About rails strong parameters

What are strong parameters?

Is the parameter sent from the web to the server the intended data? It is a mechanism to acquire and register after verification. __view file __

sample.html


<%= form_for @sample do |f| %>
 <div class="name_from">
   <%= f.text_field :name, placeholder: "Enter your username" %>
 </div>
 
<div class="addles_from">
   <%= f.text_field :addles, placeholder: "Enter your address" %>
 </div>
 
<div class="mail_from">
   <%= f.text_field :mail, placeholder: "Enter your email address" %>
 </div>

 <div class="actions">
  <%= f.submit %>
</div>
<% end %>

controller

sample_controller.rb


def index
end

def create
  Sample.create(sample_params)
end

private

def sample_params
  params.permit(:name, :mail)
end

Processing order The request parameters entered on the screen are hashed and passed to the controlr's action. I will omit it a lot, but this time, I will proceed assuming that the process is passed to the create action. When the process is passed to the __create action __, the __sample_params action __ is called in the action. In the __sample_params action __, the request parameter will only get the intended value. The __params.permit method __ is used. This __permit method __ is pretty important, and if you use this method, Gets only the intended request parameters, creates a new hash type, and returns a value in the create action. This time, it is easy to understand, and the argument of __permit method __ is only : name,: mail. The request parameters are __ {name: "aaa", addles: "Tokyo", mail: "bbb @ bbb"} __ It was sent to the server and the value of the request parameter was sent to the create action of the sample controller. Three parameters have been sent, but the only values I want are the values : name,: mail, so they were sent. __addles: "Tokyo" is played. __ In this way, in order to prevent unintended values from being transmitted, falsifying data, and registering illegal data, Strong parameters are required. Roughly speaking, strong parameters are such a mechanism to acquire only the intended parameters. By the way, the value of the parameter returned by the __permit method __ is like this. When sending (request parameter __ {name: "aaa", addles: "Tokyo", mail: "bbb @ bbb"} __

Return value after processing __permit method __ {name: "aaa", mail: "[email protected]"} It removes unnecessary parameters in this way and returns a new hash.

Recommended Posts

About rails strong parameters
[rails] What are Strong Parameters?
About Rails 6
[Strong parameters]
About require when setting strong parameters
About Rails routing
[Rails] About migration files
[Rails 6] About main gems
[Rails] About active hash
About rails version specification
[Rails] How to get the contents of strong parameters
About naming Rails model methods
[Rails] About scss folder structure
[Rails] About Rspec response test
Pass parameters to Rails link_to
About Rails scraping method Mechanize
[Rails] About implementation of like function
[Rails] About helper method form_with [Basic]
About =
[Rails 6.0] About batch saving of multiple records
[Ruby on Rails] About Active Record callbacks
[Rails] About local: true described in form_with