Permitting a Single Parameter and default safe parameters? Strong Params

1
votes

I am still struggling to get my head around strong parameters and exactly how they work.

Firstly, which parameters are actually available by default (Edit: just confirmed that it seems, ID is, why is this?), or are they all considered unsafe until explicit permission?

Also how do I go about permitting a single parameter. I have a single ID parameter that I would like to permit that is not from a form, it is simply examples/:id

There are plenty of examples for multiple params eg

params.require(:available_time).permit(:time_start)

i understand that this statement is permitting time_start withing the available_time hash, but what if available time was not multidimensional and just included a value. How would I go about permitting it

would params[:available_time].require.permit or something work?

Some clarification would be great, thanks

1
ruby-on-railsruby-on-rails-4strong-parameters

1 Answers

1
votes

If you just have a single parameter, you don't really need to use strong parameters. You can just use a regular hash when creating or updating your object:

def create
  MyRecord.create(value: params[:value])
end

If you have more than one and this starts to get overwhelming, then it's better to use the multidimensional hash structure.