-
-
Notifications
You must be signed in to change notification settings - Fork 392
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
strong parameter support refined to allow standard Rails 4 notation #286
Conversation
I think it's a good idea, but the tests should probably test the "required" support. Some quick testing seems to show that it works fine for the "update" controller action.. but it fails for me on the "new" controller action: a 'Required parameter missing' error occurs on the new action, which isn't normal rails behavior. The new action builds a resource and calls resource_params. |
@travisp Thank you for a response! Actually I didn't tested it with strong_parameters, and did only testing with stubs. I'll try to fix it. |
@travisp Can you please show code which caused the failure? In my tests everything works. |
@prijutme4ty Your code testing the new action should be "get :new, {}" because the new action typically does not have any parameters passed to it. This test fails: def test_resource_params_from_new
get :new, {}
assert_response :success
assert assigns(:widget)
end Results in: "Expected response to be a <:success>, but was <400>" and response.body after the get request contains "Required parameter missing: hotel" |
@travisp Understood the problem. I believe, it's due to inherited_resources using strong_parameter sanitization on new action, while it's not a common practice. I'll try to distinguish new and create action when call |
I'm having the same problem with the new action. |
@rafaelgoulart The code still hasn't been updated to deal with it. I might take a shot in a few weeks if nobody else gets to it: it would be very nice if inherited_resources could work with standard strong_parameters syntax and would also allow the use of "requires". |
I've come to the conclusion that the API I used in #260 was stupid, and this one is much better. I'll help out if my schedule opens up. |
Any news? Would love to see this merged. |
This proposed API makes so much more sense. The current strong parameters solution is pretty awkward to use correctly. |
It would be pretty helpful to add a note to the README meanwhile. As I understand it (after some testing and debugging inside IR), permitted_params must not use params.require(:model).permit(...), but rather params.permit(...). When require is set, IR receives empty parameters from BaseHelpers.build_resource_params so the model is empty. |
+1 To address the new issue, you can skip building params if request.get? |
👍 |
🆙 Any chance of merge for this PR? |
If @prijutme4ty can make the PR merge cleanly, I'd be happy to merge it. |
Ping @prijutme4ty |
strong parameter support refined to allow standard Rails 4 notation
LGTM! |
❤️ |
This commit allows one to use standard rails 4
params.require().permit()
notation.It's done in such a way that this doesn't clash with
permitted_params
if it's already defined. But if it doesn't, then defaultpermitted_params
falls back to a permitting method with resource-specific name.Method user should define is the same as scaffold generates and thus the same as other gems such as cancan will try to handle.