Project hook, milestone, snippet strong params

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Project hook, milestone, snippet strong params
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2acde87e · Dmitriy Zaporozhets · e382c8df · 2acde87e · 2acde87e · 2acde87e
Commit 2acde87e authored Jun 26, 2014 by Dmitriy Zaporozhets
8 changed files
--- a/app/controllers/admin/hooks_controller.rb
+++ b/app/controllers/admin/hooks_controller.rb
@@ -5,7 +5,7 @@ class Admin::HooksController < Admin::ApplicationController
  end

  def create
-    @hook = SystemHook.new(params[:hook])
+    @hook = SystemHook.new(hook_params)

    if @hook.save
      redirect_to admin_hooks_path, notice: 'Hook was successfully created.'
@@ -37,4 +37,8 @@ class Admin::HooksController < Admin::ApplicationController

    redirect_to :back
  end
+
+  def hook_params
+    params.require(:hook).permit(:url)
+  end
 end
--- a/app/controllers/projects/hooks_controller.rb
+++ b/app/controllers/projects/hooks_controller.rb
@@ -42,6 +42,6 @@ class Projects::HooksController < Projects::ApplicationController
  end

  def hook_params
-    params.require(:hook).permit(:url)
+    params.require(:hook).permit(:url, :push_events, :issues_events, :merge_requests_events, :tag_push_events)
  end
 end
--- a/app/controllers/projects/milestones_controller.rb
+++ b/app/controllers/projects/milestones_controller.rb
@@ -37,7 +37,7 @@ class Projects::MilestonesController < Projects::ApplicationController
  end

  def create
-    @milestone = Milestones::CreateService.new(project, current_user, params[:milestone]).execute
+    @milestone = Milestones::CreateService.new(project, current_user, milestone_params).execute

    if @milestone.save
      redirect_to project_milestone_path(@project, @milestone)
@@ -47,7 +47,7 @@ class Projects::MilestonesController < Projects::ApplicationController
  end

  def update
-    @milestone = Milestones::UpdateService.new(project, current_user, params[:milestone]).execute(milestone)
+    @milestone = Milestones::UpdateService.new(project, current_user, milestone_params).execute(milestone)

    respond_to do |format|
      format.js
@@ -105,4 +105,8 @@ class Projects::MilestonesController < Projects::ApplicationController
  def module_enabled
    return render_404 unless @project.issues_enabled
  end
+
+  def milestone_params
+    params.require(:milestone).permit(:title, :description, :due_date, :state_event)
+  end
 end
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -25,7 +25,7 @@ class Projects::SnippetsController < Projects::ApplicationController
  end

  def create
-    @snippet = @project.snippets.build(params[:project_snippet])
+    @snippet = @project.snippets.build(snippet_params)
    @snippet.author = current_user

    if @snippet.save
@@ -39,7 +39,7 @@ class Projects::SnippetsController < Projects::ApplicationController
  end

  def update
-    if @snippet.update_attributes(params[:project_snippet])
+    if @snippet.update_attributes(snippet_params)
      redirect_to project_snippet_path(@project, @snippet)
    else
      respond_with(@snippet)
@@ -86,4 +86,8 @@ class Projects::SnippetsController < Projects::ApplicationController
  def module_enabled
    return render_404 unless @project.snippets_enabled
  end
+
+  def snippet_params
+    params.require(:project_snippet).permit(:title, :content, :file_name, :private)
+  end
 end
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -51,7 +51,7 @@ class SnippetsController < ApplicationController
  end

  def create
-    @snippet = PersonalSnippet.new(params[:personal_snippet])
+    @snippet = PersonalSnippet.new(snippet_params)
    @snippet.author = current_user

    if @snippet.save
@@ -65,7 +65,7 @@ class SnippetsController < ApplicationController
  end

  def update
-    if @snippet.update_attributes(params[:personal_snippet])
+    if @snippet.update_attributes(snippet_params)
      redirect_to snippet_path(@snippet)
    else
      respond_with @snippet
@@ -109,4 +109,8 @@ class SnippetsController < ApplicationController
  def set_title
    @title = 'Snippets'
  end
+
+  def snippet_params
+    params.require(:personal_snippet).permit(:title, :content, :file_name, :private)
+  end
 end
--- a/app/models/milestone.rb
+++ b/app/models/milestone.rb
@@ -16,8 +16,6 @@
 class Milestone < ActiveRecord::Base
  include InternalId

-  #attr_accessible :title, :description, :due_date, :state_event
-
  belongs_to :project
  has_many :issues
  has_many :merge_requests

--- a/app/models/project_hook.rb
+++ b/app/models/project_hook.rb
@@ -18,8 +18,6 @@
 class ProjectHook < WebHook
  belongs_to :project

-  #attr_accessible :push_events, :issues_events, :merge_requests_events, :tag_push_events
-
  scope :push_hooks, -> { where(push_events: true) }
  scope :tag_push_hooks, -> { where(tag_push_events: true) }
  scope :issue_hooks, -> { where(issues_events: true) }

--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -18,8 +18,6 @@
 class Snippet < ActiveRecord::Base
  include Linguist::BlobHelper

-  #attr_accessible :title, :content, :file_name, :expires_at, :private
-
  default_value_for :private, true

  belongs_to :author, class_name: "User"