Fix the CollectionProxy#new method

It was using the default Active Record implementation. Fixes #21

Author: Rafael Mendonça França

lib/active_record/mass_assignment_security/associations.rb

@@ -54,6 +54,7 @@ class CollectionProxy
  def build(attributes = {}, options = {}, &block)
  @association.build(attributes, options, &block)
  end
+ alias_method :new, :build
 
  def create(attributes = {}, options = {}, &block)
  @association.create(attributes, options, &block)

test/attribute_sanitization_test.rb

@@ -595,6 +595,40 @@ def test_has_many_build_with_strict_sanitizer
  end
  end
 
+ # new
+
+ def test_has_many_build_with_attr_protected_attributes
+ best_friend = @person.best_friends.new(attributes_hash)
+ assert_default_attributes(best_friend)
+ end
+
+ def test_has_many_build_with_attr_accessible_attributes
+ best_friend = @person.best_friends.new(attributes_hash)
+ assert_default_attributes(best_friend)
+ end
+
+ def test_has_many_build_with_admin_role_with_attr_protected_attributes
+ best_friend = @person.best_friends.new(attributes_hash, :as => :admin)
+ assert_admin_attributes(best_friend)
+ end
+
+ def test_has_many_build_with_admin_role_with_attr_accessible_attributes
+ best_friend = @person.best_friends.new(attributes_hash, :as => :admin)
+ assert_admin_attributes(best_friend)
+ end
+
+ def test_has_many_build_without_protection
+ best_friend = @person.best_friends.new(attributes_hash, :without_protection => true)
+ assert_all_attributes(best_friend)
+ end
+
+ def test_has_many_build_with_strict_sanitizer
+ with_strict_sanitizer do
+ best_friend = @person.best_friends.new(attributes_hash.except(:id, :comments))
+ assert_equal @person.id, best_friend.best_friend_id
+ end
+ end
+
  # create
 
  def test_has_many_create_with_attr_protected_attributes