aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal/strong_parameters.rb
Commit message (Collapse)AuthorAgeFilesLines
* ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051]Xavier Noria2013-01-231-2/+5
|
* Only check for unpermmited parameters ifRafael Mendonça França2013-01-221-1/+1
| | | | action_on_unpermitted_parameters is present
* avoid creating an object in every callXavier Noria2013-01-221-1/+2
| | | | This was a suggestion of @carlosantoniodasilva, thanks!
* Refactor grep call to remove .eachCarlos Antonio da Silva2013-01-201-1/+1
| | | | Grep already yields the matching keys to the given block.
* Use 1.9 hash style in docs/comments [ci skip]Carlos Antonio da Silva2013-01-201-3/+3
|
* Removing warning: shadowing outer local variable Arun Agrawal2013-01-201-3/+3
|
* strong parameters filters permitted scalarsXavier Noria2013-01-201-22/+92
|
* Restore and adapt the implementation reverted atRafael Mendonça França2013-01-191-19/+46
| | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test
* Added ability to raise or log on unpermitted params.Thomas Drake-Brockman2013-01-201-0/+25
|
* strong parameters exception handlingBrian Alexander2013-01-151-6/+0
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-01-091-1/+1
|\ | | | | | | | | Conflicts: guides/source/getting_started.md
| * prefer american spelling of 'behavior'Gosha Arinich2013-01-071-1/+1
| |
* | Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-081-49/+4
| | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-6/+15
| |
* | improve StrongParameters documentation [ci skip]Francesco Rodriguez2013-01-071-8/+7
| |
* | These are already required through AS/railsAkira Matsuda2013-01-061-1/+0
| | | | | | | | | | | | | | * core_ext/object/blank * concern * core_ext/class/attribute * deprecation
* | Wrong copy and paste :bomb:Rafael Mendonça França2013-01-051-1/+1
| | | | | | | | [ci skip]
* | Add documentation to raise_on_unpermitted_parameters optionRafael Mendonça França2013-01-051-2/+17
| | | | | | | | [ci skip]
* | Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-051-9/+9
| | | | | | | | Also changed the exception to UnpermittedParameters
* | Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-051-0/+22
| | | | | | | | provided.
* | Change docs to use update instead of update_attributesAmparo Luna + Guillermo Iguaran2013-01-031-2/+2
|/
* Add missing require.Rafael Mendonça França2012-12-131-0/+1
| | | | | I was trying to use those files without Rails and that require was missing.
* Replace comments' non-breaking spaces with spacesclaudiob2012-12-041-2/+2
| | | | | | | | | | Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code.
* hash filters should be accessed with symbols or stringsFrancesco Rodriguez2012-11-301-3/+5
|
* Fix Strong Parameters docs.Uģis Ozols2012-11-271-2/+1
| | | | | It's only possible to inherit from ActiveRecord::Base and not include it.
* Set @permitted on new instance when slicing parameters hashBenjamin Quorning2012-11-061-1/+3
|
* Remove #permitted attr accessor from ParametersCarlos Antonio da Silva2012-11-031-1/+0
| | | | | There is no need to expose this accessor since we already have the query method #permitted? that should handle this purpose.
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-11-031-1/+1
|\ | | | | | | | | | | | | Conflicts: actionpack/lib/action_controller/metal/mime_responds.rb activerecord/lib/active_record/attribute_methods.rb guides/source/working_with_javascript_in_rails.md
| * Revert "dont encourage AC::Parameters#permit_all_parameters usage [ci skip]"Vijay Dev2012-11-031-1/+21
| | | | | | | | | | | | | | | | This reverts commit cd17ee5598411728747011566abf6779166be9d3. Reason: Let's note that this is discouraged, not remove the docs [ci skip]
| * dont encourage AC::Parameters#permit_all_parameters usage [ci skip]Francesco Rodriguez2012-10-281-21/+1
| |
| * fix StrongParameters example [ci skip]Francesco Rodriguez2012-10-211-1/+1
| |
* | Allow #permit to take its list of permitted parameters as an arrayDavid Heinemeier Hansson2012-10-311-1/+1
|/
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-10-211-17/+42
|\ | | | | | | | | | | Conflicts: activesupport/lib/active_support/core_ext/hash/slice.rb guides/source/active_support_core_extensions.md
| * add a nested attributes example into Strong Parameters documentation [ci skip]Francesco Rodriguez2012-10-181-6/+31
| |
| * remove some non-breaking spaces [ci skip]Francesco Rodriguez2012-10-181-13/+13
| |
* | Permit string and float values in the multiparameter attributesRafael Mendonça França2012-10-181-1/+1
| |
* | warning removed: shadowing outer local variable - valueArun Agrawal2012-10-121-2/+2
| |
* | update AC::Parameters#permit documentation [ci skip]Francesco Rodriguez2012-10-111-0/+22
| | | | | | | | bdd105d changes the behaviour of AC::Parameters#permit.
* | When executing permit with just a key that points to a hash, DO NOT allow ↵Santiago Pastorino2012-10-121-1/+4
|/ | | | | | | | | | | | | | all the hash params.require(:person).permit(:projects_attributes) was returning => {"projects_attributes"=>{"0"=>{"name"=>"Project 1"}}} When should return => {} You should be doing ... params.require(:person).permit(projects_attributes: :name) to get just the projects attributes you want to allow
* We don't need the each call since grep take a block and yield each matchRafael Mendonça França2012-10-061-1/+1
| | | | | | to the block. Thanks @tenderlove
* Allow parameter filters to match multi-parameter attributesRafael Mendonça França2012-10-051-0/+1
| | | | | | | This will make easier to permit date/time attributes generated by helpers like date_select. [Sven Schwyn + Rafael Mendonça França]
* ActionController::Parameters#permit! is recursiveBrendan Loudermilk2012-10-041-0/+5
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-09-281-3/+3
|\ | | | | | | | | Conflicts: actionpack/lib/action_view/helpers/asset_tag_helper.rb
| * remove AC::Parameters reference [ci skip]Francesco Rodriguez2012-09-211-1/+1
| |
| * fix typos in AC::StrongParameters documentation [ci skip]Francesco Rodriguez2012-09-211-2/+2
| |
* | Is not needed to wrap name inside an array hereSantiago Pastorino2012-09-271-1/+1
| |
* | Change key not found to param not foundSantiago Pastorino2012-09-271-6/+6
|/
* fix typos and improve AC::StrongParameters documentation [ci skip]Francesco Rodriguez2012-09-201-6/+8
|
* update AC::StrongParameters documentationFrancesco Rodriguez2012-09-191-8/+53
|
* define permitted? method instead of use an alias to fix rdocFrancesco Rodriguez2012-09-191-2/+12
|