Use strong parameters for ClosetList

This commit is contained in:
Matchu 2023-07-29 11:22:15 -07:00 committed by Matchu
parent 8aa4aa6e30
commit 0810f6c34b
2 changed files with 8 additions and 5 deletions

View file

@ -3,7 +3,7 @@ class ClosetListsController < ApplicationController
before_filter :find_closet_list, :only => [:edit, :update, :destroy] before_filter :find_closet_list, :only => [:edit, :update, :destroy]
def create def create
@closet_list = current_user.closet_lists.build params[:closet_list] @closet_list = current_user.closet_lists.build closet_list_params
if @closet_list.save if @closet_list.save
save_successful! save_successful!
else else
@ -19,11 +19,11 @@ class ClosetListsController < ApplicationController
end end
def new def new
@closet_list = current_user.closet_lists.build params[:closet_list] @closet_list = current_user.closet_lists.build closet_list_params
end end
def update def update
if @closet_list.update_attributes(params[:closet_list]) if @closet_list.update_attributes(closet_list_params)
save_successful! save_successful!
else else
save_failed! save_failed!
@ -33,6 +33,11 @@ class ClosetListsController < ApplicationController
protected protected
def closet_list_params
params.require(:closet_list).permit(
:description, :hangers_owned, :name, :visibility)
end
def find_closet_list def find_closet_list
@closet_list = current_user.closet_lists.find params[:id] @closet_list = current_user.closet_lists.find params[:id]
end end

View file

@ -3,8 +3,6 @@ class ClosetList < ActiveRecord::Base
has_many :hangers, :class_name => 'ClosetHanger', :foreign_key => 'list_id' has_many :hangers, :class_name => 'ClosetHanger', :foreign_key => 'list_id'
# Nullification of associated records occurs in the ClosetListObserver. # Nullification of associated records occurs in the ClosetListObserver.
attr_accessible :description, :hangers_owned, :name, :visibility
validates :name, :presence => true, :uniqueness => {:scope => :user_id} validates :name, :presence => true, :uniqueness => {:scope => :user_id}
validates :user, :presence => true validates :user, :presence => true
validates :hangers_owned, :inclusion => {:in => [true, false], :message => "can't be blank"} validates :hangers_owned, :inclusion => {:in => [true, false], :message => "can't be blank"}