]> git.openstreetmap.org Git - rails.git/commitdiff
projects / rails.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e52d4c2)
Replace permit/require with expect for parameter validation
authorTom Hughes <tom@compton.nu>
Tue, 25 Feb 2025 19:08:57 +0000 (19:08 +0000)
committerTom Hughes <tom@compton.nu>
Thu, 20 Mar 2025 11:38:27 +0000 (11:38 +0000)
app/controllers/accounts_controller.rb patch | blob | history
app/controllers/diary_comments_controller.rb patch | blob | history
app/controllers/diary_entries_controller.rb patch | blob | history
app/controllers/issue_comments_controller.rb patch | blob | history
app/controllers/messages_controller.rb patch | blob | history
app/controllers/oauth2_applications_controller.rb patch | blob | history
app/controllers/reports_controller.rb patch | blob | history
app/controllers/traces_controller.rb patch | blob | history
app/controllers/users_controller.rb patch | blob | history

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index e2a82c20edc154b8c4c4aa625ac583e153d8be2c..31653448ae2c140f30281c755b590a9bd0c91c19 100644 (file)
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -25,7 +25,7 @@ class AccountsController < ApplicationController
   end
 
   def update
   end
 
   def update
-    user_params = params.require(:user).permit(:display_name, :new_email, :pass_crypt, :pass_crypt_confirmation, :auth_provider)
+    user_params = params.expect(:user => [:display_name, :new_email, :pass_crypt, :pass_crypt_confirmation, :auth_provider])
 
     if params[:user][:auth_provider].blank? ||
        (params[:user][:auth_provider] == current_user.auth_provider &&
 
     if params[:user][:auth_provider].blank? ||
        (params[:user][:auth_provider] == current_user.auth_provider &&
diff --git a/app/controllers/diary_comments_controller.rb b/app/controllers/diary_comments_controller.rb
index 91e05ff7413f9cd3d0a5a28308e93aa0ad8d8a3a..5bbf2bf63dc0efd60f3b70d525f7fe20c4ca202b 100644 (file)
--- a/app/controllers/diary_comments_controller.rb
+++ b/app/controllers/diary_comments_controller.rb
@@ -51,6 +51,6 @@ class DiaryCommentsController < ApplicationController
   ##
   # return permitted diary comment parameters
   def comment_params
   ##
   # return permitted diary comment parameters
   def comment_params
-    params.require(:diary_comment).permit(:body)
+    params.expect(:diary_comment => [:body])
   end
 end
   end
 end
diff --git a/app/controllers/diary_entries_controller.rb b/app/controllers/diary_entries_controller.rb
index 94876e72a38b539bf2b21240cfa041f79f6a51c3..f3752cb2c047e8cc899df9019db4f42eff4b488f 100644 (file)
--- a/app/controllers/diary_entries_controller.rb
+++ b/app/controllers/diary_entries_controller.rb
@@ -219,7 +219,7 @@ class DiaryEntriesController < ApplicationController
   ##
   # return permitted diary entry parameters
   def entry_params
   ##
   # return permitted diary entry parameters
   def entry_params
-    params.require(:diary_entry).permit(:title, :body, :language_code, :latitude, :longitude)
+    params.expect(:diary_entry => [:title, :body, :language_code, :latitude, :longitude])
   rescue ActionController::ParameterMissing
     ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
   end
   rescue ActionController::ParameterMissing
     ActionController::Parameters.new.permit(:title, :body, :language_code, :latitude, :longitude)
   end
diff --git a/app/controllers/issue_comments_controller.rb b/app/controllers/issue_comments_controller.rb
index 5bf4d023784a587613645f03891f5e2f22ae2cae..cb504ad049a8d4118072480904431058f390e6dd 100644 (file)
--- a/app/controllers/issue_comments_controller.rb
+++ b/app/controllers/issue_comments_controller.rb
@@ -33,7 +33,7 @@ class IssueCommentsController < ApplicationController
   private
 
   def issue_comment_params
   private
 
   def issue_comment_params
-    params.require(:issue_comment).permit(:body)
+    params.expect(:issue_comment => [:body])
   end
 
   # This sort of assumes there are only two roles
   end
 
   # This sort of assumes there are only two roles
diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index 1979c9edc5f7bf8feba00f9901150af9420c4038..cb72d4d571ce4d893532d62fcc484889a3ac8be0 100644 (file)
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -78,7 +78,7 @@ class MessagesController < ApplicationController
   ##
   # return permitted message parameters
   def message_params
   ##
   # return permitted message parameters
   def message_params
-    params.require(:message).permit(:title, :body)
+    params.expect(:message => [:title, :body])
   rescue ActionController::ParameterMissing
     ActionController::Parameters.new.permit(:title, :body)
   end
   rescue ActionController::ParameterMissing
     ActionController::Parameters.new.permit(:title, :body)
   end
diff --git a/app/controllers/oauth2_applications_controller.rb b/app/controllers/oauth2_applications_controller.rb
index 97d84b1737eb5d7b86c434f65c97f7328eacd251..fcb9afc3b69945de81fe0d98999a7524713e62a3 100644 (file)
--- a/app/controllers/oauth2_applications_controller.rb
+++ b/app/controllers/oauth2_applications_controller.rb
@@ -21,8 +21,8 @@ class Oauth2ApplicationsController < Doorkeeper::ApplicationsController
 
   def application_params
     params[:oauth2_application][:scopes]&.delete("")
 
   def application_params
     params[:oauth2_application][:scopes]&.delete("")
-    params.require(:oauth2_application)
-          .permit(:name, :redirect_uri, :confidential, :scopes => [])
-          .merge(:owner => current_resource_owner)
+    params
+      .expect(:oauth2_application => [:name, :redirect_uri, :confidential, { :scopes => [] }])
+      .merge(:owner => current_resource_owner)
   end
 end
   end
 end
diff --git a/app/controllers/reports_controller.rb b/app/controllers/reports_controller.rb
index e2ec400a57665ba92483cfefc3ebde36007878b9..e4a0bf41bd7c18fde286376db27daf2e32f0b324 100644 (file)
--- a/app/controllers/reports_controller.rb
+++ b/app/controllers/reports_controller.rb
@@ -49,7 +49,7 @@ class ReportsController < ApplicationController
   end
 
   def report_params
   end
 
   def report_params
-    params.require(:report).permit(:details, :category)
+    params.expect(:report => [:details, :category])
   end
 
   def issue_params
   end
 
   def issue_params
diff --git a/app/controllers/traces_controller.rb b/app/controllers/traces_controller.rb
index 53c1dedd6aeecb27e0c82dceaeb0184ffd12816e..2bf34f593e72c57710f7453026dae248b7ef0c6c 100644 (file)
--- a/app/controllers/traces_controller.rb
+++ b/app/controllers/traces_controller.rb
@@ -223,6 +223,6 @@ class TracesController < ApplicationController
   end
 
   def trace_params
   end
 
   def trace_params
-    params.require(:trace).permit(:description, :tagstring, :visibility)
+    params.expect(:trace => [:description, :tagstring, :visibility])
   end
 end
   end
 end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 2ea2ea36f3006f4566e46830646904c529a88391..58ed0c48a06c43dae7cbd979dd39030ac92dfdd1 100644 (file)
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -239,9 +239,9 @@ class UsersController < ApplicationController
   ##
   # return permitted user parameters
   def user_params
   ##
   # return permitted user parameters
   def user_params
-    params.require(:user).permit(:email, :display_name,
-                                 :auth_provider, :auth_uid,
-                                 :pass_crypt, :pass_crypt_confirmation)
+    params.expect(:user => [:email, :display_name,
+                            :auth_provider, :auth_uid,
+                            :pass_crypt, :pass_crypt_confirmation])
   end
 
   ##
   end
 
   ##
The OpenStreetMap web site