From df29d446aeb8e4804d91992cb0efb86e1fc635cc Mon Sep 17 00:00:00 2001 From: Luis Castro Date: Tue, 23 Jul 2019 21:22:00 +0200 Subject: [PATCH] chore(models): comment out attr_accessible Needs to be changed to strong params in controllers of each model. --- app/models/coupon.rb | 12 ++++++------ app/models/custom_field_master.rb | 10 +++++----- app/models/direct_debit_detail.rb | 2 +- app/models/email_list.rb | 2 +- app/models/export.rb | 2 +- app/models/offsite_payment.rb | 2 +- app/models/payment_import.rb | 2 +- app/models/source_token.rb | 2 +- app/models/ticket.rb | 2 +- app/models/tracking.rb | 2 +- 10 files changed, 19 insertions(+), 19 deletions(-) diff --git a/app/models/coupon.rb b/app/models/coupon.rb index 08d93729..5b8b5f7c 100644 --- a/app/models/coupon.rb +++ b/app/models/coupon.rb @@ -1,12 +1,12 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class Coupon < ApplicationRecord - attr_accessible \ - :name, - :victim_np_id, - :paid, # boolean - :nonprofit, :nonprofit_id + # attr_accessible \ + # :name, + # :victim_np_id, + # :paid, # boolean + # :nonprofit, :nonprofit_id scope :unpaid, -> {where(paid: [nil,false])} validates_presence_of :name, :nonprofit_id, :victim_np_id -end \ No newline at end of file +end diff --git a/app/models/custom_field_master.rb b/app/models/custom_field_master.rb index 56f4398a..b528b373 100644 --- a/app/models/custom_field_master.rb +++ b/app/models/custom_field_master.rb @@ -1,11 +1,11 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class CustomFieldMaster < ApplicationRecord - attr_accessible \ - :nonprofit, :nonprofit_id, - :name, - :deleted, - :created_at + # attr_accessible \ + # :nonprofit, :nonprofit_id, + # :name, + # :deleted, + # :created_at validates :name, presence: true validate :no_dupes, on: :create diff --git a/app/models/direct_debit_detail.rb b/app/models/direct_debit_detail.rb index 85b83947..a8e96676 100644 --- a/app/models/direct_debit_detail.rb +++ b/app/models/direct_debit_detail.rb @@ -1,6 +1,6 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class DirectDebitDetail < ApplicationRecord - attr_accessible :iban, :account_holder_name, :bic, :supporter_id, :holder + # attr_accessible :iban, :account_holder_name, :bic, :supporter_id, :holder has_many :donations has_many :charges diff --git a/app/models/email_list.rb b/app/models/email_list.rb index 4f8fccf1..f60af7d0 100644 --- a/app/models/email_list.rb +++ b/app/models/email_list.rb @@ -1,6 +1,6 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class EmailList < ApplicationRecord - attr_accessible :list_name, :mailchimp_list_id, :nonprofit, :tag_master + # attr_accessible :list_name, :mailchimp_list_id, :nonprofit, :tag_master belongs_to :nonprofit belongs_to :tag_master end diff --git a/app/models/export.rb b/app/models/export.rb index ee4717a4..83f066c2 100644 --- a/app/models/export.rb +++ b/app/models/export.rb @@ -2,7 +2,7 @@ class Export < ApplicationRecord STATUS = %w[queued started completed failed].freeze - attr_accessible :exception, :nonprofit, :status, :user, :export_type, :parameters, :ended, :url, :user_id, :nonprofit_id + # attr_accessible :exception, :nonprofit, :status, :user, :export_type, :parameters, :ended, :url, :user_id, :nonprofit_id belongs_to :nonprofit belongs_to :user diff --git a/app/models/offsite_payment.rb b/app/models/offsite_payment.rb index 9a729ed2..798ef1c9 100644 --- a/app/models/offsite_payment.rb +++ b/app/models/offsite_payment.rb @@ -1,7 +1,7 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class OffsitePayment < ApplicationRecord - attr_accessible :gross_amount, :kind, :date, :check_number + # attr_accessible :gross_amount, :kind, :date, :check_number belongs_to :payment, dependent: :destroy belongs_to :donation belongs_to :nonprofit diff --git a/app/models/payment_import.rb b/app/models/payment_import.rb index fea614a5..5980928f 100644 --- a/app/models/payment_import.rb +++ b/app/models/payment_import.rb @@ -1,6 +1,6 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class PaymentImport < ApplicationRecord - attr_accessible :nonprofit, :user + # attr_accessible :nonprofit, :user has_and_belongs_to_many :donations belongs_to :nonprofit belongs_to :user diff --git a/app/models/source_token.rb b/app/models/source_token.rb index 1d6ca55f..159d682f 100644 --- a/app/models/source_token.rb +++ b/app/models/source_token.rb @@ -1,7 +1,7 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class SourceToken < ApplicationRecord self.primary_key = :token - attr_accessible :expiration, :token, :max_uses, :total_uses + # attr_accessible :expiration, :token, :max_uses, :total_uses belongs_to :tokenizable, :polymorphic => true belongs_to :event end diff --git a/app/models/ticket.rb b/app/models/ticket.rb index 9e56fd2b..ee5ad133 100644 --- a/app/models/ticket.rb +++ b/app/models/ticket.rb @@ -1,7 +1,7 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class Ticket < ApplicationRecord - attr_accessible :note, :event_discount, :event_discount_id + # attr_accessible :note, :event_discount, :event_discount_id belongs_to :event_discount belongs_to :supporter diff --git a/app/models/tracking.rb b/app/models/tracking.rb index a730989f..0903b3e3 100644 --- a/app/models/tracking.rb +++ b/app/models/tracking.rb @@ -1,6 +1,6 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class Tracking < ApplicationRecord - attr_accessible :utm_campaign, :utm_content, :utm_medium, :utm_source + # attr_accessible :utm_campaign, :utm_content, :utm_medium, :utm_source belongs_to :donation end