app/controllers/cadenero/v1/accounts_controller.rb in cadenero-0.0.2.b2 vs app/controllers/cadenero/v1/accounts_controller.rb in cadenero-0.0.2.b3

@@ -18,21 +18,28 @@
       #     owner_attributes: {email: "testy@example.com", password: "changeme", password_confirmation: "changeme"} }
       #
       # @return render JSON of [Cadenero::V1::Account] created and the status 201 Created: The request has been 
       #   fulfilled and resulted in a new resource being created.
       def create
-        @account = Cadenero::V1::Account.create_with_owner(params[:account])
+        @account = Cadenero::V1::Account.create_with_owner(account_params)
         if @account.valid?
           @account.create_schema
           @account.ensure_authentication_token!
           force_authentication!(@account.owner)
-          render json: @account, status: :created
+          render json: @account, serializer: AccountSerializer, status: :created
         else
           @data = {
             errors: @account.errors
           }
           render json: @data, status: :unprocessable_entity
         end
+      end
+
+      private
+      
+      # Permited parameters using strong parameters format
+      def account_params
+        params.require(:account).permit(:name, :subdomain, owner_attributes: [:email, :password, :password_confirmation])
       end
     end
   end
 end