app/controllers/plugins/ecommerce/admin/coupons_controller.rb in camaleon_ecommerce-1.1 vs app/controllers/plugins/ecommerce/admin/coupons_controller.rb in camaleon_ecommerce-1.2
- old
+ new
@@ -1,13 +1,5 @@
-=begin
- Camaleon CMS is a content management system
- Copyright (C) 2015 by Owen Peredo Diaz
- Email: owenperedo@gmail.com
- This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
- This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- See the GNU Affero General Public License (GPLv3) for more details.
-=end
class Plugins::Ecommerce::Admin::CouponsController < Plugins::Ecommerce::AdminController
before_action :set_order, only: ['show','edit','update','destroy']
def index
@coupons = current_site.coupons.paginate(:page => params[:page], :per_page => current_site.admin_per_page)
@@ -26,24 +18,22 @@
add_breadcrumb("#{t('camaleon_cms.admin.button.edit')}")
render 'form'
end
def create
- data = params[:plugins_ecommerce_coupon]
- @coupon = current_site.coupons.new(data)
+ @coupon = current_site.coupons.new(coupons_permit_data)
if @coupon.save
@coupon.set_meta('_default', params[:options])
flash[:notice] = t('camaleon_cms.admin.post_type.message.created')
redirect_to action: :index
else
render 'form'
end
end
def update
- data = params[:plugins_ecommerce_coupon]
- if @coupon.update(data)
+ if @coupon.update(coupons_permit_data)
@coupon.set_meta('_default', params[:options])
flash[:notice] = t('camaleon_cms.admin.post_type.message.updated')
redirect_to action: :index
else
render 'form'
@@ -52,9 +42,13 @@
private
+
+ def coupons_permit_data
+ params.require(:plugins_ecommerce_coupon).permit!
+ end
def set_order
@coupon = current_site.coupons.find(params[:id])
end
end