Params
Params management
From Rails 4 onwards, Strong Params have been introduced in Rails. These are a way of forcing developers to whitelist the params they expect before using mass assignment, eg. if the params look like this: <ActionController::Parameters {"first_name"=>"John", "last_name": "Doe"} permitted: true>
then we could do User.update(params)
because as we can see these params have been whitelisted. However in SeraphinWeb we don't use mass assignment, because we almost exclusively use our own form of whitelisting:
When we pass the params to a forms, these only assign the expected attributes to a model (instead of assigning whatever was sent to the form)
In presenters we extract the needed attributes from the params in the initialize method
Params are an ActionController::Parameters
object, which the forms can handle nicely because they access the attributes they need by key. However there are certain use cases where we need params to be a hash. To transform them with to_h
we need them to be permitted first.
Merging multiple param categories
Sending the params to an external service
Keeping these exceptions in mind, this is the convention for using params in SeraphinWeb:
A method named
something_params
is always anActionController::Parameters
object, for which by default we don't permit the attributes because we assume they will be further down the line:
If we need them to be permitted (because we need the params to be a hash), we permit them inside this method but they still remain an object. We only transform them to a hash when we need the hash.
We put 2 spaces before private:
Last updated