Hillary, It appears that at the moment when you have a param that is a hash you also have to specify the keys that the hash will have. By default only scalar data types are supported. See the documentation of strong parameters here for examples and an explanation:
https://github.com/rails/rails/blob/master/actionpack/lib/action_controller/metal/strong_parameters.rb#L207-L247 There was an issue opened for this but it was agreed that supporting arbitrary keys on a hash goes against the purpose of strong paramters in the first place. https://github.com/rails/rails/issues/9454 Their suggestion of using "regular" Ruby code to handle the hash parameter seems to be the only way currently. Richard On Sunday, September 8, 2013 10:34:59 AM UTC-7, Hillary Hueter wrote: > > So i'm re-writing the trip management app I started in order to generalize > it and make it something companies can subscribe to. I thought I should use > rails 4, specifically because of the built in hstore support as there are > some columns that would be easier to run calculations on if I was using > hstore. > > The way I setup the app, is the user defines a trip template that > outlines line items but does not set the values of those line items until > they create the trip. The implementation of the dynamic fields that I used > comes from this http://railscasts.com/episodes/403-dynamic-forms railscast > (it's only available to pro memebers), but the gist is that you use > openstruct to create a hash of the dynamic fields and the values like > below: > > <%= f.hidden_field :trip_type_id %> > > <%= f.fields_for :options, OpenStruct.new(@trip.options) do > |builder| %> > <% @trip.trip_type.type_fields.where(:variable => false).each > do |field| %> > <%= render "type_fields", field: field, f: builder %> > <% end %> > <% end %> > > Because of the way strong params work, I can't just submit a hash with > arbitrary keys. And the fix suggested by the guide ( > http://guides.rubyonrails.org/action_controller_overview.html#outside-the-scope-of-strong-parameters) > > isn't working (my stackoverflow thread > http://stackoverflow.com/questions/18437322/rails-4-0-and-dynamic-fields) > so I still get the unpermitted attributes :options errors. > > Here is how I've done the whitelist for the trips controller > > def trip_params > params.require(:trip).permit(:admin_name, :brochure_title, > :description, :organized_by, :start_date, :end_date, :tour_type_id, > :pay_by, :extension).tap do |whitelisted| > whitelisted[:options] = params[:trip][:options] > end > end > > So I have three questions: > > 1. What is wrong with the way i'm whitelisting the hash from the > OpenStruct object? > 2. Is there another way of doing custom fields that's a more rails 4 > (i.e. strong params friendly). > 3. Is it worth upgrading to 4.0 right now for an app that i'm basing > off of 3.2.12 code and instead just use the hstore extension gem? > > -- -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby --- You received this message because you are subscribed to the Google Groups "SD Ruby" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
