Strong parameters: how to resolve parameters using conditions

Question

Strong parameters: how to resolve parameters using conditions

I cannot allow certain parameters depending on the current role of the user.

For example: only allows the attribute roleif the user is an administrator.

Is it possible?

+4

ruby-on-rails strong-parameters

Nicolas garnil Oct 10 '14 at 19:26

source share

1 answer

Fred perrin · Accepted Answer · 2014-10-10T20:05:27+0000

Yes it is possible.

You can do something like this:

def user_params
  # List of common params
  list_params_allowed = [:email, :title, :last_name, :first_name, :phone]
  # Add the params only for admin
  list_params_allowed << :role if current_user.admin?
  params.require(:user).permit(list_params_allowed)
end

Thus, if you have new options, you need to add only one list (avoids errors).

If several parameters are added for the administrator, you can do this as follows:

list_params_allowed << :role << other_param << another_param if current_user.admin?

I hope for this help.

Strong parameters: how to resolve parameters using conditions

More articles: