Ruby on Rails Tutorial => Filtering parameters (Basic)

Example

class UsersController < ApplicationController
  def index
    respond_to do |format|
      format.html do
        render html: "Hello #{ user_params[:name] } user_params[:sentence]"
      end
    end 
  end

  private

  def user_params
    if params[:name] == "john"
      params.permit(:name, :sentence)
    else
      params.permit(:name)
    end
  end
end

You can allow (or reject) some params so that only what you want will pass through and you won't have bad surprises like user setting options not meant to be changed.

Visiting /users?name=john&sentence=developer will display Hello john developer, however visiting /users?name=smith&sentence=spy will display Hello smith only, because :sentence is only allowed when you access as john

PDF - Download Ruby on Rails for free

Previous Next

Ruby on Rails

Fastest Entity Framework Extensions

Example

Got any Ruby on Rails Question?

Ruby on Rails

Ruby on Rails ActionController Filtering parameters (Basic)

Fastest Entity Framework Extensions

Example

Got any Ruby on Rails Question?