strong-parameters

问题 I have an update method right now that will not work for all situations. It is hard coded in the strong params like this params.require(:integration_webhook).permit(:filters) that all fine right now but sometimes it may be integration_webhook and other times it needs to be integration_slack . Basically, is there a way that I don't need to hardcode the require in the strong params? I'll show my code for clarity. Update Method: def update @integration = current_account.integrations.find(params[

问题 I'm trying to automate some documentation for an API and would like to retrieve the list of attributes listed by strong_parameters , as that's really the public face of my API. What I would like to do: def MyController < ApplicationController # ...CRUD actions... private def my_params require(:resource).permit(:first_name, :last_name, :age) end end MyController.my_params => [:first_name, :last_name, :age] Typically the listing is marked as private , so that's the first issue. I don't want to

问题 Is it possible to use strong parameters to ensure that an attribute will be filtered with a whitelist of possible values? For example, I have a parameter age that I want to ensure that can only have this values [10,20,30,40,50]. Is it possible to use the strong parameters logic to ensure that? Thanks 回答1: Quick answer No! Strong parameters only let you to filter keys from a hash regardless of the value they have. Long answer No! But as it was pointed out in comments, your best solution is to

问题 I am trying to convert an array inputed from a form multiple select field into a string separating the elements with commas. The gem i am using requires a tag_field in the form of a string separated by commas, but my multiple select field creates an array. Strong parameters reject the array so I need to convert the array to a string. Here is the code I have now in my application controller, but it is not working. def configure_devise_params devise_parameter_sanitizer.for(:sign_up) do |u| u[

问题 I want to permit nested custom parameters but am not sure how to access them. These are my params: params=> {"utf8"=>"✓", "authenticity_token"=>"...", "tracking"=>{"installation"=>"4", "code"=>[{"1"=>"one", "2"=>"two"}]}, "action"=>"create", "controller"=>"admin/trackings"} According to the Strong Parameters documentation I tried some combinations like this: def tracking_params params.require(:tracking).permit(:installation, code: []) end but they are not working. What am I missing? 回答1: def

问题 I have a form with a nested fields_for. I have attempted to permit the parameters that are generated by that nested form, but they are being blocked by strong parameters. I'm using rails 4.2.4 and ruby 2.2.2 I've read some official documentation: http://api.rubyonrails.org/classes/ActionController/StrongParameters.html http://guides.rubyonrails.org/action_controller_overview.html#strong-parameters I've read what looks like relevant SO posts: Rails 4 Nested Attributes Unpermitted Parameters

问题 I seem to be missing something obvious, but I am unable to permit the attributes for a nested has_one association. Controller: def create @crossword = Crossword.new(crossword_params) if @crossword.save render :show, status: :created, location: [:api, @crossword] else render json: @crossword.errors, status: :unprocessable_entity end end def crossword_params params.require(:crossword).permit(:title, :grid_size, grid_size_attributes: [:rows, :columns]) end Model: validates :title, :grid_size,

问题 I have a form to create a user model with all its usual attributes, but I am also passing a lot of non-model attributes that based on which I will create further stuff in my controller action. My question is how I can tell Strong Parameters to accept both the user data, AND this other data that is not related to the user db wise? To illustrate, my form could like this (submit button deleted for brievity): <%= form_for @user do |f| %> <%= f.text_field 'attribute1' %> <%= f.text_field

问题 User model: has_and_belongs_to_many :events Event model: has_and_belongs_to_many :users Users controller: params.require(:user).permit(:role, {:event_ids => []}) Events controller: params.require(:event).permit(:subject, :location, :date, :time, :all_day, :reminder, :notes, {:users_ids => []}) My form: <%= simple_form_for(@event) do |f| %> <%= f.input :subject %> <%= f.input :location %> <%= f.input :date %> <%= f.input :time %> <%= f.association :users %> <%= f.input :all_day %> <%= f.input

问题 i try to save image file using carrierwave in rails 4, but when submit button is click database is rollback??? why ? if i dont select image to upload and just send string only, all work properly but if i send image file i get error like this : TypeError: can't cast ActionDispatch::Http::UploadedFile to string: INSERT INTO "items" ("created_at", "description", "image", "name", "store_id", "sub_items", "title", "updated_at") VALUES (?, ?, ?, ?, ?, ?, ?, ?) (0.2ms) rollback transaction ***