Feature #3917
Add strong_parameters to foreman
Team Backlog:
Fixed in Releases:
Found in Releases:
Related issues
Associated revisions
refs #3917 - remove protected_attributes requirement
History
#1
Updated by Dominic Cleal over 5 years ago
Updated by https://github.com/theforeman/foreman/pull/1102 for background.
#2
Updated by David Davis about 5 years ago
Updated by - Subject changed from Add strong_parameters gem to foreman to Add strong_parameters to foreman
#3
Updated by David Davis about 5 years ago
- Assignee deleted (
David Davis)
#4
Updated by Ohad Levy over 4 years ago
Updated by - Blocks Feature #7512: upgrade to rails 4.x added
#5
Updated by Ohad Levy over 4 years ago
- Is duplicate of Bug #1519: rails security problem added
#6
Updated by Ohad Levy over 4 years ago
- Status changed from New to Duplicate
#7
Updated by Ohad Levy over 4 years ago
- Status changed from Duplicate to New
#8
Updated by Ohad Levy over 4 years ago
- Category set to Rails
#9
Updated by Ohad Levy over 4 years ago
- Blocks Tracker #3157: Rails 4.1 upgrade tasks added
#10
Updated by Ohad Levy over 4 years ago
- Blocks deleted (Feature #7512: upgrade to rails 4.x)
#11
Updated by Shlomi Zadok over 4 years ago
Updated by - Assignee set to Shlomi Zadok
#12
Updated by Shlomi Zadok over 4 years ago
- Status changed from New to Assigned
#13
Updated by Joseph Magen over 4 years ago
Updated by - Related to Bug #7594: extract params defined in apipie documentation to use for strong parameters added
#14
Updated by Ohad Levy over 4 years ago
- Legacy Backlogs Release (now unused) set to 21
#15
Updated by The Foreman Bot over 4 years ago
Updated by - Status changed from Assigned to Ready For Testing
- Target version set to 1.7.2
- Pull request https://github.com/theforeman/foreman/pull/1819 added
- Pull request deleted (
)
#16
Updated by David Davis over 4 years ago
- Related to Refactor #7816: Refactor code now that foreman has strong_params added
#17
Updated by David Davis over 4 years ago
- Related to deleted (Refactor #7816: Refactor code now that foreman has strong_params)
#18
Updated by David Davis over 4 years ago
- Blocks Refactor #7816: Refactor code now that foreman has strong_params added
#19
Updated by David Davis over 4 years ago
- Blocks deleted (Refactor #7816: Refactor code now that foreman has strong_params)
#20
Updated by Dominic Cleal over 4 years ago
- Legacy Backlogs Release (now unused) deleted (
21)
#21
Updated by Dominic Cleal almost 4 years ago
- Status changed from Ready For Testing to New
- Assignee deleted (
Shlomi Zadok) - Pull request added
- Pull request deleted (
https://github.com/theforeman/foreman/pull/1819)
#22
Updated by The Foreman Bot almost 4 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2509 added
- Pull request deleted (
)
#23
Updated by Dominic Cleal over 3 years ago
- Related to Bug #7568: Use attr_accessible for rails 4 upgrade added
#24
Updated by Dominic Cleal over 3 years ago
- Blocks deleted (Tracker #3157: Rails 4.1 upgrade tasks)
#25
Updated by Dominic Cleal over 3 years ago
- Status changed from Ready For Testing to New
- Pull request deleted (
https://github.com/theforeman/foreman/pull/2509)
PR was closed.
#26
Updated by Dominic Cleal almost 3 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
- Target version deleted (
1.7.2)
#27
Updated by Dominic Cleal almost 3 years ago
- Blocks Tracker #15715: Rails 5.0 upgrade tasks added
#28
Updated by The Foreman Bot almost 3 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/3659 added
#29
Updated by David Davis almost 3 years ago
- Related to Feature #15741: Use parameter_filter instead of attr_accessible added
#30
Updated by Lukas Zapletal almost 3 years ago
Updated by - Related to Refactor #15750: Add strong parameters to Discovery Plugin added
#31
Updated by David Davis almost 3 years ago
- Related to Feature #15888: Remove calls to attr_accessible added
#32
Updated by Dominic Cleal almost 3 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 12612809c5deb885b13ceaf36b6a147c21688eb5.
#33
Updated by Dominic Cleal almost 3 years ago
- Legacy Backlogs Release (now unused) set to 160
#34
Updated by Timo Goebel almost 3 years ago
Updated by - Related to Bug #15951: host's interfaces_attributes compute_attributes not passed to vm added
#35
Updated by Stephen Benjamin almost 3 years ago
Updated by - Related to Bug #15958: Move to using strong parameters added
#36
Updated by Michael Moll almost 3 years ago
Updated by - Related to Bug #16002: move to strong parameters added
#37
Updated by Dominic Cleal almost 3 years ago
- Related to Bug #16025: Import subnets from proxy returns 500 added
#38
Updated by Ondřej Pražák almost 3 years ago
Updated by - Related to Bug #16096: Remove attr_accessible from models added
#39
Updated by Dominic Cleal almost 3 years ago
- Related to Bug #16264: Template combinations cannot be created added
#40
Updated by Dominic Cleal over 2 years ago
- Related to Bug #16376: required flag not set from puppetclass added
#41
Updated by Dominic Cleal over 2 years ago
- Related to Bug #16578: Resolve templates button throws undefined method `[]' for nil:NilClass on image hosts added
#42
Updated by Dominic Cleal over 2 years ago
- Related to Bug #17170: NIC page does not reload when Bond is selected added
#43
Updated by Dominic Cleal over 2 years ago
- Related to Bug #17300: Attached devices not saved when editing bond network interfaces added
#44
Updated by Tomer Brisker about 2 years ago
Updated by - Related to Bug #19417: keep_params throws error if params don't contain top level hash added
#45
Updated by Tomer Brisker over 1 year ago
- Related to Feature #22285: Present error message when passing integer when array expected for API call added
fixes #3917 - replace protected_attrs with strong parameters
Filtering of attributes has moved from the protected_attributes gem to
strong parameters in controller concerns, to be in line with current
Rails recommendations.
Concerns are shared between UI and both API controllers and list the
attributes using Foreman::ParameterFilter, which provides additional
features:
1. Registration of additional attributes from plugins, through the
plugin API or `attr_accessible` for short term compatibility.
2. Re-use of permitted attribute lists for nested models (e.g. host
and interface).
3. Combining of lists of attributes from all sources in a single
permit call.
4. A small DSL for changing accepted parameters based on controller,
action and UI/API type.
Plugins should either temporarily depend on protected_attributes to
continue to protect their models or call permit/use ParameterFilter
similarly: http://projects.theforeman.org/projects/foreman/wiki/Strong_parameters
Some UI changes were required to make nested model hash keys all
integers instead of "new_123456" etc, else strong parameters would
filter the entries out.
The Role model's builtin default has been moved from initialize to the
database as the removal of protected_attrs changed the initialisation
order.