| describe "GET current" do | |
| before do | |
| @request.cookies['hidden_notices'] = "1,#{notices(:permanent).id}" | |
| get :current, :format => 'js' | |
| end | |
| it { should respond_with(:success) } | |
| it { should set_cookie(:hidden_notices).to("#{notices(:permanent).id}") } | |
| it { should render_template('notices/current') } | |
| end |
| var express = require('express'); | |
| var app = express.createServer(); | |
| app.configure(function () { | |
| app.use(app.router); | |
| }); | |
| app.set('views', __dirname + '/views'); | |
| app.set('view engine', 'html'); | |
| app.register('.html', require('eco')); |
| /* The API controller | |
| Exports 3 methods: | |
| * post - Creates a new thread | |
| * list - Returns a list of threads | |
| * show - Displays a thread and its posts | |
| */ | |
| var Thread = require('../models/thread.js'); | |
| var Post = require('../models/post.js'); |
| class Api::RegistrationsController < Api::BaseController | |
| respond_to :json | |
| def create | |
| user = User.new(params[:user]) | |
| if user.save | |
| render :json=> user.as_json(:auth_token=>user.authentication_token, :email=>user.email), :status=>201 | |
| return | |
| else |
| var OUTPUT_JS_FILENAME = '../media/partner/js/widgets.js' | |
| var OUTPUT_CSS_FILENAME = '../media/partner/css/widgets.css' | |
| var OUTPUT_HTML_PATH = 'templates' | |
| var fs = require('fs') | |
| var jade = require('jade') | |
| var stylus = require('stylus'); | |
| var cs = require('coffee-script'); | |
| var watch = require('watch'); |
| %%% xmltest.erl | |
| %%% | |
| %%% @author Hank Wang <[email protected]> | |
| %%% | |
| %%% @doc simple sample to parse XML by xmerl | |
| %%% | |
| -module(xmltest). | |
| -include_lib("xmerl/include/xmerl.hrl"). |
| # in spec/support/omniauth_macros.rb | |
| module OmniauthMacros | |
| def mock_auth_hash | |
| # The mock_auth configuration allows you to set per-provider (or default) | |
| # authentication hashes to return during integration testing. | |
| OmniAuth.config.mock_auth[:twitter] = { | |
| 'provider' => 'twitter', | |
| 'uid' => '123545', | |
| 'user_info' => { | |
| 'name' => 'mockuser', |
| var application_root = __dirname, | |
| express = require("express"), | |
| path = require("path"), | |
| mongoose = require('mongoose'); | |
| var app = express.createServer(); | |
| // database | |
| mongoose.connect('mongodb://localhost/ecomm_database'); |
For a while, I have felt that the following is the correct way to improve the mass assignment problem without increasing the burden on new users. Now that the problem with the Rails default has been brought up again, it's a good time to revisit it.
When creating a form with form_for, include a signed token including all of the fields that were created at form creation time. Only these fields are allowed.
To allow new known fields to be added via JS, we could add:
| class ActionDispatch::Routing::Mapper | |
| def draw(routes_name) | |
| instance_eval(File.read(Rails.root.join("config/routes/#{routes_name}.rb"))) | |
| end | |
| end | |
| BCX::Application.routes.draw do | |
| draw :api | |
| draw :account | |
| draw :session |
