diff options
| author | Francesco Rodriguez <lrodriguezsanc@gmail.com> | 2012-10-28 17:50:56 -0500 |
|---|---|---|
| committer | Francesco Rodriguez <lrodriguezsanc@gmail.com> | 2012-10-28 17:51:28 -0500 |
| commit | cd17ee5598411728747011566abf6779166be9d3 (patch) | |
| tree | f6ffb8d86bc2d93a7a9f33a5984ecd3bdef41d93 /actionpack/lib/action_controller | |
| parent | 4edea9e82087f5a331a277ee4bf7b01256d11be0 (diff) | |
| download | rails-cd17ee5598411728747011566abf6779166be9d3.tar.gz rails-cd17ee5598411728747011566abf6779166be9d3.tar.bz2 rails-cd17ee5598411728747011566abf6779166be9d3.zip | |
dont encourage AC::Parameters#permit_all_parameters usage [ci skip]
Diffstat (limited to 'actionpack/lib/action_controller')
| -rw-r--r-- | actionpack/lib/action_controller/metal/strong_parameters.rb | 22 |
1 files changed, 1 insertions, 21 deletions
diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index 73f2e94cd1..f60d2a0a50 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -43,19 +43,6 @@ module ActionController # Person.first.update_attributes!(permitted) # # => #<Person id: 1, name: "Francesco", age: 22, role: "user"> # - # It provides a +permit_all_parameters+ option that controls the top-level - # behaviour of new instances. If it's +true+, all the parameters will be - # permitted by default. The default value for +permit_all_parameters+ - # option is +false+. - # - # params = ActionController::Parameters.new - # params.permitted? # => false - # - # ActionController::Parameters.permit_all_parameters = true - # - # params = ActionController::Parameters.new - # params.permitted? # => true - # # <tt>ActionController::Parameters</tt> is inherited from # <tt>ActiveSupport::HashWithIndifferentAccess</tt>, this means # that you can fetch values using either <tt>:key</tt> or <tt>"key"</tt>. @@ -68,8 +55,7 @@ module ActionController attr_accessor :permitted # :nodoc: # Returns a new instance of <tt>ActionController::Parameters</tt>. - # Also, sets the +permitted+ attribute to the default value of - # <tt>ActionController::Parameters.permit_all_parameters</tt>. + # Also, sets the +permitted+ attribute to +false+. # # class Person # include ActiveRecord::Base @@ -78,12 +64,6 @@ module ActionController # params = ActionController::Parameters.new(name: 'Francesco') # params.permitted? # => false # Person.new(params) # => ActiveModel::ForbiddenAttributesError - # - # ActionController::Parameters.permit_all_parameters = true - # - # params = ActionController::Parameters.new(name: 'Francesco') - # params.permitted? # => true - # Person.new(params) # => #<Person id: nil, name: "Francesco"> def initialize(attributes = nil) super(attributes) @permitted = self.class.permit_all_parameters |