diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2013-01-08 16:10:34 +0100 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2013-01-08 16:17:30 +0100 |
| commit | cc1c3c5be061e7572018f734e5239750ab449e3f (patch) | |
| tree | 6ad30a930c58317510bfcd5c2d6f47ac74cb01a7 /actionpack/lib/action_controller/metal | |
| parent | ae3286b74346023a868d63c53cde562b1529ef2c (diff) | |
| download | rails-cc1c3c5be061e7572018f734e5239750ab449e3f.tar.gz rails-cc1c3c5be061e7572018f734e5239750ab449e3f.tar.bz2 rails-cc1c3c5be061e7572018f734e5239750ab449e3f.zip | |
Revert "unpermitted params" exception -- it's just not going to work. See the discussion on https://github.com/rails/strong_parameters/pull/75.
Diffstat (limited to 'actionpack/lib/action_controller/metal')
| -rw-r--r-- | actionpack/lib/action_controller/metal/strong_parameters.rb | 53 |
1 files changed, 4 insertions, 49 deletions
diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index 3691dc699f..1d286524f4 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -19,20 +19,6 @@ module ActionController end end - # Raised when a supplied parameter is not permitted. - # - # params = ActionController::Parameters.new(a: "123", b: "456") - # params.permit(:c) - # # => ActionController::UnpermittedParameters: found unpermitted keys: a, b - class UnpermittedParameters < IndexError - attr_reader :params # :nodoc: - - def initialize(params) # :nodoc: - @params = params - super("found unpermitted keys: #{params.join(", ")}") - end - end - # == Action Controller \Parameters # # Allows to choose which attributes should be whitelisted for mass updating @@ -57,14 +43,10 @@ module ActionController # Person.first.update!(permitted) # # => #<Person id: 1, name: "Francesco", age: 22, role: "user"> # - # It provides two options that controls the top-level behavior of new instances: - # - # * +permit_all_parameters+ - If it's +true+, all the parameters will be - # permitted by default. The default is +false+. - # * +raise_on_unpermitted_parameters+ - If it's +true+, it will raise an - # ActionController::UnpermittedParameters exception if parameters that are not - # explicitly permitted are found. The default value is +true+ in test and - # development environments, +false+ otherwise. + # It provides a +permit_all_parameters+ option that controls the top-level + # behaviour of new instances. If it's +true+, all the parameters will be + # permitted by default. The default value for +permit_all_parameters+ + # option is +false+. # # params = ActionController::Parameters.new # params.permitted? # => false @@ -74,16 +56,6 @@ module ActionController # params = ActionController::Parameters.new # params.permitted? # => true # - # params = ActionController::Parameters.new(a: "123", b: "456") - # params.permit(:c) - # # => {} - # - # ActionController::Parameters.raise_on_unpermitted_parameters = true - # - # params = ActionController::Parameters.new(a: "123", b: "456") - # params.permit(:c) - # # => ActionController::UnpermittedParameters: found unpermitted keys: a, b - # # <tt>ActionController::Parameters</tt> is inherited from # <tt>ActiveSupport::HashWithIndifferentAccess</tt>, this means # that you can fetch values using either <tt>:key</tt> or <tt>"key"</tt>. @@ -93,11 +65,6 @@ module ActionController # params["key"] # => "value" class Parameters < ActiveSupport::HashWithIndifferentAccess cattr_accessor :permit_all_parameters, instance_accessor: false - cattr_accessor :raise_on_unpermitted_parameters, instance_accessor: false - - # Never raise an UnpermittedParameters exception because of these params - # are present. They are added by Rails and it's of no concern. - NEVER_UNPERMITTED_PARAMS = %w( controller action ) # Returns a new instance of <tt>ActionController::Parameters</tt>. # Also, sets the +permitted+ attribute to the default value of @@ -255,8 +222,6 @@ module ActionController end end - raise_on_unpermitted_parameters!(params) - params.permit! end @@ -335,16 +300,6 @@ module ActionController yield object end end - - def raise_on_unpermitted_parameters!(params) - if self.class.raise_on_unpermitted_parameters && unpermitted_keys(params).any? - raise ActionController::UnpermittedParameters.new(unpermitted_keys(params)) - end - end - - def unpermitted_keys(params) - self.keys - params.keys - NEVER_UNPERMITTED_PARAMS - end end # == Strong \Parameters |