From b89a5ac12ca2b7b33e9eb1e1e483b9cbd6c19839 Mon Sep 17 00:00:00 2001 From: Justin Coyne Date: Mon, 3 Nov 2014 15:11:02 -0600 Subject: [PATCH] Whitelist permissions_attributes parameter. Fixes projecthydra/active_fedora#550 --- spec/controllers/generic_files_controller_spec.rb | 2 +- sufia-models/app/models/concerns/sufia/generic_file.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/controllers/generic_files_controller_spec.rb b/spec/controllers/generic_files_controller_spec.rb index 626647cba8..de6f2da5e9 100644 --- a/spec/controllers/generic_files_controller_spec.rb +++ b/spec/controllers/generic_files_controller_spec.rb @@ -475,7 +475,7 @@ post :update, id: generic_file, generic_file: { tag: [''], permissions_attributes: [ - { type: 'user', name: 'user1', access: 'edit' }, + { type: 'person', name: 'user1', access: 'edit' }, { type: 'group', name: 'group1', access: 'read' } ] } diff --git a/sufia-models/app/models/concerns/sufia/generic_file.rb b/sufia-models/app/models/concerns/sufia/generic_file.rb index 4db01bba9d..63174b1f96 100644 --- a/sufia-models/app/models/concerns/sufia/generic_file.rb +++ b/sufia-models/app/models/concerns/sufia/generic_file.rb @@ -26,7 +26,7 @@ module GenericFile # around_save :retry_warming - attr_accessible *(terms_for_display + [:part_of, :permissions]) + attr_accessible *(terms_for_display + [:part_of, :permissions_attributes]) end def persistent_url