strong parameter and json input rails 4
You could try changing your referral_params
method to this:
def referral_params json_params = ActionController::Parameters.new( JSON.parse(request.body.read) ) return json_params.require(:person).permit(:id, user_attributes: [:id, :first_name, :last_name, :email], device_attributes: [:id, :os_type, :os_version], location_attributes: [:id, :latitude, :longitude], duration_attributes[:id, :start_time, :end_time])end
The first line inside the method parses your JSON (which returns a Ruby hash, if I remember correctly) and creates a new ActionController::Parameters
object from that. The second one uses permit
and require
on that params-like object.
params
is usually automatically created from post data key/value pairs, and will be of the type ActionController::Parameters
. To use permit
and require
, you have to create an object of that class manually from a hash.
To then use these sanitized params, you have to change
@inputData = Person.new(JSON.parse(data))
to
@inputData = Person.new(referral_params)