app/controllers/subscribes_controller.rb in enju_library-0.1.0.pre39 vs app/controllers/subscribes_controller.rb in enju_library-0.1.0.pre40

@@ -40,15 +40,15 @@
   end
 
   # POST /subscribes
   # POST /subscribes.json
   def create
-    @subscribe = Subscribe.new(params[:subscribe])
+    @subscribe = Subscribe.new(subscribe_params)
 
     respond_to do |format|
       if @subscribe.save
-        format.html { redirect_to @subscribe, notice:  t('controller.successfully_created', model:  t('activerecord.models.subscribe')) }
+        format.html { redirect_to @subscribe, notice: t('controller.successfully_created', model: t('activerecord.models.subscribe')) }
         format.json { render json: @subscribe, status: :created, location:  @subscribe }
       else
         format.html { render action: "new" }
         format.json { render json: @subscribe.errors, status: :unprocessable_entity }
       end
@@ -57,12 +57,12 @@
 
   # PUT /subscribes/1
   # PUT /subscribes/1.json
   def update
     respond_to do |format|
-      if @subscribe.update_attributes(params[:subscribe])
-        format.html { redirect_to @subscribe, notice:  t('controller.successfully_updated', model:  t('activerecord.models.subscribe')) }
+      if @subscribe.update_attributes(subscribe_params)
+        format.html { redirect_to @subscribe, notice: t('controller.successfully_updated', model: t('activerecord.models.subscribe')) }
         format.json { head :no_content }
       else
         format.html { render action: "edit" }
         format.json { render json: @subscribe.errors, status: :unprocessable_entity }
       end
@@ -76,7 +76,14 @@
 
     respond_to do |format|
       format.html { redirect_to subscribes_url }
       format.json { head :no_content }
     end
+  end
+
+  private
+  def subscribe_params
+    params.require(:subscribe).permit(
+      :subscription_id, :work_id, :start_at, :end_at
+    )
   end
 end