When defining a virtual setter method that relies on another method to be set, it appears that the order of the attributes being set in the hash matters. Is there a way around this while still mass-assigning attributes?
https://gist.github.com/3629539
EDIT
The condition in the real code, not shown in the example, is checking for the existence of an associated object. If the object exists, set a value. If not, ignore the value passed in. However, I am also using accepts_nested_attributes_for. So, the attribute hash may contain the attributes for the association. In which case, the object will exist.
{:name => 'Fred', :nested_attributes => {:color => 'red'}}
Name will not be set because the model will not exist.
{:nested_attributes => {:color => 'red'}, :name => 'Fred'}
accepts_nested_attributes_for will build a Nested instance, then set the attributes. When the name is to be set, the instance will exist and the nested attribute will be set.
Had a similar issue, and I came to the following reasonably generic solution:
def assign_attributes(new_attributes)
assign_first = new_attributes.extract!(:must_be_set_first, :must_also_be_set_first)
super(assign_first) unless assign_first.empty?
super(new_attributes)
end
Using super with the extracted param values you need set first ensures you handle all the weird special cases for attribute assignment (is it a reference? a params hash? a multi-value param?). Calling assign_attributes repeatedly with parts of a hash really should have the same effects as calling it with the whole hash once - this should be reasonably safe.
The only solution I can think of right now is to override the attributes setter...
def attributes=(attrs)
self[:dont_set_name] = attrs.delete(:dont_set_name)
super
end
Related
Strong parameters has me very confused. I'm writing a form to create several records at once. They are passed in params as an array of attributes:
{ :appointments => [ { :field1 => 'value1'
, :field2 => 'value2'
}
, # next record
]
}
Then in the controller I would like to do something like
params[:appointments].each do |a|
app = Appointment.create! a
end
But I run into lots of trouble with strong parameters, in the form of ForbiddenAttributeErrors. I've tried using appointment_params and whitelisting attributes, but with no luck. I can't find any good documentation matching my use case. They all assume the array of records should be nested below some owner record but this is not the case here.
Any help would be appreciated.
Make sure you are white listing your array in addition to the actual model attributes.
It seems like you have used the scaffolded version of the params.require method and not have updated that method when you changed your controller to deal with an array of appointments rather than one appointment at a time.
Something like this should work:
params.require(:appointment).permit(:field1, :field2, appointments: [:field1, field2])
or
params.require(:appointments).permit(:field1, :field2)
Not sure exactly what the rest of yoru code looks like, but it seems like you're not permitting the array itself, the above code samples attempt to white list what I would assume that attribute might be named.
If you are only using the attributes to create a new Appointment record, you can use the following
Appointment.create!(params.permit(applications: [:field1, :field2])[:applications])
If you really want to iterate over the array, you can do
params[:appointments].each do |a|
app = Appointment.create!(a.permit(:field1, :field2))
end
I have a model:
class A < ActiveRecord::Base
has_many :B
end
And I want to reset or update A's B association, but only save it later:
a = A.find(...)
# a.bs == [B<...>, B<...>]
a.bs = []
#or
a.bs = [B.new, B.new]
# do some validation stuff on `a` and `a.bs`
So there might be some case where I will call a.save later or maybe not. In the case I don't call a.save I would like that a.bs stay to its original value, but as soon as I call a.bs = [], the old associations is destroyed and now A.find(...).bs == []. Is there any simple way to set a record association without persisting it in the database right away? I looked at Rails source and didn't find anything that could help me there.
Thanks!
Edit:
I should add that this is for an existing application and there are some architecture constraint that doesn't allow us to use the the regular ActiveRecord updating and validation tools. The way it works we have a set of Updater class that take params and assign the checkout object the value from params. There are then a set of Validater class that validate the checkout object for each given params. Fianlly, if everything is good, we save the model.
In this case, I'm looking to update the association in an Updater, validate them in the Validator and finally, persist it if everything check out.
In summary, this would look like:
def update
apply_updaters(object, params)
# do some stuff with the updated object
if(validate(object))
object.save(validate: false)
end
Since there are a lot of stuff going on between appy_updaters and object.save, Transaction are not really an option. This is why I'm really looking to update the association without persisting right away, just like we would do with any other attribute.
So far, the closest solution I've got to is rewriting the association cache (target). This look something like:
# In the updater
A.bs.target.clear
params[:bs].each{|b| A.bs.build(b)}
# A.bs now contains the parameters object without doing any update in the database
When come the time to save, we need to persist cache:
new_object = A.bs.target
A.bs(true).replace(new_object)
This work, but this feel kind of hack-ish and can easily break or have some undesired side-effect. An alternative I'm thinking about is to add a method A#new_bs= that cache the assigned object and A#bs that return the cached object if available.
Good question.
I can advice to use attributes assignment instead of collection manipulation. All validations will be performed as regular - after save or another 'persistent' method. You can write your own method (in model or in separated validator) which will validate collection.
You can delete and add elements to collection through attributes - deletion is performed by additional attribute _destroy which may be 'true' or 'false' (http://api.rubyonrails.org/classes/ActiveRecord/NestedAttributes/ClassMethods.html), addition - through setting up parent model to accept attributes.
As example set up model A:
class A < ActiveRecord::Base
has_many :b
accepts_nested_attributes_for :b, :allow_destroy => true
validates_associated :b # to validate each element
validate :b_is_correct # to validate whole collection
def b_is_correct
self.bs.each { |b| ... } # validate collection
end
end
In controller use plain attributes for model updating (e.g update!(a_aparams)). These methods will behave like flat attribute updating. And don't forget to permit attributes for nested collection.
class AController < ApplicationController
def update
#a = A.find(...)
#a.update(a_attributes) # triggers validation, if error occurs - no changes will be persisted and a.errors will be populated
end
def a_attributes
params.require(:a).permit([:attr_of_a, :b_attributes => [:attr_of_b, :_destroy]])
end
end
On form we used gem nested_form (https://github.com/ryanb/nested_form), I recommend it. But on server side this approach uses attribute _destroy as mentioned before.
I finally found out about the mark_for_destruction method. My final solution therefor look like:
a.bs.each(&:mark_for_destruction)
params[:bs].each{|b| a.bs.build(b)}
And then I can filter out the marked_for_destruction? entry in the following processing and validation.
Thanks #AlkH that made me look into how accepts_nested_attributes_for was working and handling delayed destruction of association.
I want to add to an existing model some attributes that need not be persisted, or even mapped to a database column.
Is there a solution to specify such thing ?
Of course use good old ruby's attr_accessor. In your model:
attr_accessor :foo, :bar
You'll be able to do:
object.foo = 'baz'
object.foo #=> 'baz'
I was having the same problem but I needed to bootstrap the model, so the attribute had to persist after to_json was called. You need to do one extra thing for this.
As stated by apneadiving, the easiest way to start is to go to your model and add:
attr_accessor :foo
Then you can assign the attributes you want. But to make the attribute stick you need to change the attributes method. In your model file add this method:
def attributes
super.merge('foo' => self.foo)
end
In case anyone is wondering how to render this to the view, use the method arguments for the render method, like so:
render json: {results: results}, methods: [:my_attribute]
Please know that this only works if you set the attr_accessor on your model and set the attribute in the controller action, as the selected answer explained.
From Rails 5.0 onwards you could use attribute:
class StoreListing < ActiveRecord::Base
attribute :non_persisted
attribute :non_persisted_complex, :integer, default: -1
end
With attribute the attribute will be created just like the ones being persisted, i.e. you can define the type and other options, use it with the create method, etc.
If your DB table contains a matching column it will be persisted because attribute is also used to affect conversion to/from SQL for existing columns.
see: https://api.rubyonrails.org/classes/ActiveRecord/Attributes/ClassMethods.html#method-i-attribute
In my case I wanted to use a left join to populate custom attribute. It works if I don't add anything but I also want to be able to set the attribute on a new object and of course it doesn't exist. If I add attr_accessor then it always returns nil after a select. Here's the approach I've ended up with that works for setting on new object and retrieving from left join.
after_initialize do
self.foo = nil unless #attributes.key?("foo")
end
def foo
#attributes["foo"]
end
def foo=(value)
#attributes["foo"] = value
end
I would like to have a more systematic solution for myself to avoid mass assignment.
A typical situation is to remove id or user_id from params (submitted automatically via form) and replace it with current_user.id internally (in MyController#create).
A solution I can think of is to create object from params hash, then update_attributes (of parent and child objects) to replace sensitive attributes with internal values:
#user = User.create(:params[:user])
#user.update_attributes(:id => current_user.id)
#user.profile.update_attributes(:user_id => current_user.id)
#user.preference.update_attributes(:user_id => current_user.id)
Is there a shorter/more DRY way to say this?
If preference, profile etc. are child objects of user (created via build method), how can I write a method to look for their foreign keys for user and automatically replace them with the value I passed to parent?
Thank you.
This is what attr_protected and attr_accessible (documentation) are for. attr_protected will give you blacklist protection, while attr_accessible will protect using a whitelist.
While calling update_attributes right after a mass assignment would work, you're better off using the built in ways of protecting mass assignments as it won't require duplication of code every time you do a mass assignment on a model.
I've done this in an earlier project by using:
#user = User.create(params[:user]) do |user|
user.id = current_user.id
end
Would this work for you?
An alternative is to check out the docs and search for the :as for role based attributes.
I want to create a helper method to automatically output text_fields with a :maxlength attribute. I want this maxlegth to be set based on the :max specified in the field attributes validates_length validation, so as to remain DRY.
My question is: Is there a good way to inspect the validations that are present on an objects attribute, and then extract the maximum length from that validation.
I also plan on extracting other things like the regex from validates_format so I can set an attribute on the text_field, which can then be used by js to run client side validations.
Thanks.
Bonus points: Why doesn't Rails Automatically add the maxlength to text fields for us?
In Rails 3 you can call the _validators method on an object to get the list of validators that will run:
t = Ticket.new
t._validators
Well, I don't know if this is a 'good' way, but you can initialize a new object, call #valid? on it and then call #errors to get a hash of attributes and error messages. Then you'd have to parse those errors messages.
user = User.new
user.valid?
errors_hash = user.errors