Actions
Feature #3917
closed
Add strong_parameters to foreman
Added by David Davis over 11 years ago. Updated almost 7 years ago.
Updated by Dominic Cleal over 11 years ago
https://github.com/theforeman/foreman/pull/1102 for background.
Updated by David Davis about 11 years ago
- Subject changed from Add strong_parameters gem to foreman to Add strong_parameters to foreman
Updated by Ohad Levy over 10 years ago
- Blocks Feature #7512: upgrade to rails 4.x added
Updated by Ohad Levy over 10 years ago
- Is duplicate of Bug #1519: rails security problem added
Updated by Ohad Levy over 10 years ago
- Blocks Tracker #3157: Rails 4.1 upgrade tasks added
Updated by Ohad Levy over 10 years ago
- Blocks deleted (Feature #7512: upgrade to rails 4.x)
Updated by
Updated by Joseph Magen over 10 years ago
- Related to Bug #7594: extract params defined in apipie documentation to use for strong parameters added
Updated by Ohad Levy over 10 years ago
- Translation missing: en.field_release set to 21
Updated by The Foreman Bot over 10 years ago
- Status changed from Assigned to Ready For Testing
- Target version set to 1.7.2
- Pull request https://github.com/theforeman/foreman/pull/1819 added
- Pull request deleted (
)
Updated by David Davis over 10 years ago
- Related to Refactor #7816: Refactor code now that foreman has strong_params added
Updated by David Davis over 10 years ago
- Related to deleted (Refactor #7816: Refactor code now that foreman has strong_params)
Updated by David Davis over 10 years ago
- Blocks Refactor #7816: Refactor code now that foreman has strong_params added
Updated by David Davis over 10 years ago
- Blocks deleted (Refactor #7816: Refactor code now that foreman has strong_params)
Updated by Dominic Cleal over 10 years ago
- Translation missing: en.field_release deleted (
21)
Updated by Dominic Cleal almost 10 years ago
- Status changed from Ready For Testing to New
- Assignee deleted (
Shlomi Zadok) - Pull request added
- Pull request deleted (
https://github.com/theforeman/foreman/pull/1819)
Updated by The Foreman Bot almost 10 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2509 added
- Pull request deleted (
)
Updated by Dominic Cleal over 9 years ago
- Related to Bug #7568: Use attr_accessible for rails 4 upgrade added
Updated by Dominic Cleal over 9 years ago
- Blocks deleted (Tracker #3157: Rails 4.1 upgrade tasks)
Updated by Dominic Cleal over 9 years ago
- Status changed from Ready For Testing to New
- Pull request deleted (
https://github.com/theforeman/foreman/pull/2509)
PR was closed.
Updated by Dominic Cleal almost 9 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
- Target version deleted (
1.7.2)
Updated by Dominic Cleal almost 9 years ago
- Blocks Tracker #15715: Rails 5.0 upgrade tasks added
Updated by The Foreman Bot almost 9 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/3659 added
Updated by David Davis almost 9 years ago
- Related to Feature #15741: Use parameter_filter instead of attr_accessible added
Updated by Lukas Zapletal almost 9 years ago
- Related to Refactor #15750: Add strong parameters to Discovery Plugin added
Updated by David Davis almost 9 years ago
- Related to Feature #15888: Remove calls to attr_accessible added
Updated by Dominic Cleal almost 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 12612809c5deb885b13ceaf36b6a147c21688eb5.
Updated by Dominic Cleal almost 9 years ago
- Translation missing: en.field_release set to 160
Updated by Timo Goebel almost 9 years ago
- Related to Bug #15951: host's interfaces_attributes compute_attributes not passed to vm added
Updated by Stephen Benjamin almost 9 years ago
- Related to Bug #15958: Move to using strong parameters added
Updated by Anonymous almost 9 years ago
- Related to Bug #16002: move to strong parameters added
Updated by Dominic Cleal over 8 years ago
- Related to Bug #16025: Import subnets from proxy returns 500 added
Updated by Ondřej Pražák over 8 years ago
- Related to Bug #16096: Remove attr_accessible from models added
Updated by Dominic Cleal over 8 years ago
- Related to Bug #16264: Template combinations cannot be created added
Updated by Dominic Cleal over 8 years ago
- Related to Bug #16376: required flag not set from puppetclass added
Updated by Dominic Cleal over 8 years ago
- Related to Bug #16578: Resolve templates button throws undefined method `[]' for nil:NilClass on image hosts added
Updated by Dominic Cleal over 8 years ago
- Related to Bug #17170: NIC page does not reload when Bond is selected added
Updated by Dominic Cleal over 8 years ago
- Related to Bug #17300: Attached devices not saved when editing bond network interfaces added
Updated by Tomer Brisker about 8 years ago
- Related to Bug #19417: keep_params throws error if params don't contain top level hash added
Updated by Tomer Brisker over 7 years ago
- Related to Feature #22285: Present error message when passing integer when array expected for API call added
Added by Dominic Cleal almost 9 years ago
Added by Dominic Cleal almost 9 years ago
Packaging - Revision 87526d1e (diff)
refs #3917 - remove protected_attributes requirement
Actions
fixes #3917 - replace protected_attrs with strong parameters
Filtering of attributes has moved from the protected_attributes gem to
strong parameters in controller concerns, to be in line with current
Rails recommendations.
Concerns are shared between UI and both API controllers and list the
attributes using Foreman::ParameterFilter, which provides additional
features:
1. Registration of additional attributes from plugins, through the
plugin API or `attr_accessible` for short term compatibility.
2. Re-use of permitted attribute lists for nested models (e.g. host
and interface).
3. Combining of lists of attributes from all sources in a single
permit call.
4. A small DSL for changing accepted parameters based on controller,
action and UI/API type.
Plugins should either temporarily depend on protected_attributes to
continue to protect their models or call permit/use ParameterFilter
similarly: http://projects.theforeman.org/projects/foreman/wiki/Strong_parameters
Some UI changes were required to make nested model hash keys all
integers instead of "new_123456" etc, else strong parameters would
filter the entries out.
The Role model's builtin default has been moved from initialize to the
database as the removal of protected_attrs changed the initialisation
order.