From 3b2aac1be43326529e063b8f924c2066f4e50c4f Mon Sep 17 00:00:00 2001 From: Asang Dani Date: Mon, 6 Apr 2015 07:21:01 +0530 Subject: [PATCH] Fixed the code to work with Rails 4.2 and Strong Parameters --- questionnaire-after/Gemfile | 6 +- questionnaire-after/Gemfile.lock | 199 ++++++++++-------- .../app/assets/javascripts/surveys.js.coffee | 2 +- .../app/controllers/surveys_controller.rb | 12 +- questionnaire-after/app/models/answer.rb | 1 - questionnaire-after/app/models/question.rb | 1 - questionnaire-after/app/models/survey.rb | 1 - questionnaire-after/config/application.rb | 2 +- .../config/environments/development.rb | 4 +- .../config/environments/test.rb | 2 +- questionnaire-after/db/schema.rb | 22 +- 11 files changed, 139 insertions(+), 113 deletions(-) diff --git a/questionnaire-after/Gemfile b/questionnaire-after/Gemfile index ab4e34b..b9a7bcc 100644 --- a/questionnaire-after/Gemfile +++ b/questionnaire-after/Gemfile @@ -1,6 +1,6 @@ source 'https://rubygems.org' -gem 'rails', '3.2.3' +gem 'rails', '~> 4.2.1' # Bundle edge Rails instead: # gem 'rails', :git => 'git://github.com/rails/rails.git' @@ -11,8 +11,8 @@ gem 'sqlite3' # Gems used only for assets and not required # in production environments by default. group :assets do - gem 'sass-rails', '~> 3.2.3' - gem 'coffee-rails', '~> 3.2.1' + gem 'sass-rails' + gem 'coffee-rails' # See https://github.com/sstephenson/execjs#readme for more supported runtimes # gem 'therubyracer', :platform => :ruby diff --git a/questionnaire-after/Gemfile.lock b/questionnaire-after/Gemfile.lock index bb9dac2..110df1f 100644 --- a/questionnaire-after/Gemfile.lock +++ b/questionnaire-after/Gemfile.lock @@ -1,111 +1,132 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (3.2.3) - actionpack (= 3.2.3) - mail (~> 2.4.4) - actionpack (3.2.3) - activemodel (= 3.2.3) - activesupport (= 3.2.3) - builder (~> 3.0.0) + actionmailer (4.2.1) + actionpack (= 4.2.1) + actionview (= 4.2.1) + activejob (= 4.2.1) + mail (~> 2.5, >= 2.5.4) + rails-dom-testing (~> 1.0, >= 1.0.5) + actionpack (4.2.1) + actionview (= 4.2.1) + activesupport (= 4.2.1) + rack (~> 1.6) + rack-test (~> 0.6.2) + rails-dom-testing (~> 1.0, >= 1.0.5) + rails-html-sanitizer (~> 1.0, >= 1.0.1) + actionview (4.2.1) + activesupport (= 4.2.1) + builder (~> 3.1) erubis (~> 2.7.0) - journey (~> 1.0.1) - rack (~> 1.4.0) - rack-cache (~> 1.2) - rack-test (~> 0.6.1) - sprockets (~> 2.1.2) - activemodel (3.2.3) - activesupport (= 3.2.3) - builder (~> 3.0.0) - activerecord (3.2.3) - activemodel (= 3.2.3) - activesupport (= 3.2.3) - arel (~> 3.0.2) - tzinfo (~> 0.3.29) - activeresource (3.2.3) - activemodel (= 3.2.3) - activesupport (= 3.2.3) - activesupport (3.2.3) - i18n (~> 0.6) - multi_json (~> 1.0) - arel (3.0.2) - builder (3.0.0) - coffee-rails (3.2.2) + rails-dom-testing (~> 1.0, >= 1.0.5) + rails-html-sanitizer (~> 1.0, >= 1.0.1) + activejob (4.2.1) + activesupport (= 4.2.1) + globalid (>= 0.3.0) + activemodel (4.2.1) + activesupport (= 4.2.1) + builder (~> 3.1) + activerecord (4.2.1) + activemodel (= 4.2.1) + activesupport (= 4.2.1) + arel (~> 6.0) + activesupport (4.2.1) + i18n (~> 0.7) + json (~> 1.7, >= 1.7.7) + minitest (~> 5.1) + thread_safe (~> 0.3, >= 0.3.4) + tzinfo (~> 1.1) + arel (6.0.0) + builder (3.2.2) + coffee-rails (4.1.0) coffee-script (>= 2.2.0) - railties (~> 3.2.0) - coffee-script (2.2.0) + railties (>= 4.0.0, < 5.0) + coffee-script (2.3.0) coffee-script-source execjs - coffee-script-source (1.3.1) + coffee-script-source (1.9.1) erubis (2.7.0) - execjs (1.3.0) - multi_json (~> 1.0) - hike (1.2.1) - i18n (0.6.0) - journey (1.0.3) - jquery-rails (2.0.2) - railties (>= 3.2.0, < 5.0) - thor (~> 0.14) - json (1.6.6) - mail (2.4.4) - i18n (>= 0.4.0) - mime-types (~> 1.16) - treetop (~> 1.4.8) - mime-types (1.18) - multi_json (1.3.2) - polyglot (0.3.3) - rack (1.4.1) - rack-cache (1.2) - rack (>= 0.4) - rack-ssl (1.3.2) - rack - rack-test (0.6.1) + execjs (2.4.0) + globalid (0.3.3) + activesupport (>= 4.1.0) + hike (1.2.3) + i18n (0.7.0) + jquery-rails (4.0.3) + rails-dom-testing (~> 1.0) + railties (>= 4.2.0) + thor (>= 0.14, < 2.0) + json (1.8.2) + loofah (2.0.1) + nokogiri (>= 1.5.9) + mail (2.6.3) + mime-types (>= 1.16, < 3) + mime-types (2.4.3) + mini_portile (0.6.2) + minitest (5.5.1) + multi_json (1.11.0) + nokogiri (1.6.6.2) + mini_portile (~> 0.6.0) + rack (1.6.0) + rack-test (0.6.3) rack (>= 1.0) - rails (3.2.3) - actionmailer (= 3.2.3) - actionpack (= 3.2.3) - activerecord (= 3.2.3) - activeresource (= 3.2.3) - activesupport (= 3.2.3) - bundler (~> 1.0) - railties (= 3.2.3) - railties (3.2.3) - actionpack (= 3.2.3) - activesupport (= 3.2.3) - rack-ssl (~> 1.3.2) + rails (4.2.1) + actionmailer (= 4.2.1) + actionpack (= 4.2.1) + actionview (= 4.2.1) + activejob (= 4.2.1) + activemodel (= 4.2.1) + activerecord (= 4.2.1) + activesupport (= 4.2.1) + bundler (>= 1.3.0, < 2.0) + railties (= 4.2.1) + sprockets-rails + rails-deprecated_sanitizer (1.0.3) + activesupport (>= 4.2.0.alpha) + rails-dom-testing (1.0.6) + activesupport (>= 4.2.0.beta, < 5.0) + nokogiri (~> 1.6.0) + rails-deprecated_sanitizer (>= 1.0.1) + rails-html-sanitizer (1.0.2) + loofah (~> 2.0) + railties (4.2.1) + actionpack (= 4.2.1) + activesupport (= 4.2.1) rake (>= 0.8.7) - rdoc (~> 3.4) - thor (~> 0.14.6) - rake (0.9.2.2) - rdoc (3.12) - json (~> 1.4) - sass (3.1.15) - sass-rails (3.2.5) - railties (~> 3.2.0) - sass (>= 3.1.10) - tilt (~> 1.3) - sprockets (2.1.2) + thor (>= 0.18.1, < 2.0) + rake (10.4.2) + sass (3.4.13) + sass-rails (5.0.3) + railties (>= 4.0.0, < 5.0) + sass (~> 3.1) + sprockets (>= 2.8, < 4.0) + sprockets-rails (>= 2.0, < 4.0) + tilt (~> 1.1) + sprockets (2.12.3) hike (~> 1.2) + multi_json (~> 1.0) rack (~> 1.0) tilt (~> 1.1, != 1.3.0) - sqlite3 (1.3.6) - thor (0.14.6) - tilt (1.3.3) - treetop (1.4.10) - polyglot - polyglot (>= 0.3.1) - tzinfo (0.3.33) - uglifier (1.2.4) + sprockets-rails (2.2.4) + actionpack (>= 3.0) + activesupport (>= 3.0) + sprockets (>= 2.8, < 4.0) + sqlite3 (1.3.10) + thor (0.19.1) + thread_safe (0.3.5) + tilt (1.4.1) + tzinfo (1.2.2) + thread_safe (~> 0.1) + uglifier (2.7.1) execjs (>= 0.3.0) - multi_json (>= 1.0.2) + json (>= 1.8.0) PLATFORMS ruby DEPENDENCIES - coffee-rails (~> 3.2.1) + coffee-rails jquery-rails - rails (= 3.2.3) - sass-rails (~> 3.2.3) + rails (~> 4.2.1) + sass-rails sqlite3 uglifier (>= 1.0.3) diff --git a/questionnaire-after/app/assets/javascripts/surveys.js.coffee b/questionnaire-after/app/assets/javascripts/surveys.js.coffee index a65db00..b736213 100644 --- a/questionnaire-after/app/assets/javascripts/surveys.js.coffee +++ b/questionnaire-after/app/assets/javascripts/surveys.js.coffee @@ -11,4 +11,4 @@ jQuery -> time = new Date().getTime() regexp = new RegExp($(this).data('id'), 'g') $(this).before($(this).data('fields').replace(regexp, time)) - event.preventDefault() \ No newline at end of file + event.preventDefault() diff --git a/questionnaire-after/app/controllers/surveys_controller.rb b/questionnaire-after/app/controllers/surveys_controller.rb index a8ab21d..8876b5e 100644 --- a/questionnaire-after/app/controllers/surveys_controller.rb +++ b/questionnaire-after/app/controllers/surveys_controller.rb @@ -12,7 +12,7 @@ def new end def create - @survey = Survey.new(params[:survey]) + @survey = Survey.new(survey_params) if @survey.save redirect_to @survey, notice: "Successfully created survey." else @@ -26,7 +26,7 @@ def edit def update @survey = Survey.find(params[:id]) - if @survey.update_attributes(params[:survey]) + if @survey.update_attributes(survey_params) redirect_to @survey, notice: "Successfully updated survey." else render :edit @@ -38,4 +38,12 @@ def destroy @survey.destroy redirect_to surveys_url, notice: "Successfully destroyed survey." end + + private + + def survey_params + params.require(:survey).permit(:name).tap do |w| + w[:questions_attributes] = params[:survey][:questions_attributes] + end + end end diff --git a/questionnaire-after/app/models/answer.rb b/questionnaire-after/app/models/answer.rb index 4beee49..c166588 100644 --- a/questionnaire-after/app/models/answer.rb +++ b/questionnaire-after/app/models/answer.rb @@ -1,4 +1,3 @@ class Answer < ActiveRecord::Base - attr_accessible :content, :question_id belongs_to :question end diff --git a/questionnaire-after/app/models/question.rb b/questionnaire-after/app/models/question.rb index 874595a..8f7b53a 100644 --- a/questionnaire-after/app/models/question.rb +++ b/questionnaire-after/app/models/question.rb @@ -1,5 +1,4 @@ class Question < ActiveRecord::Base - attr_accessible :content, :survey_id, :answers_attributes belongs_to :survey has_many :answers accepts_nested_attributes_for :answers, allow_destroy: true diff --git a/questionnaire-after/app/models/survey.rb b/questionnaire-after/app/models/survey.rb index 7a5105d..dfa7cd7 100644 --- a/questionnaire-after/app/models/survey.rb +++ b/questionnaire-after/app/models/survey.rb @@ -1,5 +1,4 @@ class Survey < ActiveRecord::Base - attr_accessible :name, :questions_attributes has_many :questions accepts_nested_attributes_for :questions, allow_destroy: true end diff --git a/questionnaire-after/config/application.rb b/questionnaire-after/config/application.rb index 7cd25a3..73b9823 100644 --- a/questionnaire-after/config/application.rb +++ b/questionnaire-after/config/application.rb @@ -48,7 +48,7 @@ class Application < Rails::Application # This will create an empty whitelist of attributes available for mass-assignment for all models # in your app. As such, your models will need to explicitly whitelist or blacklist accessible # parameters by using an attr_accessible or attr_protected declaration. - config.active_record.whitelist_attributes = true + #config.active_record.whitelist_attributes = true # Enable the asset pipeline config.assets.enabled = true diff --git a/questionnaire-after/config/environments/development.rb b/questionnaire-after/config/environments/development.rb index bb96767..2282dc7 100644 --- a/questionnaire-after/config/environments/development.rb +++ b/questionnaire-after/config/environments/development.rb @@ -23,11 +23,11 @@ config.action_dispatch.best_standards_support = :builtin # Raise exception on mass assignment protection for Active Record models - config.active_record.mass_assignment_sanitizer = :strict + #config.active_record.mass_assignment_sanitizer = :strict # Log the query plan for queries taking more than this (works # with SQLite, MySQL, and PostgreSQL) - config.active_record.auto_explain_threshold_in_seconds = 0.5 + #config.active_record.auto_explain_threshold_in_seconds = 0.5 # Do not compress assets config.assets.compress = false diff --git a/questionnaire-after/config/environments/test.rb b/questionnaire-after/config/environments/test.rb index 5f4f302..442afeb 100644 --- a/questionnaire-after/config/environments/test.rb +++ b/questionnaire-after/config/environments/test.rb @@ -30,7 +30,7 @@ config.action_mailer.delivery_method = :test # Raise exception on mass assignment protection for Active Record models - config.active_record.mass_assignment_sanitizer = :strict + #config.active_record.mass_assignment_sanitizer = :strict # Print deprecation notices to the stderr config.active_support.deprecation = :stderr diff --git a/questionnaire-after/db/schema.rb b/questionnaire-after/db/schema.rb index 57bfd27..996ab59 100644 --- a/questionnaire-after/db/schema.rb +++ b/questionnaire-after/db/schema.rb @@ -9,28 +9,28 @@ # from scratch. The latter is a flawed and unsustainable approach (the more migrations # you'll amass, the slower it'll run and the greater likelihood for issues). # -# It's strongly recommended to check this file into your version control system. +# It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(:version => 20120417221635) do +ActiveRecord::Schema.define(version: 20120417221635) do - create_table "answers", :force => true do |t| + create_table "answers", force: :cascade do |t| t.integer "question_id" t.text "content" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end - create_table "questions", :force => true do |t| + create_table "questions", force: :cascade do |t| t.integer "survey_id" t.text "content" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end - create_table "surveys", :force => true do |t| + create_table "surveys", force: :cascade do |t| t.string "name" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end end