Last active
December 21, 2015 16:09
-
-
Save tatey/6331296 to your computer and use it in GitHub Desktop.
The good ol' fashion way of restricting params in a controller. In response to https://twitter.com/awws/status/371437294776901632
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class PostsController | |
| def create | |
| @post = Post.new post_params | |
| @post.save | |
| respond_with @post | |
| end | |
| private | |
| def post_params | |
| params.fetch(:post, {}).slice :title, :slug, :body | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment