Menu
Rails 4: I'm coming from rails 3.2.x And I have a question. How can I use Strong parameter with no controller.
I have this model:
Track (the only one that has a Controller )
has_many :tracksegments, :dependent => :destroy
has_many :points, :through => :tracksegments
Tracksegment
belongs_to :track
has_many :points, :dependent => :destroy
points
belongs_to :tracksegment
Track is the only one that has a Controller so it has some Strong Parameters.
I want to know where can I put the parameters that belongs to "tracksegment" and "points" In Rails 3.x it's direct in the model but in rails 4 i have no controller for them.
623
This might help if you need to use "strong params" outside of controllers:
Use Outside of Controllers
While Strong Parameters will enforce permitted and required values in your application controllers, keep in mind that you will need to sanitize untrusted data used for mass assignment when in use outside of controllers.
For example, if you retrieve JSON data from a third party API call and pass the unchecked parsed result on to Model.create, undesired mass assignments could take place. You can alleviate this risk by slicing the hash data, or wrapping the data in a new instance of ActionController::Parameters and declaring permissions the same as you would in a controller. For example:
raw_parameters = { :email => "[email protected]", :name => "John", :admin => true }
parameters = ActionController::Parameters.new(raw_parameters)
user = User.create(parameters.permit(:name, :email))
https://github.com/rails/strong_parameters
151
You permit the parameters into whichever controller you are sending them through. It sounds like you are sending them through your track controller, if so you would add them there.
see this question about how to permit nested params Rails 4 - Strong Parameters - Nested Objects
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
