Ticket #3352: hardened_scaffold.diff
| File hardened_scaffold.diff, 6.3 kB (added by nils@alumni.rice.edu, 3 years ago) |
|---|
-
railties/lib/rails_generator/generators/components/scaffold/templates/functional_test.rb
old new 57 57 assert_not_nil assigns(:<%= singular_name %>) 58 58 end 59 59 60 def test_create 60 def test_create<%= suffix %>_using_post 61 61 num_<%= plural_name %> = <%= model_name %>.count 62 62 63 63 post :create<%= suffix %>, :<%= singular_name %> => {} … … 68 68 assert_equal num_<%= plural_name %> + 1, <%= model_name %>.count 69 69 end 70 70 71 def test_create<%= suffix %>_using_get 72 num_<%= plural_name %> = <%= model_name %>.count 73 74 get :create<%= suffix %>, :<%= singular_name %> => {} 75 76 assert_response :success 77 assert_template 'new<%= suffix %>' 78 79 assert_equal num_<%= plural_name %>, <%= model_name %>.count 80 end 81 71 82 def test_edit<%= suffix %> 72 83 get :edit<%= suffix %>, :id => 1 73 84 … … 78 89 assert assigns(:<%= singular_name %>).valid? 79 90 end 80 91 81 def test_update<%= suffix %> 92 def test_update<%= suffix %>_using_post 82 93 post :update<%= suffix %>, :id => 1 83 94 assert_response :redirect 84 95 assert_redirected_to :action => 'show<%= suffix %>', :id => 1 85 96 end 86 97 87 def test_destroy<%= suffix %> 98 def test_update<%= suffix %>_using_get 99 get :update<%= suffix %>, :id => 1 100 assert_response :success 101 assert_template 'edit<%= suffix %>' 102 end 103 104 def test_destroy<%= suffix %>_using_post 88 105 assert_not_nil <%= model_name %>.find(1) 89 106 90 107 post :destroy, :id => 1 … … 95 112 <%= model_name %>.find(1) 96 113 } 97 114 end 115 116 def test_destroy<%= suffix %>_using_get 117 assert_not_nil <%= model_name %>.find(1) 118 119 get :destroy, :id => 1 120 assert_response :redirect 121 assert_redirected_to :action => 'edit<%= suffix %>' 122 123 assert_not_nil <%= model_name %>.find(1) 124 end 98 125 end -
railties/lib/rails_generator/generators/components/scaffold/templates/view_edit.rhtml
old new 4 4 <%%= render :partial => 'form' %> 5 5 <%%= submit_tag 'Edit' %> 6 6 <%%= end_form_tag %> 7 <%%= button_to 'Destroy', { :action => 'destroy<%= suffix %>', :id => @<%= singular_name %> }, :confirm => 'Are you sure you want to destroy <%= singular_name %>?' %> 7 8 8 9 <%%= link_to 'Show', :action => 'show<%= suffix %>', :id => @<%= singular_name %> %> | 9 10 <%%= link_to 'Back', :action => 'list<%= suffix %>' %> -
railties/lib/rails_generator/generators/components/scaffold/templates/controller.rb
old new 12 12 13 13 <% end -%> 14 14 def list<%= suffix %> 15 @<%= singular_name %>_pages, @<%= plural_name %> = paginate :<%= plural_name %>, :per_page => 1015 @<%= singular_name %>_pages, @<%= plural_name %> = paginate(:<%= plural_name %>, :per_page => 10) 16 16 end 17 17 18 18 def show<%= suffix %> … … 25 25 26 26 def create<%= suffix %> 27 27 @<%= singular_name %> = <%= model_name %>.new(params[:<%= singular_name %>]) 28 if @<%= singular_name %>.save 29 flash[:notice] = '<%= model_name %> was successfully created.' 30 redirect_to :action => 'list<%= suffix %>' 28 if request.post? 29 if @<%= singular_name %>.save 30 flash[:notice] = '<%= model_name %> was successfully created.' 31 redirect_to :action => 'list<%= suffix %>' 32 else 33 render :action => 'new<%= suffix %>' 34 end 31 35 else 36 flash[:notice] = '<%= model_name %> must be created using HTTP POST.' 32 37 render :action => 'new<%= suffix %>' 33 38 end 34 39 end … … 39 44 40 45 def update 41 46 @<%= singular_name %> = <%= model_name %>.find(params[:id]) 42 if @<%= singular_name %>.update_attributes(params[:<%= singular_name %>]) 43 flash[:notice] = '<%= model_name %> was successfully updated.' 44 redirect_to :action => 'show<%= suffix %>', :id => @<%= singular_name %> 47 if request.post? 48 if @<%= singular_name %>.update_attributes(params[:<%= singular_name %>]) 49 flash[:notice] = '<%= model_name %> was successfully updated.' 50 redirect_to :action => 'show<%= suffix %>', :id => @<%= singular_name %> 51 else 52 render :action => 'edit<%= suffix %>' 53 end 45 54 else 55 flash[:notice] = '<%= model_name %> must be updated using HTTP POST.' 46 56 render :action => 'edit<%= suffix %>' 47 57 end 48 58 end 49 59 50 60 def destroy<%= suffix %> 51 <%= model_name %>.find(params[:id]).destroy 52 redirect_to :action => 'list<%= suffix %>' 61 if request.post? 62 <%= model_name %>.find(params[:id]).destroy 63 flash[:notice] = '<%= model_name %> was successfully destroyed.' 64 redirect_to :action => 'list<%= suffix %>' 65 else 66 flash[:notice] = 'Click Destroy to destroy <%= model_name %>.' 67 redirect_to :action => 'edit<%= suffix %>', :id => params[:id] 68 end 53 69 end 54 70 end -
railties/lib/rails_generator/generators/components/scaffold/templates/view_list.rhtml
old new 14 14 <%% end %> 15 15 <td><%%= link_to 'Show', :action => 'show<%= suffix %>', :id => <%= singular_name %> %></td> 16 16 <td><%%= link_to 'Edit', :action => 'edit<%= suffix %>', :id => <%= singular_name %> %></td> 17 <td><%%= link_to 'Destroy', { :action => 'destroy<%= suffix %>', :id => <%= singular_name %> }, : confirm => 'Are you sure?' %></td>17 <td><%%= link_to 'Destroy', { :action => 'destroy<%= suffix %>', :id => <%= singular_name %> }, :post => true, :confirm => 'Are you sure you want to delete <%= singular_name %>?' %></td> 18 18 </tr> 19 19 <%% end %> 20 20 </table>
