Reputation: 378
Raise error on unpermitted parameters rails
I am currently trying to implement raising an error when unpermitted parameters are posted in my RoR back-end. I included
config.action_controller.action_on_unpermitted_parameters = :raise
in my development.rb configuration. Now, for example I have in one of my controllers:
def apiary_params
params.require(:apiary).permit(:name, :municipality, :prefecture, :latitude, :longitude, :numberofbeehives, :notes)
end
If I now try posting another parameter lets say "apiary[asdf]" then an internal server error is raised correctly. However if I try posting a random "asdf" param not in the apiary hash, then the request is handled without an error. Does that mean that the random "asdf" and whatever other parameter not in the apiary is permitted? How can I fix that?
Upvotes: 1
Views: 1751
Answers (1)
Reputation: 25029
No, those extra parameters are not permitted - they're silently discarded.
You're only calling permit on params.require(:apiary), that is, params[:apiary], so only extra attributes inside that hash will raise an exception.
As soon as you make that params.require call, then all other params submitted become irrelevant for the return value of this method. You're only dealing with data inside that params[:apiary] hash, and that is what will be returned.
Upvotes: 2
Related Questions
- Unpermitted Parameters in Rails
- Unable to save due to Unpermitted parameters
- Rails: Unpermitted parameter in Rails 5
- Rails Unpermitted Parameter
- param is missing or the value is empty: But parameter IS there with a value
- How to raise an exception when unpermitted parameters are submitted?
- Rails unpermitted params
- Ruby on Rails-Param is missing or the value is empty
- Unpermitted parameters error
- Rails 4 Unpermitted parameters