hot-glue 0.6.19 → 0.6.21

data/app/helpers/hot_glue/controller_helper.rb

@@ -74,20 +74,31 @@ module HotGlue
         (Time.now.utc.month == 11 && Time.now.utc.day < (7 - Time.now.utc.wday))
     end
 
-    def modify_date_inputs_on_params(modified_params, current_user_object = nil, field_list = nil)
-      use_timezone = (current_user_object.try(:timezone)) || Time.zone
+    def modify_date_inputs_on_params(modified_params, current_user_object = nil, field_list = {})
+
+      use_timezone = if current_user_object.try(:timezone)
+        (ActiveSupport::TimeZone[current_user_object.timezone])
+      else
+        Time.zone
+      end
+
+
       uses_dst = (current_user_object.try(:locale_uses_dst)) || false
 
       modified_params = modified_params.tap do |params|
         params.keys.each{|k|
-
-          if field_list.nil? # legacy pre v0.5.18 behavior
-            include_me = k.ends_with?("_at") || k.ends_with?("_date")
-          else
-            include_me = field_list.include?(k.to_sym)
+          if field_list.is_a?(Hash)
+            include_me = field_list[k.to_sym].present?
+          elsif field_list.is_a?(Array)
+            field_list.include?(k.to_sym)
           end
+
+          parsables =  {datetime: "%Y-%m-%d %H:%M %z",
+                        time: "%H:%M %z"}
+
           if include_me && params[k].present?
             if use_timezone
+
               parse_date = "#{params[k].gsub("T", " ")} #{use_timezone.formatted_offset}"
               # note: as according to https://stackoverflow.com/questions/20111413/html5-datetime-local-control-how-to-hide-seconds
               # there is no way to set the seconds to 00 in the datetime-local input field
@@ -96,8 +107,12 @@ module HotGlue
               # if they already exist in your database, you should zero them out
               # or apply .change(sec: 0) when displaying them as output in the form
               # this will prevent seconds from being added by the browser
-              parsed_time = Time.strptime(parse_date, "%Y-%m-%d %H:%M %Z")
-              parsed_time = parsed_time.to_time - 60.minutes if uses_dst && is_dst_now?
+              if  field_list.is_a?(Array)
+                parsed_time = Time.strptime(parse_date, "%Y-%m-%d %H:%M %z")
+              else
+                parsed_time = Time.strptime(parse_date, parsables[field_list[k.to_sym]])
+              end
+              # parsed_time = parsed_time.to_time - 60.minutes if uses_dst && is_dst_now?
               params[k] = parsed_time
             end
           end

data/lib/generators/hot_glue/fields/field.rb

@@ -6,7 +6,7 @@ class Field
                 :self_auth,
                 :singular_class,  :singular, :sql_type, :ownership_field,
                 :update_show_only, :namespace, :pundit, :plural,
-                :stimmify, :hidden, :attachment_data, :god
+                :stimmify, :hidden_create, :hidden_update, :attachment_data, :god
 
 
   def initialize(
@@ -33,11 +33,13 @@ class Field
     @default_boolean_display = scaffold.default_boolean_display
     @namespace = scaffold.namespace_value
     @stimmify = scaffold.stimmify
-    @hidden = scaffold.hidden
+    @hidden_create = scaffold.hidden_create
+    @hidden_update = scaffold.hidden_update
     @attachment_data = scaffold.attachments[name.to_sym]
     @god = scaffold.god
 
 
+
     # TODO: remove knowledge of subclasses from Field
     unless self.class == AttachmentField || self.class == RelatedSetField
       @sql_type = eval("#{class_name}.columns_hash['#{name}']").sql_type
@@ -193,7 +195,8 @@ class Field
   end
 
   def modify_binary?
-    !!(modify_as && modify_as[name.to_sym] && modify_as[name.to_sym][:binary])
+    return false if !modify_as
+    modify_as[:binary]
   end
 
   def display_boolean_as

data/lib/generators/hot_glue/fields/time_field.rb

@@ -10,7 +10,7 @@ class TimeField < Field
 
   def line_field_output
     "<% unless #{singular}.#{name}.nil? %>
-      <%= #{singular}.#{name}.in_time_zone(current_timezone).strftime('%l:%M %p ') %>
+      <%= #{singular}.#{name}.in_time_zone(current_timezone).strftime('%l:%M %p %Z') %>
      <% else %>
     <span class=''>MISSING</span>
     <% end %>"

data/lib/generators/hot_glue/layout/builder.rb

@@ -127,15 +127,24 @@ module HotGlue
           # if user_layout_columns.size > available_columns
           #   raise "Your include statement #{@include_setting } has #{user_layout_columns.size} columns, but I can only construct up to #{available_columns}"
           # end
+
+
+          columns_to_work_with =  (12 - @buttons_width)
+
+          if columns_to_work_with < user_layout_columns.size
+            raise "Your include statement #{@include_setting } has #{user_layout_columns.size} columns, but I can only construct up to #{columns_to_work_with}"
+          end
+
+          target_col_size = columns_to_work_with / user_layout_columns.size
+          extra_columns = columns_to_work_with % user_layout_columns.size
+
+
           user_layout_columns.each_with_index  do |column,i|
             layout_object[:columns][:container][i] = column.split(",").collect(&:to_sym)
-
-            default_col_width = 1
-            if extra_columns > 0
-              default_col_width += 1
-              extra_columns -= 1
+            layout_object[:columns][:bootstrap_column_width][i] = target_col_size
+            if i < extra_columns
+              layout_object[:columns][:bootstrap_column_width][i] += 1
             end
-            layout_object[:columns][:bootstrap_column_width][i] = default_col_width
           end
 
           if user_layout_columns.size < layout_object[:columns][:container].size

data/lib/generators/hot_glue/markup_templates/erb.rb

@@ -11,7 +11,8 @@ module  HotGlue
                   :attachments, :show_only, :columns_map, :pundit, :related_sets,
                   :search, :search_fields, :search_query_fields, :search_position,
                   :form_path, :layout_object, :search_clear_button, :search_autosearch,
-                  :stimmify, :stimmify_camel, :hidden
+                  :stimmify, :stimmify_camel, :hidden_create, :hidden_update, :invisible_create,
+                  :invisible_update, :plural
 
 
     def initialize(singular:, singular_class: ,
@@ -23,7 +24,8 @@ module  HotGlue
                  update_show_only:, attachments: , columns_map:, pundit:, related_sets:,
                  search:, search_fields:, search_query_fields: , search_position:,
                  search_clear_button:, search_autosearch:, layout_object:,
-                 form_path: , stimmify: , stimmify_camel:, hidden: )
+                 form_path: , stimmify: , stimmify_camel:, hidden_create:, hidden_update: ,
+                 invisible_create:, invisible_update: , plural: )
 
 
       @form_path = form_path
@@ -34,7 +36,11 @@ module  HotGlue
       @layout_object = layout_object
       @stimmify = stimmify
       @stimmify_camel = stimmify_camel
-      @hidden = hidden
+      @hidden_create = hidden_create
+      @hidden_update = hidden_update
+      @invisible_create = invisible_create
+      @invisible_update = invisible_update
+      @plural = plural
 
       @singular = singular
       @singular_class = singular_class
@@ -75,7 +81,7 @@ module  HotGlue
           (big_edit ? ", \"turbo\": false" : "") +
            "}} do |f| %>" +
           "<%= f.hidden_field :__#{button_name}, value: \"__#{button_name}\" %>" +
-          "<%= f.submit '#{button_name.titleize}'.html_safe, disabled: (#{singular}.respond_to?(:#{button_name}able?) && ! #{singular}.#{button_name}able? ), class: '#{singular}-button #{@layout_strategy.button_applied_classes} #{@layout_strategy.magic_button_classes}' %>" +
+          "<%= f.submit '#{button_name.titleize}'.html_safe, disabled: (#{singular}.respond_to?(:#{button_name}_able?) && ! #{singular}.#{button_name}_able? ), class: '#{singular}-button #{@layout_strategy.button_applied_classes} #{@layout_strategy.magic_button_classes}' %>" +
         "<% end %>"
       }.join("\n")
     end
@@ -88,7 +94,18 @@ module  HotGlue
 
         size = layout_object[:columns][:bootstrap_column_width][i]
         "<div class='#{layout_strategy.column_classes_for_column_headings(size)} hg-heading-row heading--#{singular}--#{column.join("-")}' " + col_style + ">" +
-          column.map(&:to_s).map{|col_name| "#{col_name.humanize}"}.join("<br />")  + "</div>"
+          column.map(&:to_s).map{|col_name|
+            the_output = "#{col_name.humanize}"
+            if invisible_update.include?(col_name.to_sym)
+              if_statements = []
+              if_statements << "false" if invisible_update.include?(col_name.to_sym)
+              # if_statements << "@action == 'new'" if invisible_create.include?(col_name.to_sym)
+              the_output = "<% if ( " +  if_statements.join(" || ") + " || policy(#{@plural}).#{col_name}_able? ) %>" +
+                +  the_output + "<% end %>"
+
+            end
+            the_output
+          }.join("<br />")  + "</div>"
       }.join("\n")
       return result
     end
@@ -160,7 +177,6 @@ module  HotGlue
                 "<% if @action == 'edit' %>" + columns_map[col].form_show_only_output + "<% else %>" + columns_map[col].form_field_output + "<% end %>"
               elsif update_show_only.include?(col) && @pundit && eval("defined? #{singular_class}Policy") && eval("#{singular_class}Policy").instance_methods.include?("#{col}_able?".to_sym)
                 "<% if @action == 'new' && policy(@#{singular}).#{col}_able? %>" + columns_map[col].form_field_output + "<% else %>" + columns_map[col].form_show_only_output + "<% end %>"
-
                  # show only on the update action overrides any pundit policy
               elsif @pundit && eval("defined? #{singular_class}Policy") && eval("#{singular_class}Policy").instance_methods.include?("#{col}_able?".to_sym)
                 "<% if policy(@#{singular}).#{col}_able? %>" + columns_map[col].form_field_output + "<% else %>" + columns_map[col].form_show_only_output  + "<% end %>"
@@ -178,17 +194,35 @@ module  HotGlue
               data_attr = " data-#{@stimmify}-target='#{col_target}Wrapper'"
             end
 
-            unless hidden.include?(col.to_sym)
-              add_spaces_each_line( "\n  <span #{@tinymce_stimulus_controller}class='<%= \"alert alert-danger\" if #{singular}.errors.details.keys.include?(:#{field_error_name}) %>' #{data_attr} >\n" +
-                                      add_spaces_each_line( (form_labels_position == 'before' ? (the_label || "") + "<br />\n"  : "") +
-                                                              +  field_result +
-                                                              (form_labels_position == 'after' ? (  columns_map[col].newline_after_field? ? "<br />\n" : "") + (the_label || "") : "")  , 4) +
-                                      "\n  </span>\n ", 2)
-            else
-              columns_map[col].hidden_output
+
+            the_output =   add_spaces_each_line( "\n  <span #{@tinymce_stimulus_controller}class='<%= \"alert alert-danger\" if #{singular}.errors.details.keys.include?(:#{field_error_name}) %>' #{data_attr} >\n" +
+                                                             add_spaces_each_line( (form_labels_position == 'before' ? (the_label || "") + "<br />\n"  : "") +
+                                                                                     +  field_result +
+                                                                                     (form_labels_position == 'after' ? (  columns_map[col].newline_after_field? ? "<br />\n" : "") + (the_label || "") : "")  , 4) +
+                                                             "\n  </span>\n ", 2)
+
+
+            if hidden_create.include?(col.to_sym) || hidden_update.include?(col.to_sym)
+              if_statements = []
+              if_statements << "@action == 'edit'" if hidden_update.include?(col.to_sym)
+              if_statements << "@action == 'new'" if hidden_create.include?(col.to_sym)
+
+              the_output = "<% if " + if_statements.join(" || ") + " %>" +
+                columns_map[col].hidden_output + "<% else %>" +  the_output + "<% end %>"
             end
 
+            if invisible_create.include?(col) || invisible_update.include?(col)
+              if_statements = []
+              if_statements << "@action == 'edit'" if invisible_update.include?(col.to_sym)
+              if_statements << "@action == 'new'" if invisible_create.include?(col.to_sym)
 
+              the_output = "<% if !(" + if_statements.join(" || ") + ") || policy(@#{singular}).#{col}_able? %>" +
+                +  the_output + "<% end %>"
+            end
+
+
+
+            the_output
           }.join("") + "\n  </div>"
       }.join("\n")
       return result
@@ -233,7 +267,21 @@ module  HotGlue
           
           label = "<label class='small form-text text-muted'>#{col.to_s.humanize}</label>"
 
-          "#{inline_list_labels == 'before' ? label + "<br/>" : ''}#{field_output}#{inline_list_labels == 'after' ? "<br/>" + label : ''}"
+          the_output = "#{inline_list_labels == 'before' ? label + "<br/>" : ''}#{field_output}#{inline_list_labels == 'after' ? "<br/>" + label : ''}"
+          if invisible_create.include?(col) || invisible_update.include?(col)
+            if_statements = []
+            if invisible_update.include?(col.to_sym) && invisible_create.include?(col.to_sym)
+            # elsif invisible_create.include?(col.to_sym)
+            #   if_statements << "!(@action == 'new')"
+            else
+              if_statements << "@action == 'edit'"
+            end
+
+            if_statements << " policy(#{singular}).#{col}_able?"
+            the_output = "<% if  " +  if_statements.join(" || ") + " %>" +
+              +  the_output + "<% end %>"
+          end
+          the_output
         }.join(  "<br />") + "</div>"
       }.join("\n")
       return result

data/lib/generators/hot_glue/scaffold_generator.rb

@@ -29,7 +29,8 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
                 :form_labels_position, :no_nav_menu, :pundit,
                 :self_auth, :namespace_value, :record_scope, :related_sets,
                 :search_clear_button, :search_autosearch, :include_object_names,
-                :stimmify, :stimmify_camel, :hidden
+                :stimmify, :stimmify_camel, :hidden_create, :hidden_update,
+                :invisible_create, :invisible_update
   # important: using an attr_accessor called :namespace indirectly causes a conflict with Rails class_name method
   # so we use namespace_value instead
 
@@ -58,6 +59,12 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
   class_option :show_only, type: :string, default: ""
   class_option :update_show_only, type: :string, default: ""
   class_option :hidden, type: :string, default: ""
+  class_option :hidden_create, type: :string, default: ""
+  class_option :hidden_update, type: :string, default: ""
+  class_option :invisible, type: :string, default: ""
+  class_option :invisible_create, type: :string, default: ""
+  class_option :invisible_update, type: :string, default: ""
+
   class_option :ujs_syntax, type: :boolean, default: nil
   class_option :downnest, type: :string, default: nil
   class_option :magic_buttons, type: :string, default: nil
@@ -99,6 +106,7 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
   class_option :code_after_create, default: nil
   class_option :code_before_update, default: nil
   class_option :code_after_update, default: nil
+  class_option :code_after_new, default: nil
   class_option :record_scope, default: nil
   class_option :no_nav_menu, type: :boolean, default: false # suppress writing to _nav template
   class_option :include_object_names, type: :boolean, default: false
@@ -231,11 +239,29 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
       puts "show only field #{@show_only}}"
     end
 
-    @hidden = options['hidden'].split(",").collect(&:to_sym)
-    if @hidden.any?
-      puts "hidden fields #{@hidden}}"
+    @hidden_all = options['hidden'].split(",").collect(&:to_sym)
+    @hidden_create = options['hidden_create'].split(",").collect(&:to_sym)
+    @hidden_update = options['hidden_update'].split(",").collect(&:to_sym)
+    @hidden_update.concat(@hidden_all) if @hidden_all.any?
+    @hidden_create.concat(@hidden_all) if @hidden_all.any?
+    @hidden_create.uniq!
+    @hidden_update.uniq!
+
+    if @hidden_create.any? || @hidden_update.any? || @hidden_all.any?
+      puts "hidden update fields #{@hidden_update}}"
+      puts "hidden create fields #{@hidden_create}}"
     end
 
+
+    @invisible_all = options['invisible'].split(",").collect(&:to_sym)
+    @invisible_create = options['invisible_create'].split(",").collect(&:to_sym)
+    @invisible_update = options['invisible_update'].split(",").collect(&:to_sym)
+    @invisible_update.concat(@invisible_all) if @invisible_all.any?
+    @invisible_update.uniq!
+    @invisible_create.concat(@invisible_all) if @invisible_all.any?
+    @invisible_create.uniq!
+
+
     @modify_as = {}
     if !options['modify'].empty?
       modify_input = options['modify'].split(",")
@@ -302,6 +328,9 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
     @new_button_label = options['new_button_label'] || (eval("#{class_name}.class_variable_defined?(:@@table_label_singular)") ? "New " + eval("#{class_name}.class_variable_get(:@@table_label_singular)") : "New " + singular.gsub("_", " ").titleize)
     @new_form_heading = options['new_form_heading'] || "New #{@label}"
 
+    # @table_display_name_singular = (eval("#{class_name}.class_variable_defined?(:@@table_label_singular)") ? eval("#{class_name}.class_variable_get(:@@table_label_singular)") : singular.gsub("_", " ").titleize)
+    @table_display_name_plural = (eval("#{class_name}.class_variable_defined?(:@@table_label_plural)") ? eval("#{class_name}.class_variable_get(:@@table_label_plural)") : plural.gsub("_", " ").titleize)
+
     setup_hawk_keys
     @form_placeholder_labels = options['form_placeholder_labels'] # true or false
     @inline_list_labels = options['inline_list_labels'] || get_default_from_config(key: :inline_list_labels) || 'omit' # 'before','after','omit'
@@ -358,11 +387,19 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
 
     @no_nav_menu = options['no_nav_menu']
 
+    if get_default_from_config(key: :pundit_default)
+      raise "please note the config setting `pundit_default` has been renamed `pundit`. please update your hot_glue.yml file"
+    end
+
     if @pundit.nil?
-      @pundit = get_default_from_config(key: :pundit_default)
+      @pundit = get_default_from_config(key: :pundit)
     end
 
 
+    if (@invisible_create + @invisible_update).any? && !@pundit
+      raise "you specified invisible fields without using Pundit. please remove the invisible fields or use --pundit"
+    end
+
     if options['include'].include?(":") && @smart_layout
       raise HotGlue::Error, "You specified both --smart-layout and also specified grouping mode (there is a : character in your field include list); you must remove the colon(s) from your --include tag or remove the --smart-layout option"
     end
@@ -495,6 +532,7 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
     @code_after_create = options['code_after_create']
     @code_before_update = options['code_before_update']
     @code_after_update = options['code_after_update']
+    @code_after_new = options['code_after_new']
 
     buttons_width = ((!@no_edit && 1) || 0) + ((!@no_delete && 1) || 0) + @magic_buttons.count
 
@@ -653,6 +691,7 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
         update_show_only: @update_show_only,
         singular_class: singular_class,
         singular: singular,
+        plural: @plural,
         hawk_keys: @hawk_keys,
         ownership_field: @ownership_field,
         form_labels_position: @form_labels_position,
@@ -670,7 +709,10 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
         form_path: form_path_new_helper,
         stimmify: @stimmify,
         stimmify_camel: @stimmify_camel,
-        hidden: @hidden
+        hidden_create: @hidden_create,
+        hidden_update: @hidden_update,
+        invisible_create: @invisible_create,
+        invisible_update: @invisible_update,
       )
     elsif @markup == "slim"
       raise(HotGlue::Error, "SLIM IS NOT IMPLEMENTED")
@@ -927,10 +969,8 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
       #{@factory_creation}
       "
       res << "\n      " + "@#{singular} = factory.#{singular}" unless res.include?("@#{singular} = factory.#{singular}")
-      res << "\n      flash[:notice] = \"Successfully created \#{@#{singular}.name}\" unless @#{singular}.new_record?
-    rescue ActiveRecord::RecordInvalid
+      res << "\n    rescue ActiveRecord::RecordInvalid
       @#{singular} = factory.#{singular}
-      flash[:alert] = \"Oops, your #{singular} could not be created. #{@hawk_alarm}\"
       @action = 'new'
     end"
       res
@@ -1134,13 +1174,17 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
   end
 
   def datetime_fields_list
-    @columns.select do |col|
-      if @the_object.columns_hash[col.to_s]
-        @the_object.columns_hash[col.to_s].type == :datetime
+    @columns.each_with_object({}) do |col, hash|
+      column = @the_object.columns_hash[col.to_s]
+      if column && [:datetime, :time].include?(column.type)
+        hash[col.to_sym] = column.type
       end
     end
   end
 
+
+
+
   def form_path_new_helper
     HotGlue.optionalized_ternary(namespace: @namespace,
                                  target: @controller_build_folder,
@@ -1280,12 +1324,13 @@ class HotGlue::ScaffoldGenerator < Erb::Generators::ScaffoldGenerator
     # to know who the current user under this design
     # for timeinput = user_centered , we need to know who the current user is
     # so we can set the time zone to the user's time zone
-    #
+
     if options['auth']
       options['auth']
     elsif @god
-      # do we use current_user here
       "nil"
+    else
+      @auth
     end
   end
 

data/lib/generators/hot_glue/templates/controller.rb.erb

@@ -95,11 +95,13 @@ class <%= controller_class_name %> < <%= controller_descends_from %>
     @<%= singular_name %> = <%= class_name %>.new<% if eval("#{class_name}.reflect_on_association(:#{@object_owner_sym})").class == ActiveRecord::Reflection::BelongsToReflection  %>(<%= @object_owner_sym %>: <%= @object_owner_eval %>)<% end %><% elsif @object_owner_optional && any_nested? %>
     @<%= singular_name %> = <%= class_name  %>.new({}.merge(<%= @nested_set.last[:singular] %> ? {<%= @object_owner_sym %>: <%= @object_owner_eval %>} : {}))<% else %>
     @<%= singular_name %> = <%= class_name  %>.new(<% if any_nested? %><%= @object_owner_sym %>: <%= @object_owner_eval %><% end %>)<% end %>
+    <%=  @code_after_new ?  @code_after_new.gsub(";","\n") + "\n" : "" %>
+
     <% if @pundit && !@pundit_policy_override %>
     authorize @<%= singular %><% elsif @pundit && @pundit_policy_override %>
     skip_authorization
-    raise Pundit::NotAuthorizedError if ! <%= @pundit_policy_override %>.new?<% end %><% if @pundit %>
-    @action = 'new'
+    raise Pundit::NotAuthorizedError if ! <%= @pundit_policy_override %>.new?<% end %>
+    @action = 'new' <% if @pundit %>
   rescue Pundit::NotAuthorizedError
     flash[:alert] = 'You are not authorized to perform this action.'
     load_all_<%= plural %>
@@ -135,7 +137,7 @@ class <%= controller_class_name %> < <%= controller_descends_from %>
                                  instance_last_item: true,
                                  put_form: true).gsub("(#{singular}", "(@#{singular}") %><% end %>
     else
-      flash[:alert] = "Oops, your <%= singular_name %> could not be created. #{@hawk_alarm}"
+      flash[:alert] = "Oops, your <%= @label %> could not be created. #{@hawk_alarm}"
       @action = 'new'
       <% unless @display_edit_after_create %>render :create, status: :unprocessable_entity<% else %>render :new , status: :unprocessable_entity<% end %>
     end<% if @pundit %>
@@ -216,19 +218,20 @@ class <%= controller_class_name %> < <%= controller_descends_from %>
     <% end %>
    <% if @hawk_keys.any? %> modified_params = hawk_params({<%= hawk_to_ruby %>}, modified_params)<% end %>
     <%= controller_attachment_orig_filename_pickup_syntax %>
+    @<%= singular_name %>.assign_attributes(modified_params)
       <% if @pundit && !@pundit_policy_override %>
       authorize @<%= singular_name %>
       <%= @code_before_update ? "\n    " + @code_before_update.gsub(";", "\n") : "" %>
 
-    if @<%= singular_name %>.update(modified_params)
+    if @<%= singular_name %>.save
 
     <% elsif @pundit && @pundit_policy_override %>
     skip_authorization
     raise Pundit::NotAuthorizedError if ! <%= @pundit_policy_override %>.update?
-    if @<%= singular_name %>.update(modified_params)
+    if @<%= singular_name %>.save
       <% else %>
       <%= @code_before_update ? "\n    " + @code_before_update.gsub(";", "\n") : "" %>
-    if @<%= singular_name %>.update(modified_params)<% end %>
+    if @<%= singular_name %>.save<% end %>
       <%= post_action_parental_updates.compact.join("\n      ") %>
       <%= @code_after_update ? "\n    " + @code_after_update.gsub(";", "\n") : "" %>
       <% if @display_list_after_update %>    load_all_<%= plural %><% end %>
@@ -238,7 +241,7 @@ class <%= controller_class_name %> < <%= controller_descends_from %>
       redirect_to <%= path_helper_plural(false) %>
      <% end %>
     else
-      flash[:alert] = "<%= singular_name.titlecase %> could not be saved. #{@hawk_alarm}"
+      flash[:alert] = "<%= @label %> could not be saved. #{@hawk_alarm}"
       <%= @alt_lookups.collect{ |k,v|
       assoc = k.gsub("_id","")
       "@#{singular }.#{k} = #{class_name}.find(@#{singular }.id).person.id if @#{singular }.errors.include?(:#{assoc})"
@@ -260,9 +263,9 @@ class <%= controller_class_name %> < <%= controller_descends_from %>
     raise Pundit::NotAuthorizedError if ! <%= @pundit_policy_override %>.destroy?<% end %>
     begin
       @<%=singular_name%>.destroy!
-      flash[:notice] = '<%= singular_name.titlecase %> successfully deleted'
+      flash[:notice] = '<%= @label %> successfully deleted'
     rescue ActiveRecord::RecordNotDestroyed => e
-      flash[:alert] = '<%= singular_name.titlecase %> could not be deleted'
+      flash[:alert] = '<%= @label %> could not be deleted'
     end
     <%= post_action_parental_updates.join("\n    ") %>
     load_all_<%= plural %><% if @pundit %>
@@ -284,12 +287,23 @@ class <%= controller_class_name %> < <%= controller_descends_from %>
   end<% end %><% end %>
 
   def <%=singular_name%>_params
-    params.require(:<%= testing_name %>).permit(<%= ((fields_filtered_for_strong_params - @show_only ) + @magic_buttons.collect{|x| "__#{x}"}).collect{|sym| ":#{sym}"}.join(", ") %><%= ", " + @related_sets.collect{|key, rs| "#{rs[:association_ids_method]}: []"}.join(", ") if @related_sets.any? %><%= ", " +  @alt_lookups.collect{|k,v|  ":__lookup_#{v[:assoc].downcase}_#{v[:lookup_as]}"  }.join(", ") if @alt_lookups.any? %>)
+    fields = <%= ((fields_filtered_for_strong_params - @show_only) + @magic_buttons.collect{|x| "__#{x}"}).collect{|sym| ":#{sym}"}.join(", ") %><%= ", " + @related_sets.collect{|key, rs| "#{rs[:association_ids_method]}: []"}.join(", ") if @related_sets.any? %><%= ", " +  @alt_lookups.collect{|k,v|  ":__lookup_#{v[:assoc].downcase}_#{v[:lookup_as]}"  }.join(", ") if @alt_lookups.any? %>
+    params.require(:<%= testing_name %>).permit(fields)
   end<% if @update_show_only %>
 
   <% unless @no_edit %>
   def update_<%=singular_name%>_params
-    params.require(:<%= testing_name %>).permit(<%= ((fields_filtered_for_strong_params - @update_show_only)  + @magic_buttons.collect{|x| "__#{x}"}).collect{|sym| ":#{sym}"}.join(", ") %><%= ", " + @related_sets.collect{|key, rs| "#{rs[:association_ids_method]}: []"}.join(", ") if @related_sets.any? %><%=  ", " + @alt_lookups.collect{|k,v|  ":__lookup_#{v[:assoc].downcase}_#{v[:lookup_as]}"  }.join(", ") if @alt_lookups.any?  %>)
+    fields = <%= ((fields_filtered_for_strong_params - @update_show_only)  + @magic_buttons.collect{|x| "__#{x}"}).collect{|sym| ":#{sym}"}.join(", ") %><%= ", " + @related_sets.collect{|key, rs| "#{rs[:association_ids_method]}: []"}.join(", ") if @related_sets.any? %><%=  ", " + @alt_lookups.collect{|k,v|  ":__lookup_#{v[:assoc].downcase}_#{v[:lookup_as]}"  }.join(", ") if @alt_lookups.any?  %>
+    <%= (fields_filtered_for_strong_params - @update_show_only).collect{|col|
+    # TODO : fields not on show only also not invisible should be checked here
+    # for _able? methods and added only when able
+    if (@invisible_create.include?(col) || eval("defined? #{singular_class}Policy") && eval("#{singular_class}Policy").instance_methods.include?("#{col}_able?".to_sym))
+        "fields.delete :#{col} if !policy(@#{singular}).#{col}_able?"
+    else
+      nil
+    end
+    }.compact.join("\n    ") %>
+    params.require(:<%= testing_name %>).permit(fields)
   end<% end %>
   <% end %>
 

data/lib/hotglue/version.rb

@@ -1,5 +1,5 @@
 module HotGlue
   class Version
-    CURRENT = '0.6.19'
+    CURRENT = '0.6.21'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hot-glue
 version: !ruby/object:Gem::Version
-  version: 0.6.19
+  version: 0.6.21
 platform: ruby
 authors:
 - Jason Fleetwood-Boldt
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-06-10 00:00:00.000000000 Z
+date: 2025-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails