RSpec
Ruby on Rails
Rubypermit
- 1.0.0
- 1.1.6
- 1.2.6
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8
- 3.0.0
- 3.0.9
- 3.1.0
- 3.2.1
- 3.2.8
- 3.2.13
- 4.0.2 (0)
- 4.1.8 (0)
- 4.2.1 (0)
- 4.2.7 (0)
- 4.2.9 (0)
- 5.0.0.1 (0)
- 5.1.7 (21)
- 5.2.3 (0)
- 6.0.0 (0)
- 6.1.3.1 (0)
- 6.1.7.7 (0)
- 7.0.0 (38)
- 7.1.3.2 (0)
- 7.1.3.4 (0)
- 7.2.3 (5)
- 8.0.0 (38)
- 8.1.1 (2)
- What's this?
-
allow_deprecated_parameters...
-
allow_deprecated_parameters...
-
const_missing
(<= v4.2.9)
-
hook_into_yaml_loading
-
nested_attribute?
-
new
-
==
-
[]
-
[]=
-
array_filter?
(>= v8.0.0)
-
array_of_permitted_scalars?
-
array_of_permitted_scalars_...
(<= v4.2.9)
-
as_json
-
compact
-
compact!
-
compact_blank
-
compact_blank!
-
converted_arrays
-
convert_hashes_to_parameters
-
convert_parameters_to_hashes
-
convert_value_to_parameters
-
deep_dup
-
deep_merge
-
deep_merge!
-
deep_merge?
-
deep_transform_keys
-
deep_transform_keys!
-
_deep_transform_keys_in_object
-
_deep_transform_keys_in_obj...
-
delete
-
delete_if
-
dig
-
dup
(<= v5.0.0.1)
-
each
-
each_array_element
(>= v8.0.0)
-
each_element
-
each_key
-
each_nested_attribute
-
each_pair
-
each_value
-
empty?
-
encode_with
-
eql?
-
except
-
exclude?
-
expect
(>= v8.0.0)
-
expect!
(>= v8.0.0)
-
extract!
-
extract_value
-
fetch
-
fields_for_style?
(<= v6.0.0)
-
hash
-
hash_filter
-
has_key?
-
has_value?
-
include?
-
initialize_copy
-
init_with
-
inspect
-
keep_if
-
key?
-
keys
-
member?
-
merge
-
merge!
-
method_missing
(<= v5.0.0.1)
-
nested_attributes?
-
new_instance_with_inherited...
-
non_scalar?
-
permit
-
permit!
-
permit_any_in_array
-
permit_any_in_parameters
-
permit_array_of_hashes
(>= v8.0.0)
-
permit_array_of_scalars
(>= v8.0.0)
-
permit_filters
(>= v8.0.0)
-
permit_hash
(>= v8.0.0)
-
permit_hash_or_array
(>= v8.0.0)
-
permitted=
(<= v5.2.3)
-
permitted?
-
permitted_scalar?
-
permitted_scalar_filter
-
permit_value
(>= v8.0.0)
-
reject
-
reject!
-
require
-
required
-
reverse_merge
-
reverse_merge!
-
select
-
select!
-
slice
-
slice!
-
specify_numeric_keys?
-
stringify_keys
-
to_h
-
to_hash
-
to_param
-
to_query
-
to_s
-
to_unsafe_h
-
to_unsafe_hash
-
transform_keys
-
transform_keys!
-
transform_values
-
transform_values!
-
unpermitted_keys
-
unpermitted_parameters!
-
value?
-
values
-
values_at
-
with_defaults
-
with_defaults!
-
without
= private
= protected
permit(*filters)
public
Returns a new `ActionController::Parameters` instance that includes only the given `filters` and sets the `permitted` attribute for the object to `true`. This is useful for limiting which attributes should be allowed for mass updating.
params = ActionController::Parameters.new(user: { name: "Francesco", age: 22, role: "admin" }) permitted = params.require(:user).permit(:name, :age) permitted.permitted? # => true permitted.has_key?(:name) # => true permitted.has_key?(:age) # => true permitted.has_key?(:role) # => false
Only permitted scalars pass the filter. For example, given
params.permit(:name)
`:name` passes if it is a key of `params` whose associated value is of type `String`, `Symbol`, `NilClass`, `Numeric`, `TrueClass`, `FalseClass`, `Date`, `Time`, `DateTime`, `StringIO`, `IO`, ActionDispatch::Http::UploadedFile or `Rack::Test::UploadedFile`. Otherwise, the key `:name` is filtered out.
You may declare that the parameter should be an array of permitted scalars by mapping it to an empty array:
params = ActionController::Parameters.new(tags: ["rails", "parameters"]) params.permit(tags: [])
Sometimes it is not possible or convenient to declare the valid keys of a hash parameter or its internal structure. Just map to an empty hash:
params.permit(preferences: {})
Be careful because this opens the door to arbitrary input. In this case, `permit` ensures values in the returned structure are permitted scalars and filters out anything else.
You can also use `permit` on nested parameters, like:
params = ActionController::Parameters.new({ person: { name: "Francesco", age: 22, pets: [{ name: "Purplish", category: "dogs" }] } }) permitted = params.permit(person: [ :name, { pets: :name } ]) permitted.permitted? # => true permitted[:person][:name] # => "Francesco" permitted[:person][:age] # => nil permitted[:person][:pets][0][:name] # => "Purplish" permitted[:person][:pets][0][:category] # => nil
Note that if you use `permit` in a key that points to a hash, it won’t allow all the hash. You also need to specify which attributes inside the hash should be permitted.
params = ActionController::Parameters.new({ person: { contact: { email: "none@test.com", phone: "555-1234" } } }) params.require(:person).permit(:contact) # => #<ActionController::Parameters {} permitted: true> params.require(:person).permit(contact: :phone) # => #<ActionController::Parameters {"contact"=>#<ActionController::Parameters {"phone"=>"555-1234"} permitted: true>} permitted: true> params.require(:person).permit(contact: [ :email, :phone ]) # => #<ActionController::Parameters {"contact"=>#<ActionController::Parameters {"email"=>"none@test.com", "phone"=>"555-1234"} permitted: true>} permitted: true>
If your parameters specify multiple parameters indexed by a number, you can permit each set of parameters under the numeric key to be the same using the same syntax as permitting a single item.
params = ActionController::Parameters.new({ person: { '0': { email: "none@test.com", phone: "555-1234" }, '1': { email: "nothing@test.com", phone: "555-6789" }, } }) params.permit(person: [:email]).to_h # => {"person"=>{"0"=>{"email"=>"none@test.com"}, "1"=>{"email"=>"nothing@test.com"}}}
If you want to specify what keys you want from each numeric key, you can instead specify each one individually
params = ActionController::Parameters.new({ person: { '0': { email: "none@test.com", phone: "555-1234" }, '1': { email: "nothing@test.com", phone: "555-6789" }, } }) params.permit(person: { '0': [:email], '1': [:phone]}).to_h # => {"person"=>{"0"=>{"email"=>"none@test.com"}, "1"=>{"phone"=>"555-6789"}}}
