{"id":15692070,"url":"https://github.com/adamcooke/parameter_sets","last_synced_at":"2025-05-08T02:20:26.502Z","repository":{"id":29571001,"uuid":"122091891","full_name":"adamcooke/parameter_sets","owner":"adamcooke","description":"🍔 A friendly schema for defining permitted parameters in Rails controllers","archived":false,"fork":false,"pushed_at":"2023-01-20T02:01:35.000Z","size":20,"stargazers_count":8,"open_issues_count":6,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-31T16:26:39.729Z","etag":null,"topics":["actioncontroller","activemodel","activerecord","parameters","rails"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adamcooke.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"MIT-LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-19T16:46:30.000Z","updated_at":"2024-03-13T18:58:49.000Z","dependencies_parsed_at":"2023-02-11T23:01:38.265Z","dependency_job_id":null,"html_url":"https://github.com/adamcooke/parameter_sets","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamcooke%2Fparameter_sets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamcooke%2Fparameter_sets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamcooke%2Fparameter_sets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamcooke%2Fparameter_sets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adamcooke","download_url":"https://codeload.github.com/adamcooke/parameter_sets/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252984638,"owners_count":21835829,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actioncontroller","activemodel","activerecord","parameters","rails"],"created_at":"2024-10-03T18:28:40.000Z","updated_at":"2025-05-08T02:20:26.213Z","avatar_url":"https://github.com/adamcooke.png","language":"Ruby","readme":"# Parameter Sets\n\n[![Build Status](https://travis-ci.org/adamcooke/parameter_sets.svg?branch=master)](https://travis-ci.org/adamcooke/parameter_sets) [![Gem Version](https://badge.fury.io/rb/parameter_sets.svg)](https://badge.fury.io/rb/parameter_sets)\n\nParameter Sets allows you to use a simple schema that defines which attributes are permitted to be mass assigned to Active Model objects. The key goals of the library are:\n\n* To standardize a method of defining which attributes are permitted for mass assignment.\n* To allow the permitted attributes to be easily adjusted based on the request (for example the logged in user).\n* To allow the permitted attributes to be easily adjusted based on the state of the model they are being applied to.\n\n## Installation\n\nTo start using this library, you just need to add the gem to your Gemfile and run `bundle`.\n\n```ruby\ngem 'parameter_sets'\n```\n\n## Usage\n\nHere's an example of how this library can be used in its most basic form.\n\n```ruby\nclass BlogPostsController \u003c ApplicationController\n\n  param_set :blog_post do |r|\n    # Always permit the title \u0026 content to be set by anyone\n    r.permit :title, :content\n\n    # Only allow admin users to change the author of the blog post\n    if current_user.admin?\n      r.permit :author_id\n    end\n  end\n\n  def update\n    @blog_post.update(param_set(:blog_post))\n    @blog_post.save!\n  end\n\nend\n```\n\n### Defining parameter sets\n\nThe basic principle of this pattern allows you to define a parameter set within a controller. It replaces the usual pattern of using a `post_params` or `safe_params` instance method on the controller and adds some syntactic sugar around how to access the parameters.\n\nParameter sets are defined on a controller as shown in the example above. Each parameter set as a name which is the same name as that will be provided in the parameters themselves. For example, if you're submitting attributes like `post[title]`, the name should match the first part of the parameter (`post`).\n\nThe code below demonstrates all the options available when working with a param set.\n\n```ruby\nparam_set :blog_post do |r, object, options|\n\n  # This is the most simple way to permit an attribute\n  r.permit :title\n\n  # You can also pass multiple attributes to the permit method if needed\n  r.permit :title, :content, :excerpt\n\n  # Everything inside this block is evaluated int he context of the request\n  # that the params are being used within. This gives you access to make\n  # decisions based on other variables.\n  if logged_in? \u0026\u0026 current_user.admin?\n    # Only permit the author_id attribute if logged in as an admin user\n    r.permit :author_id\n  end\n\n  # Depending on how you access your parameters, you may also have access to\n  # the object that the param set relates to.\n  if object \u0026\u0026 object.persisted?\n    # Only allow permalinsk to be changed if the object has been saved\n    r.permit :permalink\n  end\n\n  # You can permit different types of attributes too if needed (the same as\n  # is used with normal permits)\n  r.permit :tags, []\n\n  # Finally, you'll have access to any options that are passed when generating\n  # the parameters\n  if options[:allow_passwords]\n    r.permit :password\n  end\n\nend\n```\n\n### Accessing safe parameters\n\nOnce you've defined your parameter sets, you can use the methods within your controller to access parameters.\n\n```ruby\n# Return all safe parameters for a given param set\nparam_set(:blog_post)\n\n# Return all safe parameters for a given param set with an object\nparam_set(:blog_post, @blog_post)\n\n# Return all safe parameters for a given param set with an object \u0026 options\nparam_set(:blog_post, @blog_post, :allow_passwords =\u003e true)\n\n# Return all safe parameters for a given object. The name will be determined\n# automatically based on the model name (BlogPost -\u003e blog_post etc...)\nparam_set(@blog_post)\n```\n\nIn practice, you'll find that your controllers may look a little like this.\n\n```ruby\ndef create\n  @blog_post = BlogPost.new(param_set(:blog_post))\n  # You'll find this instance, you don't have access to any `object` within the\n  # param set because none exists when the method was called.\n  if @blog_post.save\n    redirect_to @blog_post\n  end\nend\n\ndef update\n  if @blog_post.update(param_set_for(@blog_post))\n    redirect_to @blog_post\n  end\nend\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadamcooke%2Fparameter_sets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadamcooke%2Fparameter_sets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadamcooke%2Fparameter_sets/lists"}