Reputation: 151
Rails Controller Params - Custom Update Method for CanCan work around
I'm trying to limit access to a certain attribute when updating.
An admin is allowed to update all of a Need anytime they want, except they can only update the Need's is_public bool only if need_state is in_progress.
CanCan doesn't allow a way to limit the update action based on specific attributes that are being set... so I thought they only way to accomplish this was to make a special method called set_is_public.
I've got my form calling to it and it's sending the following params:
{"utf8"=>"✓",
"authenticity_token"=>"2u9AZ7AJDYQrXm3LubMAxlxhjbsQ14myUTyOSyvoKzk=",
"need"=>{"id"=>"5",
"is_public"=>"true"},
"commit"=>"Set as Public"}
How do you go about updating that need in the action in the controller?
I can't figure out how to read those params in and:
- Find the need based on the id;
- Update its
is_publicattribute to the value of theis_publicparam.
Upvotes: 0
Views: 313
Answers (1)
Reputation: 2665
The params you posted show a nested hashed, so you should just need to do something like :
the_need = Need.find( params["need"]["id"] )
the_need.is_public = params["need"]["is_public"]
the_need.save
I hope that helps!
Edited to add : you may need to deal with parameter restrictions, depending on your version of Rails, one technique is a before filter that does :
params.require(:need).permit(:id, :is_public)
Please clarify your question if this is not helping
Upvotes: 1
Related Questions
- Rails CanCanCan ability issue with model-less controller
- Passing params to CanCan in RoR
- cancan for new action
- Using cancan with gems controllers
- Rails incorrect action call
- How to apply abilities to a non-restful controller in cancan
- Update Cancan in rails
- Applying cancan to custom actions
- Rails, CanCan and controllers
- Cancan allow updating specific attribute of a model