add required params to all controllers
This commit is contained in:
parent
a31a92b321
commit
c361349c20
9 changed files with 47 additions and 11 deletions
|
@ -48,4 +48,10 @@ class MappingsController < ApplicationController
|
|||
|
||||
head :no_content
|
||||
end
|
||||
|
||||
private
|
||||
# Never trust parameters from the scary internet, only allow the white list through.
|
||||
def mapping_params
|
||||
params.require(:mapping).permit(:id, :category, :xloc, :yloc, :topic_id, :synapse_id, :map_id, :user_id)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -238,4 +238,11 @@ class MapsController < ApplicationController
|
|||
}
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# Never trust parameters from the scary internet, only allow the white list through.
|
||||
def map_params
|
||||
params.require(:map).permit(:id, :name, :arranged, :desc, :permission, :user_id)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,10 +2,6 @@ class MetacodeSetsController < ApplicationController
|
|||
|
||||
before_filter :require_admin
|
||||
|
||||
def metacode_set_params
|
||||
params.require(:metacode_set).permit(:desc, :mapperContributed, :name)
|
||||
end
|
||||
|
||||
# GET /metacode_sets
|
||||
# GET /metacode_sets.json
|
||||
def index
|
||||
|
@ -120,4 +116,11 @@ class MetacodeSetsController < ApplicationController
|
|||
format.json { head :no_content }
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def metacode_set_params
|
||||
params.require(:metacode_set).permit(:desc, :mapperContributed, :name)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -93,4 +93,11 @@ class MetacodesController < ApplicationController
|
|||
# format.json { head :no_content }
|
||||
# end
|
||||
# end
|
||||
|
||||
private
|
||||
|
||||
# Never trust parameters from the scary internet, only allow the white list through.
|
||||
def metacode_params
|
||||
params.require(:metacode).permit(:id, :name, :icon, :color)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -64,4 +64,10 @@ class SynapsesController < ApplicationController
|
|||
format.json { head :no_content }
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def synapse_params
|
||||
params.require(:synapse).permit(:id, :desc, :category, :weight, :permission, :node1_id, :node2_id, :user_id)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,7 +10,6 @@ class TopicsController < ApplicationController
|
|||
@current = current_user
|
||||
term = params[:term]
|
||||
if term && !term.empty?
|
||||
# !connor term here needs to have .downcase
|
||||
@topics = Topic.where('LOWER("name") like ?', term.downcase + '%').order('"name"')
|
||||
|
||||
#read this next line as 'delete a topic if its private and you're either
|
||||
|
@ -233,4 +232,10 @@ class TopicsController < ApplicationController
|
|||
format.json { head :no_content }
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def topic_params
|
||||
params.require(:topic).permit(:id, :name, :desc, :link, :permission, :user_id, :metacode_id)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -4,10 +4,6 @@ class UsersController < ApplicationController
|
|||
|
||||
respond_to :html, :json
|
||||
|
||||
def user_params
|
||||
params.require(:user).permit(:name, :email, :image, :password,
|
||||
:password_confirmation, :code, :joinedwithcode, :remember_me)
|
||||
|
||||
# GET /users/1.json
|
||||
def show
|
||||
@user = User.find(params[:id])
|
||||
|
@ -102,4 +98,10 @@ class UsersController < ApplicationController
|
|||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def user_params
|
||||
params.require(:user).permit(:name, :email, :image, :password,
|
||||
:password_confirmation, :code, :joinedwithcode, :remember_me)
|
||||
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue