Module: Lotus::Action::Validatable::ClassMethods Private
- Defined in:
- lib/lotus/action/validatable.rb
Overview
This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.
Validatable API class methods
Instance Method Summary collapse
-
#params(klass = nil, &blk) ⇒ Object
private
Whitelist valid parameters to be passed to Lotus::Action#call.
-
#params_class ⇒ Class
private
Returns the class which defines the params.
Instance Method Details
#params(klass = nil, &blk) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Whitelist valid parameters to be passed to Lotus::Action#call.
This feature isn’t mandatory, but higly recommended for security reasons.
Because params come into your application from untrusted sources, it’s a good practice to filter only the wanted keys that serve for your specific use case.
Once whitelisted, the params are available as an Hash with symbols as keys.
It accepts an anonymous block where all the params can be listed. It internally creates an inner class which inherits from Lotus::Action::Params.
Alternatively, it accepts an concrete class that should inherit from Lotus::Action::Params.
95 96 97 98 99 100 101 102 |
# File 'lib/lotus/action/validatable.rb', line 95 def params(klass = nil, &blk) if block_given? @params_class = const_set(PARAMS_CLASS_NAME, Class.new(Params, &blk)) else @params_class = klass end end |
#params_class ⇒ Class
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns the class which defines the params
Returns the class which has been provided to define the params. By default this will be Lotus::Action::Params.
114 115 116 |
# File 'lib/lotus/action/validatable.rb', line 114 def params_class @params_class ||= params { } end |