module Api::V1::Users::ControllerBase::StrongParameters

def user_params

Only allow a list of trusted parameters through.

def user_params
  password_fields = [
    :email,
    :password,
    :current_password,
    :password_confirmation
  ]
  general_fields = [
    :first_name,
    :last_name,
    :time_zone,
    :locale,
    :profile_photo_id, # For Cloudinary
    :profile_photo,    # For ActiveStorage
    :profile_photo_removal
  ]
  selected_fields = if params.is_a?(BulletTrain::Api::StrongParametersReporter)
    password_fields + general_fields
  else
    (params["commit"] == t(".buttons.update_email_and_password")) ? password_fields : general_fields
  end
  strong_params = params.require(:user).permit(
    *permitted_fields,
    *selected_fields,
    # 🚅 super scaffolding will insert new fields above this line.
    *permitted_arrays,
    # 🚅 super scaffolding will insert new arrays above this line.
  )
  process_params(strong_params)
  strong_params
end

Instance Methods

# user_params

Defined in

app/controllers/concerns/api/v1/users/controller_base.rb

Modules

Classes

module Api::V1::Users::ControllerBase::StrongParameters

def user_params

Instance Methods

Defined in