Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

strong_params: Simpler modification of allowed params #3566

Closed
wants to merge 1 commit into from
Closed

strong_params: Simpler modification of allowed params #3566

wants to merge 1 commit into from

Conversation

jhawthorn
Copy link
Contributor

With existing ControllerHelpers::PermittedAttributes, adding additional permitted attributes can only be done by overriding the method. To be done safely in extensions, this would rely on a lot of method aliasing.

This introduces Spree::PermittedAttributes, which has as module attributes for the the accessible attributes on the spree models. This is easily modifiable by spree applications or extensions.

Spree::PermittedAttributes.line_item_attributes << :my_custom_attribute

ControllerHelpers::StrongParameters contains the same methods as before but mostly delegates to Spree::PermittedAttributes. The controller helpers also describe the allowed nested attributes.

For more complex customization (ex. permissions depending on role), controllers can still override permitted_attributes with SimpleDelegator (or similar) or override permitted_*_attributes methods themselves to modify the attributes on a per request basis.

Thanks to Hates, Radar, huoxito, and jstrong in #spree for quick discussion.

@JDutil
Copy link
Member

JDutil commented Aug 15, 2013

I'm receiving syntax errors when trying to run the specs:

Generating dummy Rails application...
Setting up dummy database...
rake aborted!
/Users/JDutil/Code/spree/core/lib/spree/core/controller_helpers/strong_parameters.rb:10: syntax error, unexpected =>, expecting keyword_end
                 :to => :permitted_attributes,

@JDutil
Copy link
Member

JDutil commented Aug 15, 2013

I'm running on Ruby 2.0.0 if that helps.

@jhawthorn
Spree::PermittedAttributes for more extensibility
935ff70 
With existing `ControllerHelpers::PermittedAttributes`, adding
additional permitted attributes can only be done by overriding the
method. To be done safely in extensions, this would rely on a lot of
method aliasing.

This introduces `Spree::PermittedAttributes`, which has as module
attributes for the the accessible attributes on the spree models. This
is easily modifiable by spree applications or extensions.

    Spree::PermittedAttributes.line_item_attributes << :my_custom_attribute

`ControllerHelpers::StrongParameters` contains the same methods as
before but mostly delegates to `Spree::PermittedAttributes`. The
controller helpers also describe the allowed nested attributes.

For more complex customization (ex. permissions depending on role),
controllers can still override `permitted_attributes` with
`SimpleDelegator` (or similar) or override `permitted_*_attributes`
methods themselves to modify the attributes on a per request basis.

Thanks to Hates, Radar, huoxito, and jstrong in #spree for quick
discussion.
@jhawthorn
Copy link
Contributor Author

Ack! Sorry @JDutil, that was a fail commit. Pushed a typo-free one.

@Hates
Copy link
Contributor

Hates commented Aug 15, 2013

Awesome, once this is in I can start updating a lot of extensions that used the older attr_accessible method.

@JDutil JDutil closed this in 64ad1d1 Aug 15, 2013
@JDutil
Copy link
Member

JDutil commented Aug 15, 2013

Knock yourself out @Hates :)

@finiteautomata
Copy link

Newbie question: Where is a line like Spree::PermittedAttributes.line_item_attributes << :my_custom_attribute supposed to be? spree.rb perhaps?

@JDutil
Copy link
Member

JDutil commented Feb 28, 2014

Yea spree.rb should work fine.

@huoxito
Copy link
Member

huoxito commented Mar 1, 2014

I think for development it might be better to add it in ApplicationController or some other file that gets reloaded with the app though. You might experience issues where rails would reload the app code and attributes would be missing on that class accessor

@JDutil
Copy link
Member

JDutil commented Mar 1, 2014

Great point. I hate having to restart server for things.

@rk-panchal
Copy link

rk-panchal commented May 19, 2016
edited

i am working on rails 4
and i want to add new field in line_item table
for this i generate a migration and add filed "customer_name"
and permit it app/models/ line_item_decorator.rb
Spree::PermittedAttributes.line_item_attributes << :coustomer_name

but i am not able to save the value of customer_name in database.
plz give me any suggestion.

@Mafi88
Copy link
Contributor

Mafi88 commented May 25, 2016

@rk-panchal first, there is a typo << :coustomer_name. Second, there is only reader for attributes in PermittedAttributes module.

So you should do it like this:

# config/initializers/spree_permitted_attributes.rb
module Spree
  module PermittedAttributes
    @@line_item_attributes << :customer_name
  end
end

@rk-panchal
Copy link

thanks @Mafi88

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@jhawthorn @JDutil @Hates @finiteautomata @huoxito @rk-panchal @Mafi88