/ - Diff - ソフトウェアエンジニアリング - Torutk

« 前 | 次 »

リビジョン 8af218b4

Make strong parameter instead of attr_accessible

         end
       end
       # This action is invoked by HTTP verb get and post.
+      #
       def new
         @term_categories = TermCategory.where(:project_id => @project.id).order(:position)
         @term = Term.new(params[:term])
         @term = Term.new(term_params)
         @term.name = CGI::unescapeHTML(params[:new_term_name])	if params[:new_term_name]
         @term.project_id = @project.id
-...
         @term_categories = TermCategory.where(:project_id => @project.id).order(:position)
         if request.post? || request.put? || request.patch?
           @term.attributes = params[:term]
           @term.attributes = term_params
           @term.updater_id = User.current.id
           if @term.save
             attach_files(@term, params[:attachments])
-...
       end
       def add_term_category
         @category = TermCategory.new(params[:category])
         @category = TermCategory.new(term_category_params)
         @category.project_id = @project.id
         if request.post? and @category.save
           respond_to do |format|
-...
         Attachment.attach_files(val, prm)
       end
       def term_params
         params.require(:term).permit(
           :project_id, :category_id, :author, :name, :name_en, :datatype, :codename, :description,
           :rubi, :abbr_whole
         ) if params[:term]
       end
       def term_category_params
         params.require(:category).permit(:name, :project_id, :position) if params[:category]
       end
     end

+              }
             end
           else
             @glossary_style = GlossaryStyle.new(params[:glossary_style])
             @glossary_style = GlossaryStyle.new(glossary_style_params)
           end
           @glossary_style.user_id = User.current.id
-...
         add_search_params(newparams)
         redirect_to(newparams)
       end
       private
       def glossary_style_params
         params.require(:glossary_style).permit(:groupby)
       end
     end

       def edit
         @category = TermCategory.find_by(project_id: @project.id,  id: params[:id])
         if request.patch? and @category.update_attributes(params[:category])
         if request.patch? and @category.update_attributes(term_category_params)
           flash[:notice] = l(:notice_successful_update)
           redirect_to :controller => 'term_categories', :action => 'index', :project_id => @project
         end
-...
         return ary.collect{|proj| "project_id = #{proj.id}" }.join(" OR ")
       end
       def term_category_params
         params.require(:category).permit(:name, :project_id, :position)
       end
     end

       belongs_to :project
       attr_accessible :groupby
       def grouping?
         case groupby
         when GroupByCategory

                       :type => 'terms',
                       :url => Proc.new {|o| {:controller => 'glossary', :action => 'show', :id => o.project, :term_id => o.id} }
       attr_accessible :project_id, :category_id, :author, :name, :name_en, :datatype, :codename, :description,
                       :rubi, :abbr_whole
       def author
         author_id ? User.find_by_id(author_id) : nil

       acts_as_list :scope => :project_id
       attr_accessible :name, :project_id, :position
       validates_presence_of :name
       validates_uniqueness_of :name, :scope => [:project_id]

他の形式にエクスポート: Unified diff