Project

General

Profile

« Previous | Next » 

Revision 16791

safe_attributes= takes a Hash.

View differences:

sandbox/rails-5.1/app/models/issue.rb
511 511
  # attr_accessible is too rough because we still want things like
512 512
  # Issue.new(:project => foo) to work
513 513
  def safe_attributes=(attrs, user=User.current)
514
    if attrs.respond_to?(:to_unsafe_hash)
515
      attrs = attrs.to_unsafe_hash
516
    end
517

  
514 518
    @attributes_set_by = user
515 519
    return unless attrs.is_a?(Hash)
516 520

  
......
585 589
      attrs['custom_fields'].select! {|c| editable_custom_field_ids.include?(c['id'].to_s)}
586 590
    end
587 591

  
588
    # mass-assignment security bypass
589
    assign_attributes attrs, :without_protection => true
592
    assign_attributes attrs
590 593
  end
591 594

  
592 595
  def disabled_core_fields
sandbox/rails-5.1/app/models/issue_relation.rb
81 81
    'issue_to_id'
82 82

  
83 83
  def safe_attributes=(attrs, user=User.current)
84
    if attrs.respond_to?(:to_unsafe_hash)
85
      attrs = attrs.to_unsafe_hash
86
    end
87

  
84 88
    return unless attrs.is_a?(Hash)
85 89
    attrs = attrs.deep_dup
86 90

  
sandbox/rails-5.1/app/models/project.rb
774 774
    :if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)}
775 775

  
776 776
  def safe_attributes=(attrs, user=User.current)
777
    if attrs.respond_to?(:to_unsafe_hash)
778
      attrs = attrs.to_unsafe_hash
779
    end
780

  
777 781
    return unless attrs.is_a?(Hash)
778 782
    attrs = attrs.deep_dup
779 783

  
sandbox/rails-5.1/app/models/wiki_page.rb
79 79
  end
80 80

  
81 81
  def safe_attributes=(attrs, user=User.current)
82
    if attrs.respond_to?(:to_unsafe_hash)
83
      attrs = attrs.to_unsafe_hash
84
    end
85

  
82 86
    return unless attrs.is_a?(Hash)
83 87
    attrs = attrs.deep_dup
84 88

  
sandbox/rails-5.1/config/environments/test.rb
30 30
  config.redmine_verify_sessions = false
31 31

  
32 32
  # Print deprecation notices to stderr and the Rails logger.
33
  config.active_support.deprecation = [:stderr, :log]
33
  config.active_support.deprecation = [:log]
34 34

  
35 35
  config.secret_key_base = 'a secret token for running the tests'
36 36

  
sandbox/rails-5.1/lib/plugins/acts_as_attachable/lib/acts_as_attachable.rb
68 68
        end
69 69

  
70 70
        def save_attachments(attachments, author=User.current)
71
          if attachments.respond_to?(:to_unsafe_hash)
72
            attachments = attachments.to_unsafe_hash
73
          end
74

  
71 75
          if attachments.is_a?(Hash)
72 76
            attachments = attachments.stringify_keys
73 77
            attachments = attachments.to_a.sort {|a, b|
sandbox/rails-5.1/lib/redmine/safe_attributes.rb
80 80
    # Sets attributes from attrs that are safe
81 81
    # attrs is a Hash with string keys
82 82
    def safe_attributes=(attrs, user=User.current)
83
      if attrs.respond_to?(:to_unsafe_hash)
84
        attrs = attrs.to_unsafe_hash
85
      end
86

  
83 87
      return unless attrs.is_a?(Hash)
84 88
      self.attributes = delete_unsafe_attributes(attrs, user)
85 89
    end

Also available in: Unified diff