Removes specified parameters of an object
obj | Params key |
attrs | Attributes to restrict |
remove_params_from_object(:post, [:status, :author_id])
:api: plugin
# File lib/merb-param-protection.rb, line 143 143: def remove_params_from_object(obj, attrs = []) 144: unless params[obj].nil? 145: filtered = params 146: attrs.each {|a| filtered[obj].delete(a)} 147: @params = filtered 148: end 149: end
Restricts parameters of an object
obj | Params key |
attrs | Attributes to restrict |
restrict_params(:post, [:title, :body])
:api: plugin
# File lib/merb-param-protection.rb, line 161 161: def restrict_params(obj, attrs = []) 162: # Make sure the params for the object exists 163: unless params[obj].nil? 164: attrs = attrs.collect {|a| a.to_s} 165: trashed_params_keys = params[obj].keys - attrs 166: 167: # Store a hash of the key/value pairs we are going 168: # to remove in case we need them later. Lighthouse Bug # 105 169: @trashed_params = {} 170: trashed_params_keys.each do |key| 171: @trashed_params.merge!({key => params[obj][key]}) 172: end 173: 174: remove_params_from_object(obj, trashed_params_keys) 175: end 176: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.