Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Strong params, curl and Rails 5 API #211

Closed
ralphking opened this issue Jun 8, 2016 · 8 comments
Closed

Strong params, curl and Rails 5 API #211

ralphking opened this issue Jun 8, 2016 · 8 comments

Comments

@ralphking
Copy link

Hi,

I'm falling foul of the assign_params method, here: https://github.com/nviennot/nobrainer/blob/master/lib/no_brainer/document/attributes.rb#L73

Using Rails 5 RC1.

Model:

class Venue
  include NoBrainer::Document
  include NoBrainer::Document::Timestamps

  field :name, :type => String
  field :desc, :type => Text
end

Controller:

  # POST /venues
  def create
    @venue = Venue.new(venue_params)

    if @venue.save
      render json: @venue, status: :created, location: @venue
    else
      render json: @venue.errors, status: :unprocessable_entity
    end
  end

def venue_params
      params.require(:venue).permit(:name, :desc)
end

All very standard. When using curl to test the api, I'm hitting the error inside assign_attributes. I have the attributes in the controller, whitelisted.

curl -v -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"venue":{"name":"test","desc":"something"}}' http://localhost:3000/venues

It works fine if I pass them as a hash, which is what the error is checking for:

@venue = Venue.new(name: params[:name], desc: params[:desc])

I assume it's doing this because it thinks I'm trying to submit attributes that are not whitelisted. Is this a bug?

Thanks
@jeroenvisser101
Copy link
Contributor

@ralphking I had the same thing, and am happy to add my patch back to master.

@ralphking
Copy link
Author

Hmm I was thinking of doing the same - just saw in the Docs that nobrainer should play nicely with Rails 5 so wasn't sure if it was a bug or not

@jeroenvisser101
Copy link
Contributor

I think it's unexpected, I'll file a PR now.

@ralphking
Copy link
Author

Ok I'll just borrow your fork for now while I test.

Thanks

@jeroenvisser101
Copy link
Contributor

@ralphking there's some other things inside rails5 branch related to code reloading that are definitely not production-ready yet, so there be dragons there.

@jeroenvisser101 jeroenvisser101 mentioned this issue Jun 8, 2016
Closed
@jeroenvisser101
Copy link
Contributor

@ralphking I've created a new branch that you can check. The implementation is a little different (it's now really backwards compatible).

@nviennot
Copy link
Collaborator

@ralphking, I've pushed @jeroenvisser101 fix on master. Does it fixes your issue?

@jeroenvisser101
Copy link
Contributor

@nviennot thanks for merging :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nviennot @ralphking @jeroenvisser101