Use strong parameters for ClosetHanger

This commit is contained in:
Matchu 2023-07-29 11:25:25 -07:00 committed by Matchu
parent 0810f6c34b
commit 09c9e3f346
2 changed files with 8 additions and 6 deletions

View file

@ -110,7 +110,7 @@ class ClosetHangersController < ApplicationController
end end
def create def create
@closet_hanger = current_user.closet_hangers.build(params[:closet_hanger]) @closet_hanger = current_user.closet_hangers.build(closet_hanger_params)
@closet_hanger.item = @item @closet_hanger.item = @item
if @closet_hanger.save if @closet_hanger.save
@ -132,7 +132,7 @@ class ClosetHangersController < ApplicationController
redirect_back!(user_closet_hangers_path(current_user)) redirect_back!(user_closet_hangers_path(current_user))
else else
@closet_hanger = current_user.closet_hangers.find(params[:id]) @closet_hanger = current_user.closet_hangers.find(params[:id])
@closet_hanger.attributes = params[:closet_hanger] @closet_hanger.attributes = closet_hanger_params
@item = @closet_hanger.item @item = @closet_hanger.item
unless @closet_hanger.quantity == 0 # save the hanger, new record or not unless @closet_hanger.quantity == 0 # save the hanger, new record or not
@ -166,6 +166,10 @@ class ClosetHangersController < ApplicationController
end end
private private
def closet_hanger_params
params.require(:closet_hanger).permit(:list_id, :owned, :quantity)
end
def closet_hanger_destroyed def closet_hanger_destroyed
respond_to do |format| respond_to do |format|
@ -249,8 +253,8 @@ class ClosetHangersController < ApplicationController
def owned def owned
owned = true owned = true
if params[:closet_hanger] if closet_hanger_params
owned = case params[:closet_hanger][:owned] owned = case closet_hanger_params[:owned]
when 'true', '1' then true when 'true', '1' then true
when 'false', '0' then false when 'false', '0' then false
end end

View file

@ -3,8 +3,6 @@ class ClosetHanger < ActiveRecord::Base
belongs_to :list, :class_name => 'ClosetList' belongs_to :list, :class_name => 'ClosetList'
belongs_to :user belongs_to :user
attr_accessible :list_id, :owned, :quantity
attr_accessor :item_proxy attr_accessor :item_proxy
delegate :name, to: :item, prefix: true delegate :name, to: :item, prefix: true