Fix strong param checks so they can handle dynamic wizard fields
Dieser Commit ist enthalten in:
Ursprung
48ed74c4ce
Commit
8a216fcfcf
3 geänderte Dateien mit 12 neuen und 5 gelöschten Zeilen
|
@ -2,8 +2,15 @@ class CustomWizard::StepsController < ApplicationController
|
|||
before_action :ensure_logged_in
|
||||
|
||||
def update
|
||||
params.require(:step_id)
|
||||
params.require(:wizard_id)
|
||||
field_ids = CustomWizard::Wizard.field_ids(params[:wizard_id], params[:step_id])
|
||||
permitted = params.permit(:step_id, :wizard_id, fields: field_ids.map(&:to_sym)) if field_ids.present?
|
||||
|
||||
permitted = params.permit(:wizard_id, :step_id)
|
||||
if params[:fields]
|
||||
permitted[:fields] = params[:fields].select { |k, v| field_ids.include? k }
|
||||
permitted.permit!
|
||||
end
|
||||
|
||||
wizard = CustomWizard::Builder.new(current_user, permitted[:wizard_id].underscore).build
|
||||
updater = wizard.create_updater(permitted[:step_id], permitted[:fields])
|
||||
|
|
|
@ -219,7 +219,6 @@ class CustomWizard::Builder
|
|||
a['profile_updates'].each do |pu|
|
||||
attributes[pu['value'].to_sym] = data[pu['key']]
|
||||
end
|
||||
puts "UPDATING WITH: #{attributes}"
|
||||
user_updater.update(attributes) if attributes.present?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -122,17 +122,18 @@ class CustomWizard::Wizard
|
|||
|
||||
def self.step_ids(wizard_id)
|
||||
steps = self.steps(wizard_id)
|
||||
steps.map { |s| s['id'] }.flatten.uniq if steps
|
||||
return [] if !steps
|
||||
steps.map { |s| s['id'] }.flatten.uniq
|
||||
end
|
||||
|
||||
def self.field_ids(wizard_id, step_id)
|
||||
steps = self.steps(wizard_id)
|
||||
return nil if !steps
|
||||
return [] if !steps
|
||||
step = steps.select { |s| s['id'] === step_id }.first
|
||||
if step && fields = step['fields']
|
||||
fields.map { |f| f['id'] }
|
||||
else
|
||||
nil
|
||||
[]
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Laden …
In neuem Issue referenzieren