forked from OpenNeo/impress
Use strong parameters for Outfit
This commit is contained in:
parent
1ffcb59f4a
commit
4250e009d7
2 changed files with 7 additions and 4 deletions
|
@ -2,7 +2,7 @@ class OutfitsController < ApplicationController
|
||||||
before_filter :find_authorized_outfit, :only => [:update, :destroy]
|
before_filter :find_authorized_outfit, :only => [:update, :destroy]
|
||||||
|
|
||||||
def create
|
def create
|
||||||
@outfit = Outfit.build_for_user(current_user, params[:outfit])
|
@outfit = Outfit.build_for_user(current_user, outfit_params)
|
||||||
if @outfit.save
|
if @outfit.save
|
||||||
render :json => @outfit
|
render :json => @outfit
|
||||||
else
|
else
|
||||||
|
@ -108,7 +108,7 @@ class OutfitsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def update
|
def update
|
||||||
if @outfit.update_attributes(params[:outfit])
|
if @outfit.update_attributes(outfit_params)
|
||||||
render :json => @outfit
|
render :json => @outfit
|
||||||
else
|
else
|
||||||
render_outfit_errors
|
render_outfit_errors
|
||||||
|
@ -117,6 +117,11 @@ class OutfitsController < ApplicationController
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def outfit_params
|
||||||
|
params.require(:outfit).permit(
|
||||||
|
:name, :pet_state_id, :starred, :worn_and_unworn_item_ids)
|
||||||
|
end
|
||||||
|
|
||||||
def find_authorized_outfit
|
def find_authorized_outfit
|
||||||
raise ActiveRecord::RecordNotFound unless user_signed_in?
|
raise ActiveRecord::RecordNotFound unless user_signed_in?
|
||||||
@outfit = current_user.outfits.find(params[:id])
|
@outfit = current_user.outfits.find(params[:id])
|
||||||
|
|
|
@ -11,8 +11,6 @@ class Outfit < ActiveRecord::Base
|
||||||
|
|
||||||
delegate :color, to: :pet_state
|
delegate :color, to: :pet_state
|
||||||
|
|
||||||
attr_accessible :name, :pet_state_id, :starred, :worn_and_unworn_item_ids
|
|
||||||
|
|
||||||
scope :wardrobe_order, -> { order('starred DESC', :name) }
|
scope :wardrobe_order, -> { order('starred DESC', :name) }
|
||||||
|
|
||||||
# NOTE: We no longer save images, but we've left the code here for now.
|
# NOTE: We no longer save images, but we've left the code here for now.
|
||||||
|
|
Loading…
Reference in a new issue