Rails 5-如何将控制器中整个jsonb postgres列的参数列入白名单？

Question

I have tried to use the suggested example from github . 我尝试使用github中的建议示例。 You can also find it on some answers like this one for Rails 4. 您也可以找到它像一些答案，这一个为Rails 4。

I have tried this in Rails 5.0.1 and I just get an empty hash {} stored in the database: 我已经在Rails 5.0.1中进行了尝试，但是我得到的空哈希{}存储在数据库中：

def proposal_params
  params.require(:proposal).permit(:document, :account_id).tap do |whitelisted|
    whitelisted[:document] = params[:proposal][:document]
  end
end

Obviously if I just do permit! 显然，如果我允许的话！ it works. 有用。

I also tried an answer from this question : 我也试着从这个问题的答案：

def proposal_params
  params.require(:proposal).permit(:account_id, document: Proposal.stored_attributes[:document])
end

but that also does not work. 但这也不起作用。

The :document attribute contains json which is never the same between requests...and is a long and complex structure. ：document属性包含的json在请求之间是永远不一样的...并且是一个冗长而复杂的结构。

I just need to dump it as is into a jsonb column. 我只需要按原样将其转储到jsonb列中。

For the curious, here is an example of what can be in document : 出于好奇，以下是document的示例：

{
   "document":{
      "customer":{
         "id":"273a0ad1-0867-4c17-8e0a-3284c6f2f6af",
         "first_name":"Ricardo",
         "last_name":"Bird",
         "email":"ricardo_bird@smithtrantow.co",
         "mobile":"07786560223"
      },
      "state":8,
      "salutation":"Mr & Mrs Bird",
      "total_price":0,
      "quoted_products":[
         {
            "product":{
               "sku":"9111",
               "name":"Solid European Oak",
               "price":25.99,
               "category":"Wood",
               "sub_category":"Solid",
               "updated_at":"2016-12-01",
               "updated_by":"Donald Duck",
               "created_at":"2016-11-01",
               "created_by":"Mickey",
               "image_url":"http://www.higherground.co.uk/wp-content/uploads/2015/11/wood-flooring-thumbnail.jpg"
            },
            "total_price":25.99,
            "total_area":1,
            "product_total_price":25.99,
            "is_manual_total":false,
            "is_installed":false,
            "install_price":null,
            "are_rooms_grouped":false,
            "rooms":[
               {
                  "name":"Dining Room",
                  "icon_url":"assets/fb-img/dining-room.png",
                  "number":null,
                  "area":1,
                  "width":null,
                  "length":null,
                  "subfloor_prep":null,
                  "subfloor_price":null,
                  "perimeter_product":null,
                  "perimeter_length":null,
                  "is_perimeter_installed":false,
                  "perimeter_price":null,
                  "perimeter_style":null,
                  "is_perimeter_remove_old":false,
                  "is_move_furniture":false,
                  "move_furniture_price":null,
                  "move_surcharge":null,
                  "stairs_stepcount":null,
                  "surcharge":null,
                  "is_installed":false,
                  "uplift_price":null,
                  "install_method":"bonded"
               }
            ],
            "is_extras":true,
            "threshold_count":2,
            "radiator_count":3,
            "trim_count":2,
            "threshold_price":30,
            "radiator_price":4,
            "trim_price":10,
            "is_rear_mat":false,
            "is_front_mat":true,
            "front_mat_type":"Coloured",
            "rear_mat_type":null,
            "front_mat_area":2,
            "front_mat_price":60.01,
            "rear_mat_area":null,
            "rear_mat_price":null,
            "extras_total_price":212.01999999999998
         }
      ],
      "status":"Draft",
      "is_details_oneprice":false,
      "notes":"Testing submission"
   }
}

Answer 1

If I'm correct you still need to permit! 如果我没错，您仍然需要permit! the document parameter: document参数：

def proposal_params
  params.require(:proposal).permit(:account_id).tap do |whitelisted|
    whitelisted[:document] = params[:proposal].fetch(:document, ActionController::Parameters.new).permit!
  end
end

The way this works is that it will only keep the account_id at first but then within tap we add the document parameter back by trying to retrieve it from the original parameters. 这样做的方式是，它只会首先保留account_id ，然后在tap我们尝试通过从原始参数中检索document参数来将其添加回去。 ActionController::Parameters.new as the default value for fetch ensures that the permit! ActionController::Parameters.new作为fetch的默认值可确保获得permit! method is always callable even if no document parameter has been passed. 即使未传递任何document参数，该方法始终是可调用的。

Under the hood ActionController::Parameters#permit! ActionController::Parameters#permit!在ActionController::Parameters#permit! seems to recursively call the permit! 似乎递归地叫了permit! function on the contained parameters as well, so we can call it on any instance: 函数也可以对包含的参数进行操作，因此我们可以在任何实例上调用它：

def permit!
  each_pair do |key, value|
    Array.wrap(value).each do |v|
      v.permit! if v.respond_to? :permit!
    end
  end

  @permitted = true
  self
end

Answer 2

You can try: 你可以试试：

to_unsafe_hash

See: 看到：

http://eileencodes.com/posts/actioncontroller-parameters-now-returns-an-object-instead-of-a-hash/ http://eileencodes.com/posts/actioncontroller-parameters-now-returns-an-object-instead-of-a-hash/

Rails 5-如何将控制器中整个jsonb postgres列的参数列入白名单？

问题描述

2 个解决方案

解决方案1
3 已采纳

解决方案2
1 2017-02-19 22:47:36

Rails 5-如何将控制器中整个jsonb postgres列的参数列入白名单？

问题描述

2 个解决方案

解决方案1 3 已采纳

解决方案2 1 2017-02-19 22:47:36

解决方案1
3 已采纳

解决方案2
1 2017-02-19 22:47:36