你好,有一个简单的模式来处理params安全性,但它在控制器中造成很多混乱我能用它做什么吗?
def report_params
params.require(:report).permit(
:example_field_1,
:example_field_2,
:example_field_3,
:example_field_4,
:example_field_5,
:example_field_6,
:example_field_7,
:example_field_8,
:example_field_9,
:example_field_10,
:example_field_11,
:example_field_12,
:example_field_13,
:example_field_14,
:example_field_15,
:example_field_16,
:example_field_17,
:example_field_18,
:example_field_19,
:example_field_20,
:example_field_21,
:example_field_22,
:example_field_23,
:example_field_24,
:example_field_25,
:example_field_26,
:example_field_27,
:example_field_28,
:example_field_29,
:example_field_30,
:example_field_31,
:example_field_32,
:example_field_33,
:example_field_34,
:example_field_35,
:example_field_36,
:example_field_37,
:example_field_38,
:example_field_39,
:example_field_40,
:example_field_41,
:example_field_42,
:example_field_43,
:example_field_44,
:example_field_45,
:example_field_46,
:example_field_47,
:example_field_48,
example_address_1_attributes: Address::PUBLIC_ATTRIBUTES,
example_address_2_attributes: Address::PUBLIC_ATTRIBUTES,
documents_attributes: Document::PUBLIC_ATTRIBUTES
)
end
我通过在模型中指定共享属性来进行一些重构。我不知道如何处理它。
答案 0 :(得分:4)
如下:
def report_params
allowed = (1..48).map{|i| "example_field_#{i}".to_sym}
params.require(:report).permit(
allowed,
example_address_1_attributes: Address::PUBLIC_ATTRIBUTES,
example_address_2_attributes: Address::PUBLIC_ATTRIBUTES,
documents_attributes: Document::PUBLIC_ATTRIBUTES
)
end
如果我在控制台中这样做:
> allowed = (1..48).map{|i| "example_field_#{i}".to_sym}
=> [:example_field_1, :example_field_2, :example_field_3, :example_field_4, :example_field_5, :example_field_6, :example_field_7, :example_field_8, :example_field_9, :example_field_10, :example_field_11, :example_field_12, :example_field_13, :example_field_14, :example_field_15, :example_field_16, :example_field_17, :example_field_18, :example_field_19, :example_field_20, :example_field_21, :example_field_22, :example_field_23, :example_field_24, :example_field_25, :example_field_26, :example_field_27, :example_field_28, :example_field_29, :example_field_30, :example_field_31, :example_field_32, :example_field_33, :example_field_34, :example_field_35, :example_field_36, :example_field_37, :example_field_38, :example_field_39, :example_field_40, :example_field_41, :example_field_42, :example_field_43, :example_field_44, :example_field_45, :example_field_46, :example_field_47, :example_field_48]
> p = ActionController::Parameters.new(report: {example_field_12: 'foo', bogus: 'field', good: 'extra'})
=> {"report"=>{"example_field_12"=>"foo", "bogus"=>"field", "good"=>"extra"}}
> p.require(:report).permit(allowed, :good)
Unpermitted parameter: bogus
=> {"example_field_12"=>"foo", "good"=>"extra"}
答案 1 :(得分:1)
Moveson放置了link to a great blog post。我用那种方法。它非常有用我不需要在模型和控制器中保持共享属性看起来好多了;)!