module CanField::ControllerAdditions::ClassMethods

Public Instance Methods

permit_can_field_constraints() click to toggle source
# File lib/can_field/controller_additions.rb, line 4
def permit_can_field_constraints
  resource_name = self.to_s.sub("Controller", "").underscore.split('/').last.singularize
  model = Kernel.const_get(resource_name.camelcase)

  [:update, :create].each do |action|
    prepend_before_filter(only: action) do
      if params.has_key?(resource_name)
        keys = allowed_fields_for action, model
        if keys == [:all]
          self.params[resource_name] = params[resource_name].permit!
        else
          self.params[resource_name] = params[resource_name].permit *keys
        end
      else
        self.params = params.permit, *keys
      end
    end
  end
end