Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

update AC::Parameters#permit documentation [ci skip] #7915

Merged
merged 1 commit into from

3 participants

@frodsan

bdd105d changes the behaviour of AC::Parameters#permit.

/cc @spastorino

Francesco Rodriguez update AC::Parameters#permit documentation [ci skip]
bdd105d changes the behaviour of AC::Parameters#permit.
299fee5
@rafaelfranca rafaelfranca merged commit fc5a3e9 into rails:master
@rafaelfranca

Thanks

@spastorino
Owner

Great guys thanks but I'd explain it based in the use you do with accepts_nested_attributes_for since it's a real use case

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Oct 12, 2012
  1. update AC::Parameters#permit documentation [ci skip]

    Francesco Rodriguez authored
    bdd105d changes the behaviour of AC::Parameters#permit.
This page is out of date. Refresh to see the latest.
Showing with 22 additions and 0 deletions.
  1. +22 −0 actionpack/lib/action_controller/metal/strong_parameters.rb
View
22 actionpack/lib/action_controller/metal/strong_parameters.rb
@@ -171,6 +171,28 @@ def require(key)
# permitted[:person][:age] # => nil
# permitted[:person][:pets][0][:name] # => "Purplish"
# permitted[:person][:pets][0][:category] # => nil
+ #
+ # Note that if you use +permit+ in a key that points to a hash,
+ # it won't allow all the hash. You also need to specify which
+ # attributes inside the hash should be whitelisted.
+ #
+ # params = ActionController::Parameters.new({
+ # person: {
+ # contact: {
+ # email: 'none@test.com'
+ # phone: '555-1234'
+ # }
+ # }
+ # })
+ #
+ # params.require(:person).permit(:contact)
+ # # => {}
+ #
+ # params.require(:person).permit(contact: :phone)
+ # # => {"contact"=>{"phone"=>"555-1234"}}
+ #
+ # params.require(:person).permit(contact: [ :email, :phone ])
+ # # => {"contact"=>{"email"=>"none@test.com", "phone"=>"555-1234"}}
def permit(*filters)
params = self.class.new
Something went wrong with that request. Please try again.