From ae057d622fccf7cc5dcd2609a7fe3f1e0589808f Mon Sep 17 00:00:00 2001 From: Francesco Rodriguez Date: Sun, 21 Oct 2012 11:49:51 -0500 Subject: fix StrongParameters example [ci skip] --- actionpack/lib/action_controller/metal/strong_parameters.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionpack/lib/action_controller') diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index 7d5781b23a..73f2e94cd1 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -361,7 +361,7 @@ module ActionController # # It's mandatory to specify the nested attributes that should be whitelisted. # # If you use `permit` with just the key that points to the nested attributes hash, # # it will return an empty hash. - # params.require(:person).permit(:name, :age, pets_attributes: { :name, :category }) + # params.require(:person).permit(:name, :age, pets_attributes: [ :name, :category ]) # end # end # -- cgit v1.2.3 From 62f273b6501db72e3c902d947e6828dcab9c004a Mon Sep 17 00:00:00 2001 From: AvnerCohen Date: Sat, 27 Oct 2012 22:05:27 +0200 Subject: Multiple changes to 1,9 hash syntax --- actionpack/lib/action_controller/metal.rb | 4 ++-- .../lib/action_controller/metal/conditional_get.rb | 2 +- .../lib/action_controller/metal/data_streaming.rb | 10 ++++----- .../lib/action_controller/metal/force_ssl.rb | 2 +- actionpack/lib/action_controller/metal/head.rb | 4 ++-- .../action_controller/metal/http_authentication.rb | 20 +++++++++--------- .../lib/action_controller/metal/mime_responds.rb | 24 +++++++++++----------- .../lib/action_controller/metal/params_wrapper.rb | 4 ++-- .../lib/action_controller/metal/redirecting.rb | 22 ++++++++++---------- .../lib/action_controller/metal/renderers.rb | 6 +++--- .../metal/request_forgery_protection.rb | 6 +++--- .../lib/action_controller/metal/responder.rb | 20 +++++++++--------- .../lib/action_controller/metal/streaming.rb | 6 +++--- actionpack/lib/action_controller/metal/url_for.rb | 2 +- actionpack/lib/action_controller/test_case.rb | 22 ++++++++++---------- 15 files changed, 77 insertions(+), 77 deletions(-) (limited to 'actionpack/lib/action_controller') diff --git a/actionpack/lib/action_controller/metal.rb b/actionpack/lib/action_controller/metal.rb index f5ab1e2350..832dec7b2a 100644 --- a/actionpack/lib/action_controller/metal.rb +++ b/actionpack/lib/action_controller/metal.rb @@ -5,7 +5,7 @@ module ActionController # allowing the following syntax in controllers: # # class PostsController < ApplicationController - # use AuthenticationMiddleware, :except => [:index, :show] + # use AuthenticationMiddleware, except: [:index, :show] # end # class MiddlewareStack < ActionDispatch::MiddlewareStack #:nodoc: @@ -56,7 +56,7 @@ module ActionController # And then to route requests to your metal controller, you would add # something like this to config/routes.rb: # - # match 'hello', :to => HelloController.action(:index) + # match 'hello', to: HelloController.action(:index) # # The +action+ method returns a valid Rack application for the \Rails # router to dispatch to. diff --git a/actionpack/lib/action_controller/metal/conditional_get.rb b/actionpack/lib/action_controller/metal/conditional_get.rb index 3f37a6a618..426adfe675 100644 --- a/actionpack/lib/action_controller/metal/conditional_get.rb +++ b/actionpack/lib/action_controller/metal/conditional_get.rb @@ -64,7 +64,7 @@ module ActionController # # def show # @article = Article.find(params[:id]) - # fresh_when(@article, :public => true) + # fresh_when(@article, public: true) # end def fresh_when(record_or_options, additional_options = {}) if record_or_options.is_a? Hash diff --git a/actionpack/lib/action_controller/metal/data_streaming.rb b/actionpack/lib/action_controller/metal/data_streaming.rb index 5422cb93c4..334943818c 100644 --- a/actionpack/lib/action_controller/metal/data_streaming.rb +++ b/actionpack/lib/action_controller/metal/data_streaming.rb @@ -47,11 +47,11 @@ module ActionController #:nodoc: # # Show a JPEG in the browser: # - # send_file '/path/to.jpeg', :type => 'image/jpeg', :disposition => 'inline' + # send_file '/path/to.jpeg', type: 'image/jpeg', disposition: 'inline' # # Show a 404 page in the browser: # - # send_file '/path/to/404.html', :type => 'text/html; charset=utf-8', :status => 404 + # send_file '/path/to/404.html', type: 'text/html; charset=utf-8', status: 404 # # Read about the other Content-* HTTP headers if you'd like to # provide the user with more information (such as Content-Description) in @@ -96,7 +96,7 @@ module ActionController #:nodoc: end # Sends the given binary data to the browser. This method is similar to - # render :text => data, but also allows you to specify whether + # render text: data, but also allows you to specify whether # the browser should display the response as a file attachment (i.e. in a # download dialog) or as inline data. You may also set the content type, # the apparent file name, and other things. @@ -117,11 +117,11 @@ module ActionController #:nodoc: # # Download a dynamically-generated tarball: # - # send_data generate_tgz('dir'), :filename => 'dir.tgz' + # send_data generate_tgz('dir'), filename: 'dir.tgz' # # Display an image Active Record in the browser: # - # send_data image.data, :type => image.content_type, :disposition => 'inline' + # send_data image.data, type: image.content_type, disposition: 'inline' # # See +send_file+ for more information on HTTP Content-* headers and caching. def send_data(data, options = {}) #:doc: diff --git a/actionpack/lib/action_controller/metal/force_ssl.rb b/actionpack/lib/action_controller/metal/force_ssl.rb index e905a3cf1d..c38d8ccef3 100644 --- a/actionpack/lib/action_controller/metal/force_ssl.rb +++ b/actionpack/lib/action_controller/metal/force_ssl.rb @@ -22,7 +22,7 @@ module ActionController # an +:if+ or +:unless+ condition. # # class AccountsController < ApplicationController - # force_ssl :if => :ssl_configured? + # force_ssl if: :ssl_configured? # # def ssl_configured? # !Rails.env.development? diff --git a/actionpack/lib/action_controller/metal/head.rb b/actionpack/lib/action_controller/metal/head.rb index 747e1273be..bbace49fd9 100644 --- a/actionpack/lib/action_controller/metal/head.rb +++ b/actionpack/lib/action_controller/metal/head.rb @@ -7,9 +7,9 @@ module ActionController # This allows you to easily return a response that consists only of # significant headers: # - # head :created, :location => person_path(@person) + # head :created, location: person_path(@person) # - # head :created, :location => @person + # head :created, location: @person # # It can also be used to return exceptional conditions: # diff --git a/actionpack/lib/action_controller/metal/http_authentication.rb b/actionpack/lib/action_controller/metal/http_authentication.rb index 03b8d8db1a..6d46586367 100644 --- a/actionpack/lib/action_controller/metal/http_authentication.rb +++ b/actionpack/lib/action_controller/metal/http_authentication.rb @@ -8,14 +8,14 @@ module ActionController # === Simple \Basic example # # class PostsController < ApplicationController - # http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index + # http_basic_authenticate_with name: "dhh", password: "secret", except: :index # # def index - # render :text => "Everyone can see me!" + # render text: "Everyone can see me!" # end # # def edit - # render :text => "I'm only accessible if you know the password" + # render text: "I'm only accessible if you know the password" # end # end # @@ -124,14 +124,14 @@ module ActionController # USERS = {"dhh" => "secret", #plain text password # "dap" => Digest::MD5.hexdigest(["dap",REALM,"secret"].join(":"))} #ha1 digest password # - # before_filter :authenticate, :except => [:index] + # before_filter :authenticate, except: [:index] # # def index - # render :text => "Everyone can see me!" + # render text: "Everyone can see me!" # end # # def edit - # render :text => "I'm only accessible if you know the password" + # render text: "I'm only accessible if you know the password" # end # # private @@ -317,14 +317,14 @@ module ActionController # class PostsController < ApplicationController # TOKEN = "secret" # - # before_filter :authenticate, :except => [ :index ] + # before_filter :authenticate, except: [ :index ] # # def index - # render :text => "Everyone can see me!" + # render text: "Everyone can see me!" # end # # def edit - # render :text => "I'm only accessible if you know the password" + # render text: "I'm only accessible if you know the password" # end # # private @@ -424,7 +424,7 @@ module ActionController # Parses the token and options out of the token authorization header. If # the header looks like this: # Authorization: Token token="abc", nonce="def" - # Then the returned token is "abc", and the options is {:nonce => "def"} + # Then the returned token is "abc", and the options is {nonce: "def"} # # request - ActionDispatch::Request instance with the current headers. # diff --git a/actionpack/lib/action_controller/metal/mime_responds.rb b/actionpack/lib/action_controller/metal/mime_responds.rb index 18ae2c3bfc..6bf306ac5b 100644 --- a/actionpack/lib/action_controller/metal/mime_responds.rb +++ b/actionpack/lib/action_controller/metal/mime_responds.rb @@ -23,13 +23,13 @@ module ActionController #:nodoc: # :except with an array of actions or a single action: # # respond_to :html - # respond_to :xml, :json, :except => [ :edit ] + # respond_to :xml, :json, except: [ :edit ] # # This specifies that all actions respond to :html # and all actions except :edit respond to :xml and # :json. # - # respond_to :json, :only => :create + # respond_to :json, only: :create # # This specifies that the :create action and no other responds # to :json. @@ -70,7 +70,7 @@ module ActionController #:nodoc: # # respond_to do |format| # format.html - # format.xml { render :xml => @people } + # format.xml { render xml: @people } # end # end # @@ -98,7 +98,7 @@ module ActionController #:nodoc: # respond_to do |format| # format.html { redirect_to(person_list_url) } # format.js - # format.xml { render :xml => @person.to_xml(:include => @company) } + # format.xml { render xml: @person.to_xml(include: @company) } # end # end # @@ -162,11 +162,11 @@ module ActionController #:nodoc: # # In the example above, if the format is xml, it will render: # - # render :xml => @people + # render xml: @people # # Or if the format is json: # - # render :json => @people + # render json: @people # # Since this is a common pattern, you can use the class method respond_to # with the respond_with method to have the same results: @@ -246,10 +246,10 @@ module ActionController #:nodoc: # if @user.save # flash[:notice] = 'User was successfully created.' # format.html { redirect_to(@user) } - # format.xml { render :xml => @user } + # format.xml { render xml: @user } # else - # format.html { render :action => "new" } - # format.xml { render :xml => @user } + # format.html { render action: "new" } + # format.xml { render xml: @user } # end # end # end @@ -260,7 +260,7 @@ module ActionController #:nodoc: # the resource passed to +respond_with+ responds to to_, # the method attempts to render the resource in the requested format # directly, e.g. for an xml request, the response is equivalent to calling - # render :xml => resource. + # render xml: resource. # # === Nested resources # @@ -309,7 +309,7 @@ module ActionController #:nodoc: # Also, a hash passed to +respond_with+ immediately after the specified # resource(s) is interpreted as a set of options relevant to all # formats. Any option accepted by +render+ can be used, e.g. - # respond_with @people, :status => 200 + # respond_with @people, status: 200 # However, note that these options are ignored after an unsuccessful attempt # to save a resource, e.g. when automatically rendering :new # after a post request. @@ -381,7 +381,7 @@ module ActionController #:nodoc: # # respond_to do |format| # format.html - # format.xml { render :xml => @people } + # format.xml { render xml: @people } # end # # In this usage, the argument passed to the block (+format+ above) is an diff --git a/actionpack/lib/action_controller/metal/params_wrapper.rb b/actionpack/lib/action_controller/metal/params_wrapper.rb index 88b9e78da7..09abc999c1 100644 --- a/actionpack/lib/action_controller/metal/params_wrapper.rb +++ b/actionpack/lib/action_controller/metal/params_wrapper.rb @@ -82,7 +82,7 @@ module ActionController # would use to determine the attribute names from. # # ==== Examples - # wrap_parameters :format => :xml + # wrap_parameters format: :xml # # enables the parameter wrapper for XML format # # wrap_parameters :person @@ -92,7 +92,7 @@ module ActionController # # wraps parameters by determining the wrapper key from Person class # (+person+, in this case) and the list of attribute names # - # wrap_parameters :include => [:username, :title] + # wrap_parameters include: [:username, :title] # # wraps only +:username+ and +:title+ attributes from parameters. # # wrap_parameters false diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb index ee0e69d87c..b23938e7d9 100644 --- a/actionpack/lib/action_controller/metal/redirecting.rb +++ b/actionpack/lib/action_controller/metal/redirecting.rb @@ -24,7 +24,7 @@ module ActionController # * :back - Back to the page that issued the request. Useful for forms that are triggered from multiple places. # Short-hand for redirect_to(request.env["HTTP_REFERER"]) # - # redirect_to :action => "show", :id => 5 + # redirect_to action: "show", id: 5 # redirect_to post # redirect_to "http://www.rubyonrails.org" # redirect_to "/images/screenshot.jpg" @@ -34,10 +34,10 @@ module ActionController # # The redirection happens as a "302 Moved" header unless otherwise specified. # - # redirect_to post_url(@post), :status => :found - # redirect_to :action=>'atom', :status => :moved_permanently - # redirect_to post_url(@post), :status => 301 - # redirect_to :action=>'atom', :status => 302 + # redirect_to post_url(@post), status: :found + # redirect_to action: 'atom', status: :moved_permanently + # redirect_to post_url(@post), status: 301 + # redirect_to action: 'atom', status: 302 # # The status code can either be a standard {HTTP Status code}[http://www.iana.org/assignments/http-status-codes] as an # integer, or a symbol representing the downcased, underscored and symbolized description. @@ -49,16 +49,16 @@ module ActionController # around this you can return a 303 See Other status code which will be # followed using a GET request. # - # redirect_to posts_url, :status => :see_other - # redirect_to :action => 'index', :status => 303 + # redirect_to posts_url, status: :see_other + # redirect_to action: 'index', status: 303 # # It is also possible to assign a flash message as part of the redirection. There are two special accessors for the commonly used flash names # +alert+ and +notice+ as well as a general purpose +flash+ bucket. # - # redirect_to post_url(@post), :alert => "Watch it, mister!" - # redirect_to post_url(@post), :status=> :found, :notice => "Pay attention to the road" - # redirect_to post_url(@post), :status => 301, :flash => { :updated_post_id => @post.id } - # redirect_to { :action=>'atom' }, :alert => "Something serious happened" + # redirect_to post_url(@post), alert: "Watch it, mister!" + # redirect_to post_url(@post), status: :found, notice: "Pay attention to the road" + # redirect_to post_url(@post), status: 301, flash: { updated_post_id: @post.id } + # redirect_to { action: 'atom' }, alert: "Something serious happened" # # When using redirect_to :back, if there is no referrer, ActionController::RedirectBackError will be raised. You may specify some fallback # behavior for this case by rescuing ActionController::RedirectBackError. diff --git a/actionpack/lib/action_controller/metal/renderers.rb b/actionpack/lib/action_controller/metal/renderers.rb index 78aeeef2bf..5272dc6cdb 100644 --- a/actionpack/lib/action_controller/metal/renderers.rb +++ b/actionpack/lib/action_controller/metal/renderers.rb @@ -52,8 +52,8 @@ module ActionController # ActionController::Renderers.add :csv do |obj, options| # filename = options[:filename] || 'data' # str = obj.respond_to?(:to_csv) ? obj.to_csv : obj.to_s - # send_data str, :type => Mime::CSV, - # :disposition => "attachment; filename=#{filename}.csv" + # send_data str, type: Mime::CSV, + # disposition: "attachment; filename=#{filename}.csv" # end # # Note that we used Mime::CSV for the csv mime type as it comes with Rails. @@ -66,7 +66,7 @@ module ActionController # @csvable = Csvable.find(params[:id]) # respond_to do |format| # format.html - # format.csv { render :csv => @csvable, :filename => @csvable.name } + # format.csv { render csv: @csvable, filename: @csvable.name } # } # end # To use renderers and their mime types in more concise ways, see diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index 17d4a793ac..a50f0ca8c1 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -19,7 +19,7 @@ module ActionController #:nodoc: # # class ApplicationController < ActionController::Base # protect_from_forgery - # skip_before_filter :verify_authenticity_token, :if => :json_request? + # skip_before_filter :verify_authenticity_token, if: :json_request? # # protected # @@ -62,7 +62,7 @@ module ActionController #:nodoc: # Turn on request forgery protection. Bear in mind that only non-GET, HTML/JavaScript requests are checked. # # class FooController < ApplicationController - # protect_from_forgery :except => :index + # protect_from_forgery except: :index # # You can disable csrf protection on controller-by-controller basis: # @@ -70,7 +70,7 @@ module ActionController #:nodoc: # # It can also be disabled for specific controller actions: # - # skip_before_filter :verify_authenticity_token, :except => [:create] + # skip_before_filter :verify_authenticity_token, except: [:create] # # Valid Options: # diff --git a/actionpack/lib/action_controller/metal/responder.rb b/actionpack/lib/action_controller/metal/responder.rb index 42a0959a58..891819968b 100644 --- a/actionpack/lib/action_controller/metal/responder.rb +++ b/actionpack/lib/action_controller/metal/responder.rb @@ -45,10 +45,10 @@ module ActionController #:nodoc: # if @user.save # flash[:notice] = 'User was successfully created.' # format.html { redirect_to(@user) } - # format.xml { render :xml => @user, :status => :created, :location => @user } + # format.xml { render xml: @user, status: :created, location: @user } # else - # format.html { render :action => "new" } - # format.xml { render :xml => @user.errors, :status => :unprocessable_entity } + # format.html { render action: "new" } + # format.xml { render xml: @user.errors, status: :unprocessable_entity } # end # end # end @@ -92,7 +92,7 @@ module ActionController #:nodoc: # @project = Project.find(params[:project_id]) # @task = @project.tasks.build(params[:task]) # flash[:notice] = 'Task was successfully created.' if @task.save - # respond_with(@project, @task, :status => 201) + # respond_with(@project, @task, status: 201) # end # # This will return status 201 if the task was saved successfully. If not, @@ -103,7 +103,7 @@ module ActionController #:nodoc: # def create # @project = Project.find(params[:project_id]) # @task = @project.tasks.build(params[:task]) - # respond_with(@project, @task, :status => 201) do |format| + # respond_with(@project, @task, status: 201) do |format| # if @task.save # flash[:notice] = 'Task was successfully created.' # else @@ -236,20 +236,20 @@ module ActionController #:nodoc: # Display is just a shortcut to render a resource with the current format. # - # display @user, :status => :ok + # display @user, status: :ok # # For XML requests it's equivalent to: # - # render :xml => @user, :status => :ok + # render xml: @user, status: :ok # # Options sent by the user are also used: # - # respond_with(@user, :status => :created) - # display(@user, :status => :ok) + # respond_with(@user, status: :created) + # display(@user, status: :ok) # # Results in: # - # render :xml => @user, :status => :created + # render xml: @user, status: :created # def display(resource, given_options={}) controller.render given_options.merge!(options).merge!(format => resource) diff --git a/actionpack/lib/action_controller/metal/streaming.rb b/actionpack/lib/action_controller/metal/streaming.rb index 9f3c997024..4eb582648e 100644 --- a/actionpack/lib/action_controller/metal/streaming.rb +++ b/actionpack/lib/action_controller/metal/streaming.rb @@ -29,7 +29,7 @@ module ActionController #:nodoc: # class PostsController # def index # @posts = Post.scoped - # render :stream => true + # render stream: true # end # end # @@ -56,7 +56,7 @@ module ActionController #:nodoc: # @posts = Post.scoped # @pages = Page.scoped # @articles = Article.scoped - # render :stream => true + # render stream: true # end # # Notice that :stream only works with templates. Rendering :json @@ -176,7 +176,7 @@ module ActionController #:nodoc: # need to create a config file as follow: # # # unicorn.config.rb - # listen 3000, :tcp_nopush => false + # listen 3000, tcp_nopush: false # # And use it on initialization: # diff --git a/actionpack/lib/action_controller/metal/url_for.rb b/actionpack/lib/action_controller/metal/url_for.rb index 0cdd17bc2e..505f3b4e61 100644 --- a/actionpack/lib/action_controller/metal/url_for.rb +++ b/actionpack/lib/action_controller/metal/url_for.rb @@ -10,7 +10,7 @@ module ActionController # include ActionController::UrlFor # include Rails.application.routes.url_helpers # - # delegate :env, :request, :to => :controller + # delegate :env, :request, to: :controller # # def initialize(controller) # @controller = controller diff --git a/actionpack/lib/action_controller/test_case.rb b/actionpack/lib/action_controller/test_case.rb index d911d47a1d..d007133183 100644 --- a/actionpack/lib/action_controller/test_case.rb +++ b/actionpack/lib/action_controller/test_case.rb @@ -61,25 +61,25 @@ module ActionController # assert_template %r{\Aadmin/posts/new\Z} # # # assert that the layout 'admin' was rendered - # assert_template :layout => 'admin' - # assert_template :layout => 'layouts/admin' - # assert_template :layout => :admin + # assert_template layout: 'admin' + # assert_template layout: 'layouts/admin' + # assert_template layout: :admin # # # assert that no layout was rendered - # assert_template :layout => nil - # assert_template :layout => false + # assert_template layout: nil + # assert_template layout: false # # # assert that the "_customer" partial was rendered twice - # assert_template :partial => '_customer', :count => 2 + # assert_template partial: '_customer', count: 2 # # # assert that no partials were rendered - # assert_template :partial => false + # assert_template partial: false # # In a view test case, you can also assert that specific locals are passed # to partials: # # # assert that the "_customer" partial was rendered with a specific object - # assert_template :partial => '_customer', :locals => { :customer => @customer } + # assert_template partial: '_customer', locals: { customer: @customer } def assert_template(options = {}, message = nil) # Force body to be read in case the # template is being streamed @@ -267,7 +267,7 @@ module ActionController # class BooksControllerTest < ActionController::TestCase # def test_create # # Simulate a POST response with the given HTTP parameters. - # post(:create, :book => { :title => "Love Hina" }) + # post(:create, book: { title: "Love Hina" }) # # # Assert that the controller tried to redirect us to # # the created book's URI. @@ -281,7 +281,7 @@ module ActionController # You can also send a real document in the simulated HTTP request. # # def test_create - # json = {:book => { :title => "Love Hina" }}.to_json + # json = {book: { title: "Love Hina" }}.to_json # post :create, json # end # @@ -356,7 +356,7 @@ module ActionController # # If you're using named routes, they can be easily tested using the original named routes' methods straight in the test case. # - # assert_redirected_to page_url(:title => 'foo') + # assert_redirected_to page_url(title: 'foo') class TestCase < ActiveSupport::TestCase # Use AC::TestCase for the base class when describing a controller -- cgit v1.2.3 From cd17ee5598411728747011566abf6779166be9d3 Mon Sep 17 00:00:00 2001 From: Francesco Rodriguez Date: Sun, 28 Oct 2012 17:50:56 -0500 Subject: dont encourage AC::Parameters#permit_all_parameters usage [ci skip] --- .../action_controller/metal/strong_parameters.rb | 22 +--------------------- 1 file changed, 1 insertion(+), 21 deletions(-) (limited to 'actionpack/lib/action_controller') diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index 73f2e94cd1..f60d2a0a50 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -43,19 +43,6 @@ module ActionController # Person.first.update_attributes!(permitted) # # => # # - # It provides a +permit_all_parameters+ option that controls the top-level - # behaviour of new instances. If it's +true+, all the parameters will be - # permitted by default. The default value for +permit_all_parameters+ - # option is +false+. - # - # params = ActionController::Parameters.new - # params.permitted? # => false - # - # ActionController::Parameters.permit_all_parameters = true - # - # params = ActionController::Parameters.new - # params.permitted? # => true - # # ActionController::Parameters is inherited from # ActiveSupport::HashWithIndifferentAccess, this means # that you can fetch values using either :key or "key". @@ -68,8 +55,7 @@ module ActionController attr_accessor :permitted # :nodoc: # Returns a new instance of ActionController::Parameters. - # Also, sets the +permitted+ attribute to the default value of - # ActionController::Parameters.permit_all_parameters. + # Also, sets the +permitted+ attribute to +false+. # # class Person # include ActiveRecord::Base @@ -78,12 +64,6 @@ module ActionController # params = ActionController::Parameters.new(name: 'Francesco') # params.permitted? # => false # Person.new(params) # => ActiveModel::ForbiddenAttributesError - # - # ActionController::Parameters.permit_all_parameters = true - # - # params = ActionController::Parameters.new(name: 'Francesco') - # params.permitted? # => true - # Person.new(params) # => # def initialize(attributes = nil) super(attributes) @permitted = self.class.permit_all_parameters -- cgit v1.2.3 From 8ffb0dacf98ce616dd8b1a9513d69983251a69de Mon Sep 17 00:00:00 2001 From: Vijay Dev Date: Sat, 3 Nov 2012 01:16:57 +0530 Subject: Revert "dont encourage AC::Parameters#permit_all_parameters usage [ci skip]" This reverts commit cd17ee5598411728747011566abf6779166be9d3. Reason: Let's note that this is discouraged, not remove the docs [ci skip] --- .../action_controller/metal/strong_parameters.rb | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'actionpack/lib/action_controller') diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb index f60d2a0a50..73f2e94cd1 100644 --- a/actionpack/lib/action_controller/metal/strong_parameters.rb +++ b/actionpack/lib/action_controller/metal/strong_parameters.rb @@ -43,6 +43,19 @@ module ActionController # Person.first.update_attributes!(permitted) # # => # # + # It provides a +permit_all_parameters+ option that controls the top-level + # behaviour of new instances. If it's +true+, all the parameters will be + # permitted by default. The default value for +permit_all_parameters+ + # option is +false+. + # + # params = ActionController::Parameters.new + # params.permitted? # => false + # + # ActionController::Parameters.permit_all_parameters = true + # + # params = ActionController::Parameters.new + # params.permitted? # => true + # # ActionController::Parameters is inherited from # ActiveSupport::HashWithIndifferentAccess, this means # that you can fetch values using either :key or "key". @@ -55,7 +68,8 @@ module ActionController attr_accessor :permitted # :nodoc: # Returns a new instance of ActionController::Parameters. - # Also, sets the +permitted+ attribute to +false+. + # Also, sets the +permitted+ attribute to the default value of + # ActionController::Parameters.permit_all_parameters. # # class Person # include ActiveRecord::Base @@ -64,6 +78,12 @@ module ActionController # params = ActionController::Parameters.new(name: 'Francesco') # params.permitted? # => false # Person.new(params) # => ActiveModel::ForbiddenAttributesError + # + # ActionController::Parameters.permit_all_parameters = true + # + # params = ActionController::Parameters.new(name: 'Francesco') + # params.permitted? # => true + # Person.new(params) # => # def initialize(attributes = nil) super(attributes) @permitted = self.class.permit_all_parameters -- cgit v1.2.3