strong-parameters

How to use Rails 4 strong parameters with has_many :through association?

若如初见. 提交于 2019-11-27 05:24:11
问题 I'm having trouble getting a has_many :through association working with Rails 4's strong parameters. I have a model called Checkout and I need to select a person from the Employee model in the new checkout form. Checkouts and Employees are associated through an Employment model. I'm getting this error when I try to create a new checkout: NoMethodError in CheckoutsController#create undefined method `employee' for #<Checkout:0x007ff4f8d07f88> It seems that there's something wrong with either my

Rails 4 Strong parameters : permit all attributes?

只愿长相守 提交于 2019-11-27 05:15:59
问题 I'm building a web app with Rails 4 strong parameters. When building the admin back office controllers, I wonder what is the best way to permit all the model attributes? For now, I wrote this: def user_params params.require(:user).permit(User.fields.keys) end Do you think of a better way? 回答1: You can call the bang version of permit. params.require(:user).permit! Strong Params README on Github Source code for reference: def permit! each_pair do |key, value| convert_hashes_to_parameters(key,

Forbidden Attributes Error in Rails 4 when encountering a situation where one would have used attr_accessible in earlier versions of Rails

青春壹個敷衍的年華 提交于 2019-11-27 01:28:03
问题 With the recent upgrade to Rails 4, updating attributes using code resembling the below does not work, I get a ActiveModel::ForbiddenAttributes error: @user.update_attributes(params[:user], :as => :admin) Where User has the following attr_accessible line in the model: attr_accessible :role_ids, :as =>admin # or any attribute other than :role_ids contained within :user How do you accomplish the same task in Rails 4? 回答1: Rails 4 now has features from the strong_parameters gem built in by

How to specify devise_parameter_sanitizer for edit action?

拟墨画扇 提交于 2019-11-27 00:50:16
I've added Devise to my Rails 4 application, and successfully added username etc. to my User model. Furthermore, I'm able to store those fields using the lazy way™, i.e. class ApplicationController < ActionController::Base before_filter :configure_permitted_parameters, if: :devise_controller? protected def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :firstname, :middlename, :lastname) } end end However, I tried def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email,

Rails 4 Unpermitted Parameters for Array

…衆ロ難τιáo~ 提交于 2019-11-27 00:20:00
问题 I have an array field in my model and I'm attempting to update it. My strong parameter method is below def post_params params["post"]["categories"] = params["post"]["categories"].split(",") params.require(:post).permit(:name, :email, :categories) end My action in my controller is as follows def update post = Post.find(params[:id] if post and post.update_attributes(post_params) redirect_to root_url else redirect_to posts_url end end However, whenever I submit the update the post, in my

Strong parameters with Rails and Devise

ぐ巨炮叔叔 提交于 2019-11-27 00:13:01
问题 I am using the rails 4.0 branch of devise along with ruby 2.0.0p0 and Rails 4.0.0.beta1. This is the kind of question where I am checking if I'm doing it the right way, or if there are other things I should be doing. I'm sure a lot of people moving to Rails 4.0 are facing the same problems (after googling for similar things). I have read the following links: Devise and Strong Parameters https://gist.github.com/kazpsp/3350730 https://github.com/plataformatec/devise/tree/rails4#strong

How should I use rails and simple_form for nested resources?

你离开我真会死。 提交于 2019-11-26 21:48:37
问题 I'm trying to create one resource with another nested resource at the same time. I'm using Rails4 and simple_form 3.0.0rc. Here is my code. Models: class User < ActiveRecord::Base has_one :profile accepts_nested_attributes_for :profile end class Profile < ActiveRecord::Base belongs_to :user end Controller: class UsersController < ApplicationController def new @user = User.new @user.build_profile end def create user = User.new user_params user.save redirect_to root_url # @par =params end

Rails4: How to permit a hash with dynamic keys in params?

给你一囗甜甜゛ 提交于 2019-11-26 19:48:39
问题 I make a http put request with following parameters: {"post"=>{"files"=>{"file1"=>"file_content_1", "file2"=>"file_content_2"}}, "id"=>"4"} and i need to permit hash array in my code. based on manuals I've tried like these: > params.require(:post).permit(:files) # does not work > params.require(:post).permit(:files => {}) # does not work, empty hash as result > params.require(:post).permit! # works, but all params are enabled How to make it correctly? UPD1 : file1, file2 - are dynamic keys

strong parameters permit all attributes for nested attributes

南笙酒味 提交于 2019-11-26 15:37:50
问题 Is there a way in strong parameters to permit all attributes of a nested_attributes model ? Here is a sample code. class Lever < ActiveRecord::Base has_one :lever_benefit accepts_nested_attributes_for :lever_benefit end class LeverBenefit < ActiveRecord::Base # == Schema Information # id :integer not null, primary key # lever_id :integer # explanation :text end For lever strong parameters i am writing currently this def lever params.require(:lever).permit(:name,:lever_benefit_attributes => [

Rails 4.0 Strong Parameters nested attributes with a key that points to a hash

ε祈祈猫儿з 提交于 2019-11-26 12:06:51
问题 I was playing around with Rails 4.x beta and trying to get nested attributes working with carrierwave. Not sure if what I\'m doing is the right direction. After searching around, and then eventually looking at the rails source and strong parameters I found the below notes. # Note that if you use +permit+ in a key that points to a hash, # it won\'t allow all the hash. You also need to specify which # attributes inside the hash should be whitelisted. https://github.com/rails/rails/blob/master
订阅 strong-parameters