Use association build methods instead of assoc.klass.new. This avoids mass-assignment errors and other misbehaviors around attribute accessibility.
This commit is contained in:
parent
251d326f31
commit
5ddefa399d
@ -85,8 +85,12 @@ module Cocoon
|
|||||||
|
|
||||||
def create_object(f, association)
|
def create_object(f, association)
|
||||||
assoc = f.object.class.reflect_on_association(association)
|
assoc = f.object.class.reflect_on_association(association)
|
||||||
conditions = assoc.respond_to?(:conditions) ? assoc.conditions.flatten : []
|
|
||||||
new_object = assoc.klass.new(*conditions)
|
if assoc.collection?
|
||||||
|
f.object.send(association).build
|
||||||
|
else
|
||||||
|
f.object.send("build_#{association}")
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def get_partial_path(partial, association)
|
def get_partial_path(partial, association)
|
||||||
|
@ -175,11 +175,16 @@ describe Cocoon do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context "association with conditions" do
|
context "create_object" do
|
||||||
it "should create correct association" do
|
it "should create correct association with conditions" do
|
||||||
result = @tester.create_object(@form_obj, :admin_comments)
|
result = @tester.create_object(@form_obj, :admin_comments)
|
||||||
result.author.should == "Admin"
|
result.author.should == "Admin"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "should create correct association for belongs_to associations" do
|
||||||
|
result = @tester.create_object(stub(:object => Comment.new), :post)
|
||||||
|
result.should be_a Post
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context "get_partial_path" do
|
context "get_partial_path" do
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
class Comment < ActiveRecord::Base
|
class Comment < ActiveRecord::Base
|
||||||
belongs_to :post
|
belongs_to :post
|
||||||
|
|
||||||
|
attr_protected :author
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user