1. 技术文章
  2. Permit extra params in special cases with Strong Params in Rails 4

Permit extra params in special cases with Strong Params in Rails 4

一个人想着一个人 提交于 2019-12-06 05:42:10

问题


So for an organization, I want users to be able to be able to edit some things about it.

params.require(:organization).permit(:name, :location)

But in special cases, I want administrators to be able to edit extra attributes

params.require(:organization).permit(:name, :location, :secrets)

Now I know I can just have an if statement to choose which line I want to use, but since the admin will always be able to edit the original attributes, I wanted to easily be able to include them like so:

permitted = params.require(:organization).permit(:name, :location)
permitted.permit(:secrets) if current_user.admin?

Is there any way to chain permit calls like that? Or do I have to do something like store the attributes in an array and conditionally add extra before making the permit call?


回答1:


This seems to be the way to go:

def permitted_params
  if current_user.admin?
    params.require(:organization).permit(:name, :location, :secrets)
  else
    params.require(:organization).permit(:name, :location)
  end
end

Then use permitted_params in your controller.




回答2:


Using the below technique, there's no need to write the same params twice, which is helpful if you have a long list of attributes.

def organization_params
  attributes = [:name, :location]
  attributes.push(:secrets) if current_user.admin?

  params.require(:organization).permit(attributes)
end



回答3:


What you should do is simple:

def organization_params
  basic_filter = %w(name location)
  filter = user.admin? ? basic_filter.push('secrets') : basic_filter
  params.require(:organization).permit(filter)
end

This will work as you see:

[20] pry(main)> params = ActionController::Parameters.new({
[20] pry(main)*     organization: {  
[20] pry(main)*       name: 'Francesco',    
[20] pry(main)*       location:  'L.A.',    
[20] pry(main)*       secrets: 'secrets'    
[20] pry(main)*     }    
[20] pry(main)* })    
=> {"organization"=>{"name"=>"Francesco", "location"=>"L.A.", "secrets"=>"secrets"}}
[21] pry(main)> basic_filter = %w(name location)
=> ["name", "location"]
[22] pry(main)> filter = true ? basic_filter.push('secrets') : basic_filter
=> ["name", "location", "secrets"]
[23] pry(main)> params.require(:organization).permit(filter)
=> {"name"=>"Francesco", "location"=>"L.A.", "secrets"=>"secrets"}

and if user.admin? is false, the result will be

[26] pry(main)> basic_filter
=> ["name", "location", "secrets"]
[27] pry(main)> basic_filter = %w(name location)
=> ["name", "location"]
[28] pry(main)> filter = false ? basic_filter.push('secrets') : basic_filter
=> ["name", "location"]
[29] pry(main)> params.require(:organization).permit(filter)
Unpermitted parameter: secrets
=> {"name"=>"Francesco", "location"=>"L.A."}

This may help you.



来源:https://stackoverflow.com/questions/31297655/permit-extra-params-in-special-cases-with-strong-params-in-rails-4

标签
ruby-on-rails
ruby-on-rails-4
strong-parameters
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!