|
||||
tok.authorize!(users(:public_user))
|
||||
assert_equal true, tok.authorized?, "Token should now be authorised."
|
||||
|
|
|
|||
|
|
@ -84,8 +84,8 @@ private
|
|||
end
|
||||
|
||||
def trace_valid(attrs, result = true)
|
||||
entry = Trace.new(gpx_files(:public_trace_file).attributes, :without_protection => true)
|
||||
entry.assign_attributes(attrs, :without_protection => true)
|
||||
entry = Trace.new(gpx_files(:public_trace_file).attributes)
|
||||
entry.assign_attributes(attrs)
|
||||
assert_equal result, entry.valid?, "Expected #{attrs.inspect} to be #{result}"
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -24,8 +24,8 @@ class TracetagTest < ActiveSupport::TestCase
|
|||
private
|
||||
|
||||
def tracetag_valid(attrs, result = true)
|
||||
entry = Tracetag.new(gpx_file_tags(:first_trace_1).attributes, :without_protection => true)
|
||||
entry.assign_attributes(attrs, :without_protection => true)
|
||||
entry = Tracetag.new(gpx_file_tags(:first_trace_1).attributes)
|
||||
entry.assign_attributes(attrs)
|
||||
assert_equal result, entry.valid?, "Expected #{attrs.inspect} to be #{result}"
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -18,27 +18,27 @@ class UserTest < ActiveSupport::TestCase
|
|||
end
|
||||
|
||||
def test_unique_email
|
||||
new_user = User.new({
|
||||
new_user = User.new(
|
||||
:email => users(:normal_user).email,
|
||||
:status => "active",
|
||||
:pass_crypt => Digest::MD5.hexdigest('test'),
|
||||
:display_name => "new user",
|
||||
:data_public => 1,
|
||||
:description => "desc"
|
||||
}, :without_protection => true)
|
||||
)
|
||||
assert !new_user.save
|
||||
assert new_user.errors[:email].include?("has already been taken")
|
||||
end
|
||||
|
||||
def test_unique_display_name
|
||||
new_user = User.new({
|
||||
new_user = User.new(
|
||||
:email => "tester@openstreetmap.org",
|
||||
:status => "pending",
|
||||
:pass_crypt => Digest::MD5.hexdigest('test'),
|
||||
:display_name => users(:normal_user).display_name,
|
||||
:data_public => 1,
|
||||
:description => "desc"
|
||||
}, :without_protection => true)
|
||||
)
|
||||
assert !new_user.save
|
||||
assert new_user.errors[:display_name].include?("has already been taken")
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue