feat(roles): add strong params

app/controllers/roles_controller.rb

@@ -7,7 +7,7 @@ class RolesController < ApplicationController
   before_action :authenticate_nonprofit_admin!
 
   def create
-    role = Role.create_for_nonprofit(params[:role][:name].to_sym, params[:role][:email], FetchNonprofit.with_params(params))
+    role = Role.create_for_nonprofit(role_params[:name].to_sym, role_params[:email], FetchNonprofit.with_params(params))
     json_saved role, 'User successfully added!'
   end
 
@@ -22,4 +22,10 @@ class RolesController < ApplicationController
       render json: {}
      end
   end
+
+  private
+
+  def role_params
+    params.require(:role).permit(:name, :email)
+  end
 end

app/models/role.rb

@@ -11,11 +11,9 @@ class Role < ApplicationRecord
     :event_editor          # //
   ].freeze
 
-  # TODO:
-  # attr_accessible \
-  #   :name,
-  #   :user_id, :user,
-  #   :host, :host_id, :host_type # nil, "Nonprofit", "Campaign", "Event"
+  # :name,
+  # :user_id, :user,
+  # :host, :host_id, :host_type # nil, "Nonprofit", "Campaign", "Event"
 
   belongs_to :user
   belongs_to :host, polymorphic: true