I try for hours now to only "permit" the following params-hash in the controller:
{
"utf8"=>"✓",
"authenticity_token"=>"...",
"article"=>{
"title"=>"Titel Tags",
"text"=>"Tags Tags Tags"
},
"tags"=>{
"name"=>"ufos, foo, bar, aerzte"
},
"commit"=>"Create Article"
}
My approach is with tap
def article_params
params.tap { |article_params| article_params.require(:article).permit(:title, :text)}.tap {|tags_params| tags_params.require(:tags).permit(:name) }
end
Output is still, that the parameters are not permitted - so I can't use the input from the view in my controller at all, even though the hash is set up fine.
<ActionController::Parameters {"utf8"=>"✓", "authenticity_token"=>"DuMUDfPFe6iFq2Jwj4gTst1nFI3JVwTCoXu/oL53TxE1cXhtK1d+WOBL4U7A3Efo2sGxr7RCHLx3LTau7SK0xg==", "article"=><ActionController::Parameters {"title"=>"Titel Tags", "text"=>"Tags Tags Tags"} permitted: false>, "tags"=><ActionController::Parameters {"name"=>"ufos, foo, bar, aerzte"} permitted: false>, "commit"=>"Create Article", "controller"=>"articles", "action"=>"create"} permitted: false>
What is it that I am obviously doing horribly wrong and against the rails way? I thought using tap would be darn smart an approach but obviously not smart enough for "cracking the rails code". :)
Help needed !
params.require(:article).permit(:title, :text); params.require(:tags).permit(:name)(two lines). - Sebastian Palma<ActionController::Parameters {"name"=>"ufos, foo, baz, bar"} permitted: true>and it lacks the nesting"tags" => { "name" => "ufos, foo", ...as well asarticlesof course. Yours sincerely von Spotz - von spotz>> article_params => <ActionController::Parameters {"title"=>"Params permit test", "text"=>"Test params permit"} permitted: true>Meanwhile I had success with{ :article => article_whitelist }.merge ({ :tags => tags_whitelist})but I don't have any trust this "success" is anywhere lege artis. It's more of some kind of a hack. - von spotz