[英]Rails 5 - how to whitelist the param for an ENTIRE jsonb postgres column in a controller?
I have tried to use the suggested example from github . 我尝试使用github中的建议示例。 You can also find it on some answers like this one for Rails 4. 您也可以找到它像一些答案, 这一个为Rails 4。
I have tried this in Rails 5.0.1 and I just get an empty hash {} stored in the database: 我已经在Rails 5.0.1中进行了尝试,但是我得到的空哈希{}存储在数据库中:
def proposal_params
params.require(:proposal).permit(:document, :account_id).tap do |whitelisted|
whitelisted[:document] = params[:proposal][:document]
end
end
Obviously if I just do permit! 显然,如果我允许的话! it works. 有用。
I also tried an answer from this question : 我也试着从这个问题的答案:
def proposal_params
params.require(:proposal).permit(:account_id, document: Proposal.stored_attributes[:document])
end
but that also does not work. 但这也不起作用。
The :document attribute contains json which is never the same between requests...and is a long and complex structure. :document属性包含的json在请求之间是永远不一样的...并且是一个冗长而复杂的结构。
I just need to dump it as is into a jsonb column. 我只需要按原样将其转储到jsonb列中。
For the curious, here is an example of what can be in document
: 出于好奇,以下是document
的示例:
{
"document":{
"customer":{
"id":"273a0ad1-0867-4c17-8e0a-3284c6f2f6af",
"first_name":"Ricardo",
"last_name":"Bird",
"email":"ricardo_bird@smithtrantow.co",
"mobile":"07786560223"
},
"state":8,
"salutation":"Mr & Mrs Bird",
"total_price":0,
"quoted_products":[
{
"product":{
"sku":"9111",
"name":"Solid European Oak",
"price":25.99,
"category":"Wood",
"sub_category":"Solid",
"updated_at":"2016-12-01",
"updated_by":"Donald Duck",
"created_at":"2016-11-01",
"created_by":"Mickey",
"image_url":"http://www.higherground.co.uk/wp-content/uploads/2015/11/wood-flooring-thumbnail.jpg"
},
"total_price":25.99,
"total_area":1,
"product_total_price":25.99,
"is_manual_total":false,
"is_installed":false,
"install_price":null,
"are_rooms_grouped":false,
"rooms":[
{
"name":"Dining Room",
"icon_url":"assets/fb-img/dining-room.png",
"number":null,
"area":1,
"width":null,
"length":null,
"subfloor_prep":null,
"subfloor_price":null,
"perimeter_product":null,
"perimeter_length":null,
"is_perimeter_installed":false,
"perimeter_price":null,
"perimeter_style":null,
"is_perimeter_remove_old":false,
"is_move_furniture":false,
"move_furniture_price":null,
"move_surcharge":null,
"stairs_stepcount":null,
"surcharge":null,
"is_installed":false,
"uplift_price":null,
"install_method":"bonded"
}
],
"is_extras":true,
"threshold_count":2,
"radiator_count":3,
"trim_count":2,
"threshold_price":30,
"radiator_price":4,
"trim_price":10,
"is_rear_mat":false,
"is_front_mat":true,
"front_mat_type":"Coloured",
"rear_mat_type":null,
"front_mat_area":2,
"front_mat_price":60.01,
"rear_mat_area":null,
"rear_mat_price":null,
"extras_total_price":212.01999999999998
}
],
"status":"Draft",
"is_details_oneprice":false,
"notes":"Testing submission"
}
}
If I'm correct you still need to permit!
如果我没错,您仍然需要permit!
the document parameter: document参数:
def proposal_params
params.require(:proposal).permit(:account_id).tap do |whitelisted|
whitelisted[:document] = params[:proposal].fetch(:document, ActionController::Parameters.new).permit!
end
end
The way this works is that it will only keep the account_id
at first but then within tap
we add the document
parameter back by trying to retrieve it from the original parameters. 这样做的方式是,它只会首先保留account_id
,然后在tap
我们尝试通过从原始参数中检索document
参数来将其添加回去。 ActionController::Parameters.new
as the default value for fetch
ensures that the permit!
ActionController::Parameters.new
作为fetch
的默认值可确保获得permit!
method is always callable even if no document
parameter has been passed. 即使未传递任何document
参数,该方法始终是可调用的。
Under the hood ActionController::Parameters#permit!
ActionController::Parameters#permit!
在ActionController::Parameters#permit!
seems to recursively call the permit!
似乎递归地叫了permit!
function on the contained parameters as well, so we can call it on any instance: 函数也可以对包含的参数进行操作,因此我们可以在任何实例上调用它:
def permit!
each_pair do |key, value|
Array.wrap(value).each do |v|
v.permit! if v.respond_to? :permit!
end
end
@permitted = true
self
end
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.