UsingWithStrongParameters.md

February 1, 2015 ยท View on GitHub

[ Back to TheRole ]


Using with Strong Parameters

class PagesController < ApplicationController
  # .. code ...

  private

  def page_params
    permitted_keys = [:title, :intro, :content]

    permitted_keys.push(:tags)       if current_user.has_role?(:pages, :tags)
    permitted_keys.push(:top_secret) if current_user.admin?

    params.require(:page).permit(permitted_keys)
  end
end

[ Back to TheRole ]