Forum: Ruby on Rails Update multiple records

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
3e312ef6c09f4106f0f76b83d9dc7602?d=identicon&s=25 Johnny Stewart (j77j)
on 2017-02-24 13:17
Hi,

I'm trying to update multiple records from one form but I'm really
struggling with getting the strong parameters right to allow this to
happen..

The records are opening times for each day for stores, the parameters
are passed like so:

{"_method"=>"put",
"authenticity_token"=>"blah==",
 "open_times"=>
  {"1"=>{"day_of_week"=>"0", "open_closed"=>"1", "open_at(4i)"=>"07",
"open_at(5i)"=>"00", "close_at(4i)"=>"22", "close_at(5i)"=>"00"},
   "2"=>{"day_of_week"=>"1", "open_closed"=>"2", "open_at(4i)"=>"07",
"open_at(5i)"=>"15", "close_at(4i)"=>"22", "close_at(5i)"=>"00"},
   "3"=>{"day_of_week"=>"2", "open_closed"=>"0", "open_at(4i)"=>"09",
"open_at(5i)"=>"00", "close_at(4i)"=>"22", "close_at(5i)"=>"15"}},
 "profile_name"=>"testStore"}

and in my controller:

def open_times_params
  params.require(:open_times).permit(open_time: [:id, :day_of_week,
:open_closed, :open_at, :close_at])
end

however this does not work..

but gives me this:

Unpermitted parameters: 1, 2, 3
<ActionController::Parameters {} permitted: true>
Unpermitted parameters: 1, 2, 3
Unpermitted parameters: 1, 2, 3


I'm at a loss as to how to get this working although I'm sure it can't
be as difficult as I am making it...

Any ideas gratefully received!

thanks in advance,

J.
3e312ef6c09f4106f0f76b83d9dc7602?d=identicon&s=25 Johnny Stewart (j77j)
on 2017-02-24 17:56
Johnny Stewart wrote in post #1185590:
> Hi,
>
> I'm trying to update multiple records from one form but I'm really
> struggling with getting the strong parameters right to allow this to
> happen..
>
> The records are opening times for each day for stores, the parameters
> are passed like so:
>
> {"_method"=>"put",
> "authenticity_token"=>"blah==",
>  "open_times"=>
>   {"1"=>{"day_of_week"=>"0", "open_closed"=>"1", "open_at(4i)"=>"07",
> "open_at(5i)"=>"00", "close_at(4i)"=>"22", "close_at(5i)"=>"00"},
>    "2"=>{"day_of_week"=>"1", "open_closed"=>"2", "open_at(4i)"=>"07",
> "open_at(5i)"=>"15", "close_at(4i)"=>"22", "close_at(5i)"=>"00"},
>    "3"=>{"day_of_week"=>"2", "open_closed"=>"0", "open_at(4i)"=>"09",
> "open_at(5i)"=>"00", "close_at(4i)"=>"22", "close_at(5i)"=>"15"}},
>  "profile_name"=>"testStore"}
>
> and in my controller:
>
> def open_times_params
>   params.require(:open_times).permit(open_time: [:id, :day_of_week,
> :open_closed, :open_at, :close_at])
> end
>
> however this does not work..
>
> but gives me this:
>
> Unpermitted parameters: 1, 2, 3
> <ActionController::Parameters {} permitted: true>
> Unpermitted parameters: 1, 2, 3
> Unpermitted parameters: 1, 2, 3
>
>
> I'm at a loss as to how to get this working although I'm sure it can't
> be as difficult as I am making it...
>
> Any ideas gratefully received!
>
> thanks in advance,
>
> J.

OK,

I *seem* to have solved this...

strong params:

def open_times_params
  params.permit(open_times: [:id, :day_of_week, :open_closed, :open_at,
:close_at])
end

update method:

def update_multiple
  @open_times = OpenTime.update(open_times_params[:open_times].keys,
open_times_params[:open_times].values)
  @open_times.reject! { |o_t| o_t.errors.empty? }
  if @open_times.empty?
    redirect_to open_times_url
  else
    render "edit_multiple"
  end
end

Of course this could be a poor solution, I don't know, does this make
things less secure? I feel I may be bypassing strong parameters here..

If anyone wants to pitch in with if/why this is a bad idea or if its
good, please throw in your 2c!

thanks,

J.
This topic is locked and can not be replied to.