Mass assignment testing

Mass assignment is a common Rails security issue, caused by Rails’s ability to save an arbitrary hash of attribute names and values to an instance by sending an entire hash as a parameter, as in new(params[:user]), create(params[:user]), or update_attributes(params[:user]). The security issue happens when somebody hacks a request and adds unexpected attributes to the incoming parameters, typically an attribute that we wouldn’t want an arbitrary user to change, such as User#admin or Project#public. (GitHub was famously hacked via this vector ...

Introduction

Test-Driven Fable

Test-Driven Development Basics

Test-Driven Rails

What Makes a Great Test?

Testing Models

Adding Data to Tests

Using Test Doubles as Mocks and Stubs

Integration Testing with Capybara and Cucumber

Testing JavaScript: Integration Testing

Unit-Testing Javascript

Testing Rails Display Elements

Minitest

Testing for Security

Testing External Services

Troubleshooting and Debugging

Running Tests Faster and Running Faster Tests

Testing Legacy Code

Mass Assignment Testing

Mass assignment testing