Skip to content

Latest commit

 

History

History
31 lines (21 loc) · 728 Bytes

README.rdoc

File metadata and controls

31 lines (21 loc) · 728 Bytes

Motivation

Having many protected attributes, many of params has to be manually assigned in controller

def update
   @user = User.find_by_id(params[:id])

   @user.is_admin = params[:user][:is_admin]
   @user.hidden = params[:user][:hidden]
   @user.active = params[:user][:active]
   @user.redmine_user_id = params[:user][:redmine_user_id]

   update!
end

Solution

Small module that has to be included into controller. This module provides handy rewrite_params method

Result

class UserController < ApplicationController
include Selleo::ProtectedRewriter
def update
    @user = User.find_by_id(params[:id])
    rewrite_params(@user, :is_admin, :hidden, :active, :redmine_user_id)
    update!
end
end