{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 何必那么认真 的问题《strong parameter and json input rails 4》','https://www.manongdao.com/q-327939.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am trying to save data through JSON String in which I have nested associated attributes. I do not want to use attr_accessible. I almost got the logic of strong parameter but still got the problem to make them work. I am getting JSON string and using it to save data using this
data = request.body.read
@inputData = Person.new(JSON.parse(data))
@inputData.save!
if@inputData.valid?
render :status => 200, :json => "Data inserted successfully"
else
render :status => 404, :json => "Not Inserted "
end
I have defined permit strong parameter method allow nested attributes like this
def referral_params
params.require(:person).permit(:id, user_attributes: [:id, :first_name, :last_name, :email], device_attributes: [:id, :os_type, :os_version], location_attributes: [:id, :latitude, :longitude], duration_attributes[:id, :start_time, :end_time]) end
But I am not sure how to use this regerral_params method along with JSON input string....
You could try changing your
referral_paramsmethod to this:The first line inside the method parses your JSON (which returns a Ruby hash, if I remember correctly) and creates a new
ActionController::Parametersobject from that. The second one usespermitandrequireon that params-like object.paramsis usually automatically created from post data key/value pairs, and will be of the typeActionController::Parameters. To usepermitandrequire, you have to create an object of that class manually from a hash.To then use these sanitized params, you have to change
to