The usual CRUD controller actions assume that certain parameters were
sent. Let’s use a controller for books as an example:
BooksController < ApplicationController
@book = Book.new params[:book]
So #create assumes that params[:book] exists. This is fine, because if
the “book” field wasn’t POSTed to #create, then params[:book] will
simply be nil, because ‘params’ is a Hash.
However, if our controller action tries to look at params[:book]
[:page_ids] when the “book” field wasn’t POSTed to #create, we’d get a
NoMethodError. This is because params[:book] is nil, which means that
params[:book][:page_ids] is equivalent to nil[:page_ids] , which will
obviously raise an error.
So the question is, do you bother to write additional checks for your
controller actions for these edge cases?
I would, because I like to be thorough and know that I’ve covered all
of my bases. But I can understand why people wouldn’t bother, because
said edge cases will probably only be generated by yourself during
testing, and by hooligans mucking with your forms.
What do you guys think?