NPO-Accounting/houdini
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(event): add strong params

Browse source
This commit is contained in:
Luis Castro 2019-08-06 16:05:43 +02:00 committed by Eric Schultz
parent 567830b9be
commit 63b1b25cee
2 changed files with 39 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
app/controllers/events_controller.rb
View file

@ -31,21 +31,21 @@ class EventsController < ApplicationController
def create
render_json do
Time.use_zone(current_nonprofit.timezone || 'UTC') do
params[:event][:start_datetime] = Chronic.parse(params[:event][:start_datetime]) if params[:event][:start_datetime].present?
params[:event][:end_datetime] = Chronic.parse(params[:event][:end_datetime]) if params[:event][:end_datetime].present?
event_params[:start_datetime] = Chronic.parse(event_params[:start_datetime]) if event_params[:start_datetime].present?
event_params[:end_datetime] = Chronic.parse(event_params[:end_datetime]) if event_params[:end_datetime].present?
end
flash[:notice] = 'Your draft event has been created! Well done.'
ev = current_nonprofit.events.create(params[:event])
ev = current_nonprofit.events.create(event_params)
{ url: "/events/#{ev.slug}", event: ev }
end
end
def update
Time.use_zone(current_nonprofit.timezone || 'UTC') do
params[:event][:start_datetime] = Chronic.parse(params[:event][:start_datetime]) if params[:event][:start_datetime].present?
params[:event][:end_datetime] = Chronic.parse(params[:event][:end_datetime]) if params[:event][:end_datetime].present?
event_params[:start_datetime] = Chronic.parse(event_params[:start_datetime]) if event_params[:start_datetime].present?
event_params[:end_datetime] = Chronic.parse(event_params[:end_datetime]) if event_params[:end_datetime].present?
end
current_event.update_attributes(params[:event])
current_event.update_attributes(event_params)
json_saved current_event, 'Successfully updated'
end
@ -77,4 +77,10 @@ class EventsController < ApplicationController
def name_and_id
render json: QueryEvents.name_and_id(current_nonprofit.id)
end
private
def event_params
params.require(:event).permit(:deleted, :name, :tagline, :summary, :body, :end_datetime, :start_datetime, :latitude, :longitude, :location, :city, :state_code, :address, :zip_code, :main_image, :remove_main_image, :background_image, :remove_background_image, :published, :slug, :directions, :venue_name, :profile_id, :ticket_levels_attributes, :show_total_raised, :show_total_count, :hide_activity_feed, :nonprofit_id, :hide_title, :organizer_email, :receipt_message)
end
end

2
app/models/event.rb
View file

@ -2,8 +2,6 @@
# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
class Event < ApplicationRecord
# TODO
# attr_accessible \
# :deleted, #bool for soft-delete
# :name, # str
# :tagline, # str