Module: CancanStrongParameters::Controller::ClassMethods

Defined in:

lib/cancan_strong_parameters/controller.rb

Instance Method Summary

• #filter_strong_params(method, actions, keys) ⇒ Object

  :nodoc:.

• #permit_all_params(options = {}) ⇒ Object

  Does a permit! at every level of the params to let everything through.

• #permit_params(*keys) ⇒ Object

  Use this with CanCan’s load_resource to permit a set of params before it tries to build or update a resource with them.

• #permit_params_on_create(*keys) ⇒ Object

  Like permit_params, but only applies to create action.

• #permit_params_on_update(*keys) ⇒ Object

  Like permit_params, but only applies to update action.

• #require_params(*keys) ⇒ Object

  Like permit_params, but marks the params required.

• #require_params_on_create(*keys) ⇒ Object

  Like require_params, but only applies to create action.

• #require_params_on_update(*keys) ⇒ Object

  Like require_params, but only applies to update action.

• #resource_name(name_to_set = nil) ⇒ Object

Instance Method Details

#filter_strong_params(method, actions, keys) ⇒ Object

:nodoc:

# File 'lib/cancan_strong_parameters/controller.rb', line 67

def filter_strong_params method, actions, keys # :nodoc:
  # Get hash from end of array
  hash = keys.extract_options!
  keys.flatten!
  
  # Filter_options is passed to our before filter, e.g. sets when they run
  filter_options = actions == [:all] ? {} : { :only => actions }
  
  # Handle attributes if permitted attributes are given for nested models
  if (hash.present? && keys.present?) || (hash.select{|k,v| v.is_a?(Array)} == hash)
    
    defaults = CancanStrongParameters::Controller::HASH_DEFAULTS
    
    prepend_before_filter(filter_options) do
      resource_name = self.class.resource_name
      
      parameters = keys.flatten + defaults
      parameters << ActionController::Parameters.new(hash.attributized)
      
      # original: parameters = keys.flatten + defaults
      #           parameters << hash
      return warn("Not updating - no parameters key present for #{resource_name}") unless params[resource_name]
      
      self.params[resource_name] = params[resource_name].standardized.send method, *parameters
    end
  elsif hash.present?
    prepend_before_filter(filter_options) do
      self.params.merge! params.send(method, hash)
    end
  else
    prepend_before_filter(filter_options) do
      resource_name = self.class.resource_name
      if params.has_key?(resource_name)
        self.params[resource_name] = params[resource_name].send method, *keys
      else
        self.params = params.send method, *keys
      end
    end
  end
end

#permit_all_params(options = {}) ⇒ Object

Does a permit! at every level of the params to let everything through

# File 'lib/cancan_strong_parameters/controller.rb', line 61

def permit_all_params options = {}
  prepend_before_filter do
    self.params.deep_permit!
  end
end

#permit_params(*keys) ⇒ Object

Use this with CanCan’s load_resource to permit a set of params before it tries to build or update a resource with them.

Usage:

class BooksController < ApplicationController
  load_resource :book
  permit_params book: [:title, :isbn]
end

Or:

class BooksController < ApplicationController
  load_resource
  permit_params :title, :isbn
end

the second form should work in the simple case where you don’t have to supply a resource name for #load_resource

# File 'lib/cancan_strong_parameters/controller.rb', line 25

def permit_params *keys
  filter_strong_params :permit, [:all], keys
end

#permit_params_on_create(*keys) ⇒ Object

Like permit_params, but only applies to create action

# File 'lib/cancan_strong_parameters/controller.rb', line 31

def permit_params_on_create *keys
  filter_strong_params :permit, [:create], keys
end

#permit_params_on_update(*keys) ⇒ Object

Like permit_params, but only applies to update action

# File 'lib/cancan_strong_parameters/controller.rb', line 37

def permit_params_on_update *keys
  filter_strong_params :permit, [:update], keys
end

#require_params(*keys) ⇒ Object

Like permit_params, but marks the params required

# File 'lib/cancan_strong_parameters/controller.rb', line 43

def require_params *keys
  filter_strong_params :require, [:create, :update], keys
end

#require_params_on_create(*keys) ⇒ Object

Like require_params, but only applies to create action

# File 'lib/cancan_strong_parameters/controller.rb', line 49

def require_params_on_create *keys
  filter_strong_params :require, [:create], keys
end

#require_params_on_update(*keys) ⇒ Object

Like require_params, but only applies to update action

# File 'lib/cancan_strong_parameters/controller.rb', line 55

def require_params_on_update *keys
  filter_strong_params :require, [:update], keys
end

#resource_name(name_to_set = nil) ⇒ Object

# File 'lib/cancan_strong_parameters/controller.rb', line 108

def resource_name(name_to_set=nil)
  unless name_to_set.present?
    @resource_name ||= self.to_s.sub("Controller", "").underscore.split('/').last.singularize
  else
    @resource_name = name_to_set
  end
end