diff --git a/lib/redmine/safe_attributes.rb b/lib/redmine/safe_attributes.rb index 6f87a233..8c49a437 100644 --- a/lib/redmine/safe_attributes.rb +++ b/lib/redmine/safe_attributes.rb @@ -31,14 +31,19 @@ module Redmine def safe_attributes(*args) @safe_attributes ||= [] if args.empty? - @safe_attributes + if superclass < Redmine::SafeAttributes + superclass.safe_attributes + @safe_attributes + else + @safe_attributes + end else options = args.last.is_a?(Hash) ? args.pop : {} @safe_attributes << [args, options] + safe_attributes end end end - + # Returns an array that can be safely set by user or current user # # Example: diff --git a/test/unit/lib/redmine/safe_attributes_test.rb b/test/unit/lib/redmine/safe_attributes_test.rb index 9498a438..bfad6606 100644 --- a/test/unit/lib/redmine/safe_attributes_test.rb +++ b/test/unit/lib/redmine/safe_attributes_test.rb @@ -35,11 +35,16 @@ class Redmine::SafeAttributesTest < ActiveSupport::TestCase end class Book < Base - attr_accessor :title + attr_accessor :title, :isbn include Redmine::SafeAttributes safe_attributes :title end + + class PublishedBook < Book + safe_attributes :isbn + end + def test_safe_attribute_names p = Person.new assert_equal ['firstname', 'lastname'], p.safe_attribute_names(User.anonymous) @@ -84,4 +89,18 @@ class Redmine::SafeAttributesTest < ActiveSupport::TestCase assert_equal 'Smith', p.lastname assert_equal 'jsmith', p.login end + + def test_use_safe_attributes_in_subclasses + b = Book.new + p = PublishedBook.new + + b.safe_attributes = {'title' => 'My awesome Ruby Book', 'isbn' => '1221132343'} + p.safe_attributes = {'title' => 'The Pickaxe', 'isbn' => '1934356085'} + + assert_equal 'My awesome Ruby Book', b.title + assert_nil b.isbn + + assert_equal 'The Pickaxe', p.title + assert_equal '1934356085', p.isbn + end end