Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima@veritasgenetics.com>
gem 'rails', '~> 4.2'
gem 'responders', '~> 2.0'
-gem 'protected_attributes'
group :test, :development do
gem 'factory_bot_rails'
rake (>= 0.8.1)
pg (0.21.0)
power_assert (1.1.1)
- protected_attributes (1.1.4)
- activemodel (>= 4.0.1, < 5.0)
public_suffix (3.0.3)
rack (1.6.11)
rack-test (0.6.3)
omniauth-oauth2 (~> 1.1)
passenger
pg (~> 0.18)
- protected_attributes
rails (~> 4.2)
rails-observers
responders (~> 2.0)
# penalty.
attr_accessor :async_permissions_update
+ # Ignore listed attributes on mass assignments
+ def self.protected_attributes
+ []
+ end
+
class PermissionDeniedError < RequestError
def http_status
403
# "ActionController::Parameters.permit_all_parameters = true",
# because permit_all does not permit nested attributes.
if raw_params
+ raw_params.delete_if { |k, _| self.protected_attributes.include? k }
serialized_attributes.each do |colname, coder|
param = raw_params[colname.to_sym]
if param.nil?
extend CurrentApiClient
extend LogReuseInfo
serialize :components, Hash
- attr_protected :arvados_sdk_version, :docker_image_locator
serialize :script_parameters, Hash
serialize :runtime_constraints, Hash
serialize :tasks_summary, Hash
["components"]
end
+ def self.protected_attributes
+ [:arvados_sdk_version, :docker_image_locator]
+ end
+
def assert_finished
update_attributes(finished_at: finished_at || db_current_time,
success: success.nil? ? false : success,