Sha256: 21f59ce947bdaeace8bd84291d999cb04ee8972b950cd3f269fa6197912448f9

Contents?: true

Size: 1.05 KB

Versions: 1

Compression:

Stored size: 1.05 KB

Contents

module SignedForm
  module ActionController

    # This module is required for parameter verification on the controller.
    # Include it in controllers that will be receiving signed forms.
    module PermitSignedParams
      def self.included(base)
        if base.respond_to? :prepend_before_action
            base.prepend_before_action :permit_signed_form_data
        else
            base.prepend_before_filter :permit_signed_form_data
        end

        gem 'strong_parameters' unless defined?(::ActionController::Parameters)
      end

      protected

      def permit_signed_form_data
        return if request.method == 'GET' || params['form_signature'].blank?

        gate_keeper = GateKeeper.new(self)

        gate_keeper.allowed_attributes.each do |k, v|
          next if params[k].nil? || v.empty?
          params[k] = params[k].permit(*v)
        end
      rescue Errors::ExpiredForm
        if defined?(Rails)
          render 'signed_form/expired_form', status: 500, layout: nil
        else
          raise
        end
      end
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
signed_form-0.5.0 lib/signed_form/action_controller/permit_signed_params.rb