Rails 4 - Strong Parameters - Nested Objects

Question

I ve got a pretty simple question  But haven t found a solution so far   So here s the JSON string I send to the server        name     abc      groundtruth           type     Point        coordinates      2 4  6           Using the new permit method  I ve got   params require  measurement  permit  name   groundtruth    This throws no errors  but the created database entry contains null instead of the groundtruth value   If I just set   params require  measurement  permit    Everything get s saved as expected  but of course  this kills the security provided by strong parameters   I ve found solutions  how to permit arrays  but not a single example using nested objects  This must be possible somehow  since it should be a pretty common use case  So  how does it work

User · Answer

If it is Rails 5  because of new hash notation  params permit  name  groundtruth    type  coordinates      will work fine

User · Answer

As odd as it sound when you want to permit nested attributes you do specify the attributes of nested object within an array  In your case it would be  Update as suggested by  RafaelOliveira  params require  measurement         permit  name   groundtruth   gt    type   coordinates   gt         On the other hand if you want nested of multiple objects then you wrap it inside a hash    like this  params require  foo  permit  bar    baz   gt    x   y        Rails actually have pretty good documentation on this  http   api rubyonrails org classes ActionController Parameters html method-i-permit  For further clarification  you could look at the implementation of permit and strong parameters itself  https   github com rails rails blob master actionpack lib action controller metal strong parameters rb L246-L247

User · Answer

I found this suggestion useful in my case     def product params     params require  product  permit  name  tap do  whitelisted        whitelisted  data    params  product   data      end   end   Check this link of Xavier s comment on github   This approach whitelists the entire params  measurement   groundtruth  object   Using the original questions attributes     def product params     params require  measurement  permit  name   groundtruth  tap do  whitelisted        whitelisted  groundtruth    params  measurement   groundtruth      end   end

User · Answer

Permitting a nested object    params permit    school   gt    id    name                      student   gt    id                                name                                address                                city                      records   gt    marks   subject

[ruby-on-rails] Rails 4 - Strong Parameters - Nested Objects

Examples related to ruby-on-rails

Examples related to ruby-on-rails-4

Examples related to nested-attributes

Examples related to strong-parameters