1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Merge pull request #33136 from Meekohi/master

Update example for whitelisting arbitrary hashes
This commit is contained in:
Rafael França 2018-06-14 17:09:28 -04:00 committed by GitHub
commit 5f5dc91140
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -334,6 +334,17 @@ with a `has_many` association:
params.require(:book).permit(:title, chapters_attributes: [:title]) params.require(:book).permit(:title, chapters_attributes: [:title])
``` ```
Imagine a scenario where you have parameters representing a product
name and a hash of arbitrary data associated with that product, and
you want to whitelist the product name attribute and also the whole
data hash:
```ruby
def product_params
params.require(:product).permit(:name, data: {})
end
```
#### Outside the Scope of Strong Parameters #### Outside the Scope of Strong Parameters
The strong parameter API was designed with the most common use cases The strong parameter API was designed with the most common use cases
@ -341,19 +352,6 @@ in mind. It is not meant as a silver bullet to handle all of your
whitelisting problems. However, you can easily mix the API with your whitelisting problems. However, you can easily mix the API with your
own code to adapt to your situation. own code to adapt to your situation.
Imagine a scenario where you have parameters representing a product
name and a hash of arbitrary data associated with that product, and
you want to whitelist the product name attribute and also the whole
data hash. The strong parameters API doesn't let you directly
whitelist the whole of a nested hash with any keys, but you can use
the keys of your nested hash to declare what to whitelist:
```ruby
def product_params
params.require(:product).permit(:name, data: params[:product][:data].try(:keys))
end
```
Session Session
------- -------