A Rails application that uses active_model_serializers and strong_parameters.
Ruby CoffeeScript JavaScript
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
app
config
db
doc
lib
log
public
script
test
vendor
.gitignore
Gemfile
Gemfile.lock
README.md
Rakefile
config.ru

README.md

active_model_serializers-and-strong_parameters-example

This example is under-construction. Some functionality may not work properly or at all.

A sample application in Rails 3.2.8 that shows how you can use active_model_serializers and strong_parameters that will be included in Rails 4 to provide controller-specific param filtering/security via strong_parameters on the JSON input and active_model_serializers for the JSON views and provides sample Rails APIs in your controllers with two example models: Company and Employee. Assumes you will use curl or similar to test and provides sample commands.

Setup

After installing Ruby 1.9.3 and Rails 3.2.x:

git clone https://github.com/garysweaver/active_model_serializers-and-strong_parameters-example.git
cd active_model_serializers-and-strong_parameters-example
bundle install
rake db:migrate
rails s

Then browse to: http://localhost:3000/

Parameter wrapping

Default Rails 3 way to handle is to change defaults in config/initializers/wrap_parameters.rb.

Note in the rails-api README it talks a little about wrap_parameters, if you are using ActionController::API.

Testing with curl

# create
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X POST -d '{"name":"testing"}' http://localhost:3000/companies.json
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X POST -d '{"name":"testing","company_id":1}' http://localhost:3000/employees.json
# index
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X GET http://localhost:3000/companies.json
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X GET http://localhost:3000/employees.json
# show
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X GET http://localhost:3000/companies/1.json
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X GET http://localhost:3000/employees/1.json
# update
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X PUT -d '{"name":"testing update"}' http://localhost:3000/companies/1.json
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X PUT -d '{"name":"testing update"}' http://localhost:3000/employees/1.json
# destroy
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X DELETE http://localhost:3000/companies/1.json
curl -v -H "Content-Type: application/json" -H "Accept: application/json" -X DELETE http://localhost:3000/employees/1.json

Resetting data

At your own risk, do:

rails c
Employee.delete_all
Contact.delete_all
exit

Problems

None so far.

License

Copyright (c) 2012 Gary S. Weaver, released under the MIT license.