Rails 4 Strong parameters : permit all attributes?

后端未结

关注

 4  2003

日久生厌

I\'m building a web app with Rails 4 strong parameters.

When building the admin back office controllers, I wonder what is the best way to permit all the model attrib

相关标签:

4条回答

旧时难觅i

2020-12-07 18:56

You can call the bang version of permit.

params.require(:user).permit!

Strong Params README on Github

Source code for reference:

def permit!
  each_pair do |key, value|
    convert_hashes_to_parameters(key, value)
    self[key].permit! if self[key].respond_to? :permit!
  end

  @permitted = true
  self
end

0 讨论(0)

醉梦人生

2020-12-07 19:07
Skull0inc's answer works, but you might want to remove created_at and updated_at. The intention of strong params is to list only the attributes you want updatable by the controller. Something like...
```
def user_params
  params.require(:user).permit(User.column_names - ["created_at", "updated_at"])
end
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
一生所求

2020-12-07 19:10
Just in case someone need it for Rails 6, without even a model linked to your controller, you can use:
```
before_action :accept_all_params

private

def accept_all_params
  params.permit!
end
```
And done, now you can play with
0 讨论(0)
发布评论:

提交评论
- 加载中...
情深已故

2020-12-07 19:10
Would this work?
```
def user_params 
  params.require(:user).permit(User.column_names)
end
```
0 讨论(0)
发布评论:

提交评论
- 加载中...