New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrate with strong_parameters #260
Conversation
👍 |
Integrate with strong_parameters
So weird how something like this is merged just when I needed it! :) It might pay to add in the README that the Alternatively the check for the method could include the private space? |
Actually, it doesn't seem to work even when |
You're correct @danbob. I just checked my code and my Wait, actually, I've noticed that I have it in the public space in my Active Admin controller block, but in my main app I was able to put it in the protected space and it works fine. You don't happen to be using Active Admin? |
Nope, just IR and CanCan. I second the suggestion to allow it to live in private or at least protected, so I can keep all my non-action controller methods separate. |
That's fairly strange. But yes, it seems more logical to allow for the recommended SP technique. |
Are there any reasons to use strong parameters without |
Without I still believe that |
@taavo I only say that it's simplier to allow one use both methods and use strong parameters exactly the same way they do it usually. When you refactor code to use inherited_resources - it's too simple to forget changing allowed parameters to use permitted_resource instead of, say user_params and remove |
See also #236
We now check for a method
permitted_params
inbuild_resource_params
, and use it instead ofparams
if present. We're expectingpermitted_params
to be implemented using strong_parameters'permit
method, like this:Note that this doesn't work if you use strong_parameters'
require
method, because whereas the above example returns a cleaned copy ofparams
,params.require(:widget).permit(:permitted_field, :other_permitted_field)
returns a cleaned copy ofparams[:widget]
.