forked from OpenNeo/impress
Use strong parameters for ClosetList
This commit is contained in:
parent
32b1608346
commit
a2bd538bb4
2 changed files with 8 additions and 5 deletions
|
@ -3,7 +3,7 @@ class ClosetListsController < ApplicationController
|
|||
before_filter :find_closet_list, :only => [:edit, :update, :destroy]
|
||||
|
||||
def create
|
||||
@closet_list = current_user.closet_lists.build params[:closet_list]
|
||||
@closet_list = current_user.closet_lists.build closet_list_params
|
||||
if @closet_list.save
|
||||
save_successful!
|
||||
else
|
||||
|
@ -19,11 +19,11 @@ class ClosetListsController < ApplicationController
|
|||
end
|
||||
|
||||
def new
|
||||
@closet_list = current_user.closet_lists.build params[:closet_list]
|
||||
@closet_list = current_user.closet_lists.build closet_list_params
|
||||
end
|
||||
|
||||
def update
|
||||
if @closet_list.update_attributes(params[:closet_list])
|
||||
if @closet_list.update_attributes(closet_list_params)
|
||||
save_successful!
|
||||
else
|
||||
save_failed!
|
||||
|
@ -33,6 +33,11 @@ class ClosetListsController < ApplicationController
|
|||
|
||||
protected
|
||||
|
||||
def closet_list_params
|
||||
params.require(:closet_list).permit(
|
||||
:description, :hangers_owned, :name, :visibility)
|
||||
end
|
||||
|
||||
def find_closet_list
|
||||
@closet_list = current_user.closet_lists.find params[:id]
|
||||
end
|
||||
|
|
|
@ -3,8 +3,6 @@ class ClosetList < ActiveRecord::Base
|
|||
has_many :hangers, :class_name => 'ClosetHanger', :foreign_key => 'list_id'
|
||||
# Nullification of associated records occurs in the ClosetListObserver.
|
||||
|
||||
attr_accessible :description, :hangers_owned, :name, :visibility
|
||||
|
||||
validates :name, :presence => true, :uniqueness => {:scope => :user_id}
|
||||
validates :user, :presence => true
|
||||
validates :hangers_owned, :inclusion => {:in => [true, false], :message => "can't be blank"}
|
||||
|
|
Loading…
Reference in a new issue