stevehodgkiss · January 11, 2010 00:19
diff --git a/clearance_param_filtering.rb b/clearance_param_filtering.rb
 # attr_accessible functionality
 Clearance::UsersController.class_eval do
  alias_method :clearance_create, :create
  def create
    @valid_attributes = ["email", "password", "password_confirmation"]
    params[:user].reject! do |key, value|
      !@valid_attributes.include? key
    end
    clearance_create
  end
 end
diff --git a/env.rb b/env.rb
 # ...
 Before do
  Dir[File.join(Rails.root, 'app/models/**/*.rb')].each do |model_path|
    klass = File.basename(model_path, '.rb').classify.constantize
    klass.collection.remove if klass.respond_to?(:collection)
  end
 end
diff --git a/test_helper.rb b/test_helper.rb
 # ...
 class Test::Unit::TestCase
  include Webrat::Matchers
  include RR::Adapters::TestUnit
 end

 class ActiveSupport::TestCase
  def setup
    clear_all_collections
  end

  def clear_all_collections
    Dir[File.join(Rails.root, 'app/models/**/*.rb')].each do |model_path|
      klass = File.basename(model_path, '.rb').classify.constantize
      klass.collection.remove if klass.respond_to?(:collection)
    end
  end
 end
diff --git a/user.rb b/user.rb
 class User
  include MongoMapper::Document

  key :email, String
  key :encrypted_password, String, :limit => 128
  key :salt, String, :limit => 128
  key :confirmation_token, String, :limit => 128
  key :remember_token, String, :limit => 128
  key :email_confirmed, Boolean, :default => false, :null => false

  # hack, mongo_mapper doesn't have attr_accessible
  def self.attr_accessible(*param);end

  include Clearance::User

 end
diff --git a/users_controller_test.rb b/users_controller_test.rb
 require 'test_helper'

 class UsersControllerTest < ActionController::TestCase
  tests Clearance::UsersController

  context "controlling mass assignment on the controller level" do

    setup do
      @protected = {:encrypted_password => "test",
                     :salt => "test",
                     :confirmation_token => "test",
                     :remember_token => "test",
                     :email_confirmed => "test"}
      @valid = {:email => "[email protected]",
                :password => "secret",
                :password_confirmation => "secret"}
      begin
        stub(ClearanceMailer).deliver_confirmation.with_any_args {true}
      rescue ArgumentError
        # why does this get thrown the first time I stub out the mailer
      end

      stub(ClearanceMailer).deliver_confirmation.with_any_args {true}
    end 

    context "on POST to :create with valid params" do
      setup do
        post :create, :user => {:email => "[email protected]",
             :password => "secret",
             :password_confirmation => "secret"}
      end

      should_change 'User.count', :by => 1
      should_redirect_to_url_after_create
    end
    [:encrypted_password, :salt, :confirmation_token,
     :remember_token, :email_confirmed].each do |key|
      context "on POST to :create with invalid params #{key}" do
        setup do
          @valid[key.to_sym] = @protected[key]
          post :create, :user => @valid
        end

        should "not allow assignment of #{key}" do
          assert_not_equal @protected[key], User.first.send(key)
        end
      end
    end
  end
 end
	# attr_accessible functionality
	Clearance::UsersController.class_eval do
	alias_method :clearance_create, :create
	def create
	@valid_attributes = ["email", "password", "password_confirmation"]
	params[:user].reject! do \|key, value\|
	!@valid_attributes.include? key
	end
	clearance_create
	end
	end
	# ...
	Before do
	Dir[File.join(Rails.root, 'app/models/*/.rb')].each do \|model_path\|
	klass = File.basename(model_path, '.rb').classify.constantize
	klass.collection.remove if klass.respond_to?(:collection)
	end
	end
	# ...
	class Test::Unit::TestCase
	include Webrat::Matchers
	include RR::Adapters::TestUnit
	end

	class ActiveSupport::TestCase
	def setup
	clear_all_collections
	end

	def clear_all_collections
	Dir[File.join(Rails.root, 'app/models/*/.rb')].each do \|model_path\|
	klass = File.basename(model_path, '.rb').classify.constantize
	klass.collection.remove if klass.respond_to?(:collection)
	end
	end
	end
	class User
	include MongoMapper::Document

	key :email, String
	key :encrypted_password, String, :limit => 128
	key :salt, String, :limit => 128
	key :confirmation_token, String, :limit => 128
	key :remember_token, String, :limit => 128
	key :email_confirmed, Boolean, :default => false, :null => false

	# hack, mongo_mapper doesn't have attr_accessible
	def self.attr_accessible(*param);end

	include Clearance::User

	end
	require 'test_helper'

	class UsersControllerTest < ActionController::TestCase
	tests Clearance::UsersController

	context "controlling mass assignment on the controller level" do

	setup do
	@protected = {:encrypted_password => "test",
	:salt => "test",
	:confirmation_token => "test",
	:remember_token => "test",
	:email_confirmed => "test"}
	@valid = {:email => "[email protected]",
	:password => "secret",
	:password_confirmation => "secret"}
	begin
	stub(ClearanceMailer).deliver_confirmation.with_any_args {true}
	rescue ArgumentError
	# why does this get thrown the first time I stub out the mailer
	end

	stub(ClearanceMailer).deliver_confirmation.with_any_args {true}
	end

	context "on POST to :create with valid params" do
	setup do
	post :create, :user => {:email => "[email protected]",
	:password => "secret",
	:password_confirmation => "secret"}
	end

	should_change 'User.count', :by => 1
	should_redirect_to_url_after_create
	end
	[:encrypted_password, :salt, :confirmation_token,
	:remember_token, :email_confirmed].each do \|key\|
	context "on POST to :create with invalid params #{key}" do
	setup do
	@valid[key.to_sym] = @protected[key]
	post :create, :user => @valid
	end

	should "not allow assignment of #{key}" do
	assert_not_equal @protected[key], User.first.send(key)
	end
	end
	end
	end
	end