Proper user of strong parameters, assignments, and validators in Rails 4? -

-

what proper way set strong parameters in rails controller , using validators them? i've seen several examples of doing several different ways.

this typical controller def looks me:

# user model class user < activerecord::base   validates :first_name, length: { in: 2..50 }, format: { with: /[a-za-z0-9\s\-\']*/ }   validates :last_name, length: { in: 2..50 }, format: { with: /[a-za-z0-9\s\-\']*/ }   validates :email, presence: true, length: { 5..100 }, format: { with: /**email regex**/ }, uniqueness: { case_sensitive: false } end  # controller def def valid_email   # strong parameters defined here?  when error thrown unmatched requires/permits?   params.require(:user)   params[:user].permit(:email)    # how prevent blank params[:user][:email] making unnecessary database call if it's blank?   @user = user.find_by(email: params[:user][:email])    unless @user.nil?     # should work because in permit whitelist?     @user.assign_attributes(email: params[:user][:email])      # should not work because not in permit whitelist?     @user.assign_attributes(first_name: params[:user][:first_name])      # should work sending private def     @user.assign_attributes(savable_params)      # validate entire model     if @user.valid?       @user.save     end   end rescue => e   log_error(e)    render text: "something bad happened. contact support.", status: :unprocessed_entity end  private def savable_params   params.require(:user).permit(:email) end

how understand it, params.require , params.permit allow whitelisting of data passed controller/action, doesn't keep "other" data being seen in params list (if it's passed).

so, leads few questions:

  1. proper way of whitelisting in similar scenario top?
  2. how you, instance, make sure params[:user][:email] isn't blank ("") before trying user.find_by since know blank email isn't valid anyway , not want make unnecessary database call?
  3. user.valid? validate entire model, though i'm interested in :email attribute valid before doing user.find_by?
  4. if have uniqueness validator on email, instance, how keep uniqueness hitting database, if params[:user][:email] blank , we're interested in email isn't blank, fits within length, , matches format?

thanks again.

so updating existing user?

just - assuming reason not sending user id part of submission:

not_found if params[:user].blank? or params[:user][:email].blank? @user = user.find_by email: params[:user][:email] or not_found @user.update savable_params if @user.valid?   flash.notice = "all good"   redirect_to @user else   # has not been saved   flash.now.alert = @user.errors.full_messages.to_sentence   render :(whatever call display form in first place end

and add application_controller:

def not_found   raise actioncontroller::routingerror.new('not found') end

to questions:

  1. as per above. validators run on model, have logic, keep controllers simple.

  2. i added line - should work, you're sending , id of user, it's not i've done. don't bother testing it.

  3. the validation happens on update,. won't hit db unless passes, it's few cycles, not i've ever worried about. put pre-validation in there, save on db roundtrip, if going - why not put on html field, , save server round trip.

  4. put uniqueness constraint on model , db (the model should it, race conditions, db backstop). nothing hit db unless passes validations first, should rare.

oh, , think you'll need:

params.require(:user).permit(:email, :first_name)

to other field update.


Comments

Post a Comment

Popular posts from this blog

ruby - Trying to change last to "x"s to 23 -

-
i have been playing around irb , have string looks this: irb(main):072:0> puts ["[\"4354 5432 5432 xxxxx\", \"6547 6547 8543 xxxxx\", \"2344 6543 6674 xxxxx\", \"2346 6236 7543 xxxxx\", \"1273 5585 5587 xxxxx\"]"] => nil irb(main):073:0> what want gsub last 2 "x" s of each 17 digit combination, 23 . what i've tried far (i've been using rubular): a.gsub(/\d[x]/,"23") <= grabs "x" s i'm close a.gsub(/\w[x{2}]/,"23") <= grabs "x" s grabs two digits each combination. is there easier way i'm not understanding? a.gsub(/\d{4} \d{4} \d{4} xxx\kxx/, '23') \d{4} = 4 digits what \k drop matched far. can use don't replace entire number, still able validate have in desired format.
Read more

jquery - Clone last and append item to closest class -

-
this bare-bones code on page: <div class="list-container"> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> </div> <p><button class="add-list-item">add</button></p> <div class="list-container"> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> <div class="single-list-item"> <button>remove</button> </div> </div> <p><button class="add-list-item">add</button></p> <di
Read more

c - Unrecognised emulation mode: elf_i386 on MinGW32 -

-
i'm trying make kernel, , cannot link c output assembly. ld . i'm getting error: unrecognized emulation mode: elf_i386 i'm using windows 10 professional mingw32 , msys. code using: link.ld /* * link.ld */ output_format(elf32-i386) entry(start) sections { . = 0x100000; .text : { *(.text) } .data : { *(.data) } .bss : { *(.bss) } } kernel.c /* * kernel.c */ void kmain(void) { const char *str = "my first kernel"; char *vidptr = (char*)0xb8000; //video mem begins here. unsigned int = 0; unsigned int j = 0; /* loops clears screen * there 25 lines each of 80 columns; each element takes 2 bytes */ while(j < 80 * 25 * 2) { /* blank character */ vidptr[j] = ' '; /* attribute-byte - light grey on black screen */ vidptr[j+1] = 0x07; j = j + 2; } j = 0; /* loop writes string video memory */ while(str[j] != '\0') { /
Read more