aboutsummaryrefslogtreecommitdiffstats
path: root/guides
diff options
context:
space:
mode:
authorMichael Holroyd <meekohi@gmail.com>2018-06-14 16:14:47 -0400
committerGitHub <noreply@github.com>2018-06-14 16:14:47 -0400
commit17af429958a863ee25a9e847d84cf394259338b0 (patch)
treebbf0df456d342bf41637c3e7e60c5df0b8f98b50 /guides
parent91ae6531976d0d2e7690bde0c1d5e6cc651f2578 (diff)
downloadrails-17af429958a863ee25a9e847d84cf394259338b0.tar.gz
rails-17af429958a863ee25a9e847d84cf394259338b0.tar.bz2
rails-17af429958a863ee25a9e847d84cf394259338b0.zip
Update example for whitelisting arbitrary hashes
Since the ability to whitelist arbitrary hashes was added (https://github.com/rails/rails/issues/9454 was resolved by https://github.com/rails/rails/commit/e86524c0c5a26ceec92895c830d1355ae47a7034), this example is no longer outside of what strong_params can do. Moved this specific example out of the "Outside the Scope" section and into the regular "Examples" section, but left the "Outside the Scope" section as it was since the advice is still relevant for weirder whitelisting situations (maybe someone wants to add a new example that can't be handled natively).
Diffstat (limited to 'guides')
-rw-r--r--guides/source/action_controller_overview.md20
1 files changed, 9 insertions, 11 deletions
diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md
index 60a19542e6..b912265754 100644
--- a/guides/source/action_controller_overview.md
+++ b/guides/source/action_controller_overview.md
@@ -334,26 +334,24 @@ with a `has_many` association:
params.require(:book).permit(:title, chapters_attributes: [:title])
```
-#### Outside the Scope of Strong Parameters
-
-The strong parameter API was designed with the most common use cases
-in mind. It is not meant as a silver bullet to handle all of your
-whitelisting problems. However, you can easily mix the API with your
-own code to adapt to your situation.
-
Imagine a scenario where you have parameters representing a product
name and a hash of arbitrary data associated with that product, and
you want to whitelist the product name attribute and also the whole
-data hash. The strong parameters API doesn't let you directly
-whitelist the whole of a nested hash with any keys, but you can use
-the keys of your nested hash to declare what to whitelist:
+data hash:
```ruby
def product_params
- params.require(:product).permit(:name, data: params[:product][:data].try(:keys))
+ params.require(:product).permit(:name, data: {})
end
```
+#### Outside the Scope of Strong Parameters
+
+The strong parameter API was designed with the most common use cases
+in mind. It is not meant as a silver bullet to handle all of your
+whitelisting problems. However, you can easily mix the API with your
+own code to adapt to your situation.
+
Session
-------