Reputation: 574
Rails Strong Parameters - what if one of my fields is optional?
I'd not claim myself to be an expert in Rails by any stretch. One of the things that confuses me is Strong Parameters, and I've not found any really straightforward tutorials on it, with the majority of the search results dominated by hits on the rails documentation which, whilst normally accurate, I don't find in any way easy to read and can't be considered a tutorial. The github for strong params also doesn't appear to cover this.
Say I have an entity called "Resource".
class ResourcesController < ApplicationController
...
def create
@resource = Resource.new(resource_params)
if @resource.save
...
respond_with(@resource.level)
else
...
end
end
def update
if @resource.update(resource_params)
...
respond_with(@resource.level)
else
...
end
end
...
def resource_params
params.require(:resource).permit(:name, :url, :description, :level_id)
end
end
Assume I have a scaffolded form which displays the fields for name, url, description and level_id. All of the fields are mandatory. I don't know how to amend the resource_params function to ensure that name, url and level_id are mandatory when updating (or creating) a resource, but that description is optional (but should still be permitted).
I've tried removing description from the require line, and adding it on a separate line as params.permit(:description) but that has not made any difference, the field is still mandatory in the form.
Any assistance on this would be welcomed!
Upvotes: 3
Views: 2181
Answers (3)
Reputation: 33542
As I said, this is nothing to do with strong parameters. You just need to remove required: true for that field to make it optional.
Upvotes: 4
Reputation: 6100
Strong parameters are used to ensure that no other data can pass into your object, that no1 can insert not wanted data. For example if you have entity User and it has field admin that if it is true, the user has admin role, it can not be set using the create or update method inside your controller, because some1 can send any kind of parameters to your controller, and you want to filter them (Allow only specific parameters).
This does not mean if you put something inside strong parameters that it is required for create, update or whatever. Strong parameters only are there to filter the data, and allow only certain parts of your entity to be settable through this service or REST. If you send parameters that are not in strong params defined, in your server console/log there will be unpermited parameters: list of the parameters.
Upvotes: 1
Reputation: 184
I think you should think about :on http://guides.rubyonrails.org/active_record_validations.html#on
validates :email, uniqueness: true, on: :create
It enables validations only on specified action.
Upvotes: 2
Related Questions
- how to permit an array with strong parameters
- Rails - Strong Parameters - Nested Objects
- Ruby on Rails 5 strong parameters
- Rails 4 - strong parameters with scaffold - params.fetch
- Rails 4, strong parameters, nested resources, build and undefined method permit
- Dynamic hash field in Mongoid using strong parameters
- Rails: param is missing or the value is empty. strong parameters in controller
- Rails 4, Strong Parameters, Unpermitted parameters on fields belonging to associated model