This repository has been archived by the owner. It is now read-only.

Adds Parameter#recursive_permit! with tests #31

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
4 participants
Contributor

bloudermilk commented Aug 23, 2012

When building apps with admin-only authenticated namespaces we often found strong_parameters redundant. However, since we had already included ActiveModel::ForbiddenAttributesProtection in our models we were forced to implement it anyway. This update introduces a Parameter#recursive_permit! option that crawls the params hash and #permit!s any nested hashes. It is well suited for use in namespaced application controllers like so:

class Admin::ApplicationController < ::ApplicationController
  before_filter :permit_params

  private

  def permit_params
    params.recursive_permit!
  end
end
Contributor

svoop commented Oct 4, 2012

(+1)

Same problem here with an active_admin backend. These generated backends are for a trusted usergroup only, no need (and no budget) to implement parameter whitelisting here. This solution can easily enable active_admin and similar to work seemlessly with strong_params.

Owner

dhh commented Oct 4, 2012

This should just be the default behavior of #permit!. Let's make it so.

Owner

rafaelfranca commented Oct 4, 2012

Agree with @dhh

Contributor

bloudermilk commented Oct 4, 2012

Excellent. I'll submit a new pull request this afternoon

@bloudermilk bloudermilk closed this Oct 4, 2012

@bloudermilk bloudermilk referenced this pull request Oct 4, 2012

Merged

Makes permit! recursive #41

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.