1
require File.join(File.dirname(File.expand_path(__FILE__)), "spec_helper")
3
describe Sequel::Model, "#(set|update)_except" do
5
@c = Class.new(Sequel::Model(:items))
7
plugin :blacklist_security
9
columns :x, :y, :z, :id
10
set_restricted_columns :y
12
@c.strict_param_setting = false
17
it "should raise errors if not all hash fields can be set and strict_param_setting is true" do
18
@c.strict_param_setting = true
19
proc{@c.new.set_except({:x => 1, :y => 2, :z=>3, :id=>4}, :x, :y)}.should raise_error(Sequel::Error)
20
proc{@c.new.set_except({:x => 1, :y => 2, :z=>3}, :x, :y)}.should raise_error(Sequel::Error)
21
(o = @c.new).set_except({:z => 3}, :x, :y)
22
o.values.should == {:z=>3}
25
it "#set_except should not set given attributes or the primary key" do
26
@o1.set_except({:x => 1, :y => 2, :z=>3, :id=>4}, [:y, :z])
27
@o1.values.should == {:x => 1}
28
@o1.set_except({:x => 4, :y => 2, :z=>3, :id=>4}, :y, :z)
29
@o1.values.should == {:x => 4}
32
it "#update_except should not update given attributes" do
33
@o1.update_except({:x => 1, :y => 2, :z=>3, :id=>4}, [:y, :z])
34
DB.sqls.should == ["INSERT INTO items (x) VALUES (1)", "SELECT * FROM items WHERE (id = 10) LIMIT 1"]
35
@c.new.update_except({:x => 1, :y => 2, :z=>3, :id=>4}, :y, :z)
36
DB.sqls.should == ["INSERT INTO items (x) VALUES (1)", "SELECT * FROM items WHERE (id = 10) LIMIT 1"]
40
describe Sequel::Model, ".restricted_columns " do
42
@c = Class.new(Sequel::Model(:blahblah))
44
plugin :blacklist_security
47
@c.strict_param_setting = false
48
@c.instance_variable_set(:@columns, [:x, :y, :z])
51
it "should set the restricted columns correctly" do
52
@c.restricted_columns.should == nil
53
@c.set_restricted_columns :x
54
@c.restricted_columns.should == [:x]
55
@c.set_restricted_columns :x, :y
56
@c.restricted_columns.should == [:x, :y]
59
it "should not set restricted columns by default" do
60
@c.set_restricted_columns :z
61
i = @c.new(:x => 1, :y => 2, :z => 3)
62
i.values.should == {:x => 1, :y => 2}
63
i.set(:x => 4, :y => 5, :z => 6)
64
i.values.should == {:x => 4, :y => 5}
66
@c.instance_dataset._fetch = @c.dataset._fetch = {:x => 7}
68
i.update(:x => 7, :z => 9)
69
i.values.should == {:x => 7}
70
DB.sqls.should == ["INSERT INTO blahblah (x) VALUES (7)", "SELECT * FROM blahblah WHERE (id = 10) LIMIT 1"]
73
it "should have allowed take precedence over restricted" do
74
@c.set_allowed_columns :x, :y
75
@c.set_restricted_columns :y, :z
76
i = @c.new(:x => 1, :y => 2, :z => 3)
77
i.values.should == {:x => 1, :y => 2}
78
i.set(:x => 4, :y => 5, :z => 6)
79
i.values.should == {:x => 4, :y => 5}
81
@c.instance_dataset._fetch = @c.dataset._fetch = {:y => 7}
83
i.update(:y => 7, :z => 9)
84
i.values.should == {:y => 7}
85
DB.sqls.should == ["INSERT INTO blahblah (y) VALUES (7)", "SELECT * FROM blahblah WHERE (id = 10) LIMIT 1"]