Rails4 Strong Parameter Gotcha for Beginners
Rails 4
gotcha for noobies(like me) — Strong Parameters
Rails 4
now comes with strong_parameters gem as part of standard installation now. For example if you run rails g scaffold product name price:decimal
, the following will be generated in app/controllers/products_controller.rb
under private
methods section.
1 2 3 4 |
|
As the comments suggested, product_params
will only allow a whitelist of product attributes. This is done by using permit
method as shown above.
Now the gotcha part… When you add new columns using rails g migration add_stock_to_product stock:integer
, rake db:migrate
, changing the corresponding scaffold html.erb
files. You expect the new product attribute stock
to work, but it won’t. You still need to add :stock
hash to permit
method like the following.
1 2 3 4 |
|
I kept forgetting adding new attribute to permit
. Thus render controller methods not recognizing new attributes. It got me twice, so putting a note here. Hopefully helping someone on the way.