better_strong_params 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +13 -38
- data/better_strong_params.gemspec +1 -1
- data/lib/better_strong_params.rb +21 -12
- data/lib/better_strong_params/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a5ce1ef091a974afc806772bf96add9d8210f9d8
|
4
|
+
data.tar.gz: 8003573183b9926cbd33d881120164b9aeab434d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 68334d57da58ecad3a54963f8d4e136d50874f1011f62da38820c701211c4120481105c47244c6cbf285000834ae676e4e94f1a7d934f5bf0bdb20e8f0517090
|
7
|
+
data.tar.gz: 65c0b974a50e9374833181ae8f81b909f87dd5774ea422dd2e99a40c361a36db884207370f283f4dadad71ef8246dea198f038abfbd75e9033c8b421549051f7
|
data/README.md
CHANGED
@@ -2,6 +2,11 @@
|
|
2
2
|
|
3
3
|
Adds a DSL to ActionController that allows to add strong params filtering without adding a specific, dirty controller method.
|
4
4
|
|
5
|
+
# DSL Changes in 0.0.3
|
6
|
+
|
7
|
+
- `whitelist_parameters` replaces `filter_parameters`
|
8
|
+
- No more `create_params` or such, filtered and whitelisted attributes are now available via the regular `params` hash.
|
9
|
+
|
5
10
|
## Why?
|
6
11
|
|
7
12
|
[Rails's Strong Parameters](http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html) is obviously a better approach than having the model decide which attributes are protected or not. The only problem I have with this is the need to add an ugly method (at least one) to the controller to filter and whitelist the parameters.
|
@@ -28,31 +33,31 @@ BetterStrongParams is automatically included in ActionController::Base, so you d
|
|
28
33
|
|
29
34
|
## Usage
|
30
35
|
|
31
|
-
BetterStrongParams allows you to use the `
|
36
|
+
BetterStrongParams allows you to use the `whitelist_parameters` method in your controllers:
|
32
37
|
|
33
38
|
```ruby
|
34
39
|
class UsersController < ApplicationController
|
35
|
-
|
40
|
+
whitelist_parameters post: [:title, :body], user: [:name, :age], ....
|
36
41
|
end
|
37
42
|
```
|
38
43
|
|
39
|
-
`
|
44
|
+
`whitelist_parameters` a representation of a hash as you would enter in normal Strong Parameters method:
|
40
45
|
|
41
46
|
```
|
42
|
-
|
47
|
+
top_level_key: [attribute, attribute], another_top_level: [...], ...
|
43
48
|
```
|
44
49
|
|
45
|
-
|
50
|
+
Unlike many other Strong Parameters implementations in which you would have to define a sanitizing method (`user_params`), BetterStrongParams lets you keep on using the regular `params` hash
|
46
51
|
|
47
52
|
|
48
|
-
|
53
|
+
## Full example
|
49
54
|
```ruby
|
50
55
|
class UsersController < ApplicationController
|
51
56
|
|
52
|
-
|
57
|
+
whitelist_parameters user: [:name, :age]
|
53
58
|
|
54
59
|
def create
|
55
|
-
@user = User.new(
|
60
|
+
@user = User.new(params[:user]) # => params[:user] is being whitelisted without the need to define / create the extra method.
|
56
61
|
if @user.save
|
57
62
|
redirect_to treasure_url
|
58
63
|
else
|
@@ -62,36 +67,6 @@ for every controller action you set using `filter_parameters`, a method named `#
|
|
62
67
|
end
|
63
68
|
```
|
64
69
|
|
65
|
-
or if you want a single whitelist params set for all of the controller methods, BetterStrongParams will automatically generate one method named after your controller's singular resource
|
66
|
-
|
67
|
-
```ruby
|
68
|
-
class UsersController < ApplicationController
|
69
|
-
|
70
|
-
filter_parameters all: {user: [:name, :age]}
|
71
|
-
|
72
|
-
def create
|
73
|
-
|
74
|
-
# If you specify the 'all' option, user_params will be available.
|
75
|
-
@user = User.new(user_params)
|
76
|
-
if @user.save
|
77
|
-
redirect_to treasure_url
|
78
|
-
else
|
79
|
-
redirect_to jail_url
|
80
|
-
end
|
81
|
-
end
|
82
|
-
|
83
|
-
def update
|
84
|
-
@user = User.find(params[:id])
|
85
|
-
if @user.update_attributes(user_params)
|
86
|
-
redirect_to treasure_url
|
87
|
-
else
|
88
|
-
redirect_to jail_url
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
end
|
93
|
-
```
|
94
|
-
|
95
70
|
|
96
71
|
## Contributing
|
97
72
|
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
|
|
10
10
|
spec.email = ["elad@eizesus.com"]
|
11
11
|
spec.summary = "Adds a DSL to ActionController that allows to add strong params filtering without adding a specific, dirty controller method."
|
12
12
|
spec.description = ""
|
13
|
-
spec.homepage = ""
|
13
|
+
spec.homepage = "https://github.com/ShinobiDevs/better_strong_params/"
|
14
14
|
spec.license = "MIT"
|
15
15
|
|
16
16
|
spec.files = `git ls-files`.split($/)
|
data/lib/better_strong_params.rb
CHANGED
@@ -8,22 +8,31 @@ module BetterStrongParams
|
|
8
8
|
end
|
9
9
|
end
|
10
10
|
|
11
|
+
module Exceptions
|
12
|
+
class Deprecated < RuntimeError; end
|
13
|
+
end
|
14
|
+
|
11
15
|
module ClassMethods
|
16
|
+
|
12
17
|
def filter_parameters(options = {})
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
18
|
+
raise(BetterStrongParams::Exceptions::Deprecated, "filter_parameters was deprecated in version 0.0.3, please refer to https://github.com/ShinobiDevs/better_strong_params for more information on the new DSL.")
|
19
|
+
end
|
20
|
+
|
21
|
+
def whitelist_parameters(options = {})
|
22
|
+
|
23
|
+
alias_method :_params, :params
|
24
|
+
|
25
|
+
define_method("params") do
|
26
|
+
filtered = {}
|
27
|
+
top_level_params = options.keys
|
28
|
+
top_level_params.each do |top_level_param|
|
29
|
+
filtered[top_level_param] = _params.require(top_level_param).permit(*options[top_level_param])
|
19
30
|
end
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
base = options[action_name].keys.first
|
24
|
-
params.require(base).permit(*options[action_name][base])
|
25
|
-
end
|
31
|
+
|
32
|
+
(_params.keys.map(&:to_s) - options.keys.map(&:to_s)).each do |root_level_param|
|
33
|
+
filtered[root_level_param] = _params[root_level_param]
|
26
34
|
end
|
35
|
+
ActionController::Parameters.new(filtered).permit!
|
27
36
|
end
|
28
37
|
end
|
29
38
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: better_strong_params
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Elad Meidar
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-08-
|
11
|
+
date: 2014-08-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -87,7 +87,7 @@ files:
|
|
87
87
|
- spec/fixtures/models/user.rb
|
88
88
|
- spec/lib/better_strong_params_spec.rb
|
89
89
|
- spec/spec_helper.rb
|
90
|
-
homepage:
|
90
|
+
homepage: https://github.com/ShinobiDevs/better_strong_params/
|
91
91
|
licenses:
|
92
92
|
- MIT
|
93
93
|
metadata: {}
|