Davi Busanello davibusanello

## rails-template.rb
git :init

plugin 'rspec',
  :git => 'git://github.com/dchelimsky/rspec.git',
  :submodule => true
plugin 'rspec-rails',
  :git => 'git://github.com/dchelimsky/rspec-rails.git',
  :submodule => true
plugin 'exception_notifier',
  :git => 'git://github.com/rails/exception_notification.git',

## cancan_mongoid.rb
module CanCan
  class Query
    def sanitize_sql(conditions)
      conditions
    end
  end

  # customize to handle Mongoid queries in ability definitions conditions
  class CanDefinition
    def matches_conditions_hash?(subject, conditions = @conditions)

## Uninstall all gems
gem list | cut -d" " -f1 | xargs gem uninstall -aIx

## reset.css
body{padding:0;margin:0;font:13px Arial,Helvetica,Garuda,sans-serif;*font-size:small;*font:x-small;}
h1,h2,h3,h4,h5,h6,ul,li,em,strong,pre,code{padding:0;margin:0;line-height:1em;font-size:100%;font-weight:normal;font-style: normal;}
table{font-size:inherit;font:100%;}
ul{list-style:none;}
img{border:0;}
p{margin:1em 0;}

## Gemfile
group :development, :test do
  gem 'ruby-debug',   :platforms => :ruby_18
  gem 'ruby-debug19', :platforms => :ruby_19
end

## gist:893184
require File.expand_path(File.dirname(__FILE__) + '/../test_helper')

class BuildStatusTest < ActiveSupport::TestCase
  test "remove the old statii" do
    assert_equal 2, BuildStatus.count
    BuildStatus.expire_old
    statii = BuildStatus.all
    assert_equal 1, statii.size
    assert statii[0].updated_at >= 30.days.ago
  end

## gist:905011
articles = Article.find(:all)

articles.each do |article|
  next if article.published_at.nil?
  published_at = article.published_at

  year  = published_at.strftime('%Y')
  month = published_at.strftime('%m')
  day   = published_at.strftime('%d')


## security.md

      
              1 file
            
          
              11 forks
            
          
              134 comments
            
          
              102 stars
            
          
                wycats
                / security.md
            
            
              Created
              March 4, 2012 18:06
            
          
    Proposal for Improving Mass Assignment

For a while, I have felt that the following is the correct way to improve the mass assignment problem without increasing the burden on new users. Now that the problem with the Rails default has been brought up again, it's a good time to revisit it.
Sign Allowed Fields

When creating a form with form_for, include a signed token including all of the fields that were created at form creation time. Only these fields are allowed.
To allow new known fields to be added via JS, we could add:

  
## gist:1975644
class PostsController < ActionController::Base
  def create
    Post.create(post_params)
  end

  def update
    Post.find(params[:id]).update_attributes!(post_params)
  end

  private

## attr_acessible_security.rb
# Put this file on config/initializer

# This will create an empty whitelist of attributes available for mass assignment for
# all models in your app. As such, your models will need to explicitly whitelist
# accessible parameters by using an attr_accessible declaration. This technique is best
# applied at the start of a new project. However, for an existing project with a thorough
# set of functional tests, it should be straightforward and relatively quick to insert this
# initializer, run your tests, and expose each attribute (via attr_accessible) as dictated
# by your failing tests.
	git :init

	plugin 'rspec',
	:git => 'git://github.com/dchelimsky/rspec.git',
	:submodule => true
	plugin 'rspec-rails',
	:git => 'git://github.com/dchelimsky/rspec-rails.git',
	:submodule => true
	plugin 'exception_notifier',
	:git => 'git://github.com/rails/exception_notification.git',
	module CanCan
	class Query
	def sanitize_sql(conditions)
	conditions
	end
	end

	# customize to handle Mongoid queries in ability definitions conditions
	class CanDefinition
	def matches_conditions_hash?(subject, conditions = @conditions)
	body{padding:0;margin:0;font:13px Arial,Helvetica,Garuda,sans-serif;font-size:small;font:x-small;}
	h1,h2,h3,h4,h5,h6,ul,li,em,strong,pre,code{padding:0;margin:0;line-height:1em;font-size:100%;font-weight:normal;font-style: normal;}
	table{font-size:inherit;font:100%;}
	ul{list-style:none;}
	img{border:0;}
	p{margin:1em 0;}
	group :development, :test do
	gem 'ruby-debug', :platforms => :ruby_18
	gem 'ruby-debug19', :platforms => :ruby_19
	end
	require File.expand_path(File.dirname(__FILE__) + '/../test_helper')

	class BuildStatusTest < ActiveSupport::TestCase
	test "remove the old statii" do
	assert_equal 2, BuildStatus.count
	BuildStatus.expire_old
	statii = BuildStatus.all
	assert_equal 1, statii.size
	assert statii[0].updated_at >= 30.days.ago
	end
	articles = Article.find(:all)

	articles.each do \|article\|
	next if article.published_at.nil?
	published_at = article.published_at

	year = published_at.strftime('%Y')
	month = published_at.strftime('%m')
	day = published_at.strftime('%d')
	class PostsController < ActionController::Base
	def create
	Post.create(post_params)
	end

	def update
	Post.find(params[:id]).update_attributes!(post_params)
	end

	private
	# Put this file on config/initializer

	# This will create an empty whitelist of attributes available for mass assignment for
	# all models in your app. As such, your models will need to explicitly whitelist
	# accessible parameters by using an attr_accessible declaration. This technique is best
	# applied at the start of a new project. However, for an existing project with a thorough
	# set of functional tests, it should be straightforward and relatively quick to insert this
	# initializer, run your tests, and expose each attribute (via attr_accessible) as dictated
	# by your failing tests.