ApplicationController 中的动态/正则表达式参数

Question

How to permit dynamic params in an AppicationController?如何在 AppicationController 中允许动态参数？

so all these parameters should permitted:所以所有这些参数都应该允许：

params = { "filter_color" => "blue,green", 
           "filter_size" => "xl,sm,lg", 
           "filter_type" => "new,old,used",
           "limit" => "10" }

But my approach only passes limit ,但我的方法只能通过limit ，

def product_params
  params.permit(:limit, /filter_.*/)
end

Answer 1

The permit method only processes an incoming value if it's a Symbol, String, or Hash . permit方法仅处理符号、字符串或 Hash 的传入值。

If you want to try to work around this you could do something like this:如果您想尝试解决此问题，可以执行以下操作：

filter_names = params.keys.select { |key| key[/\Afilter_.*/] }
params.permit(:limit, *filter_names)

But be aware that the point of Strong Parameters is to define an explicit set of allowed values to avoid security problems with mass-assigning user-provided values.但请注意，强参数的重点是定义一组明确的允许值，以避免大量分配用户提供的值时出现安全问题。 As long as it's always safe to allow any user to pass in any kind of filter_* value, then you should be OK.只要允许任何用户传递任何类型的filter_*值总是安全的，那么你应该没问题。

ApplicationController 中的动态/正则表达式参数

问题描述

1 个解决方案

解决方案1
0 已采纳 2021-04-22 13:32:18

ApplicationController 中的动态/正则表达式参数

问题描述

1 个解决方案

解决方案1 0 已采纳 2021-04-22 13:32:18

解决方案1
0 已采纳 2021-04-22 13:32:18