BigW Consortium Gitlab

Use strong params for 5 more models

parent 04516027
...@@ -6,7 +6,7 @@ class Admin::BroadcastMessagesController < Admin::ApplicationController ...@@ -6,7 +6,7 @@ class Admin::BroadcastMessagesController < Admin::ApplicationController
end end
def create def create
@broadcast_message = BroadcastMessage.new(params[:broadcast_message]) @broadcast_message = BroadcastMessage.new(broadcast_message_params)
if @broadcast_message.save if @broadcast_message.save
redirect_to admin_broadcast_messages_path, notice: 'Broadcast Message was successfully created.' redirect_to admin_broadcast_messages_path, notice: 'Broadcast Message was successfully created.'
...@@ -29,4 +29,11 @@ class Admin::BroadcastMessagesController < Admin::ApplicationController ...@@ -29,4 +29,11 @@ class Admin::BroadcastMessagesController < Admin::ApplicationController
def broadcast_messages def broadcast_messages
@broadcast_messages ||= BroadcastMessage.order("starts_at DESC").page(params[:page]) @broadcast_messages ||= BroadcastMessage.order("starts_at DESC").page(params[:page])
end end
def broadcast_message_params
params.require(:broadcast_message).permit(
:alert_type, :color, :ends_at, :font,
:message, :starts_at
)
end
end end
...@@ -11,7 +11,7 @@ class Projects::ProtectedBranchesController < Projects::ApplicationController ...@@ -11,7 +11,7 @@ class Projects::ProtectedBranchesController < Projects::ApplicationController
end end
def create def create
@project.protected_branches.create(params[:protected_branch]) @project.protected_branches.create(protected_branch_params)
redirect_to project_protected_branches_path(@project) redirect_to project_protected_branches_path(@project)
end end
...@@ -23,4 +23,10 @@ class Projects::ProtectedBranchesController < Projects::ApplicationController ...@@ -23,4 +23,10 @@ class Projects::ProtectedBranchesController < Projects::ApplicationController
format.js { render nothing: true } format.js { render nothing: true }
end end
end end
private
def protected_branch_params
params.require(:protected_branch).permit(:name)
end
end end
...@@ -14,7 +14,7 @@ class UsersGroupsController < ApplicationController ...@@ -14,7 +14,7 @@ class UsersGroupsController < ApplicationController
def update def update
@member = @group.users_groups.find(params[:id]) @member = @group.users_groups.find(params[:id])
@member.update_attributes(params[:users_group]) @member.update_attributes(member_params)
end end
def destroy def destroy
...@@ -41,4 +41,8 @@ class UsersGroupsController < ApplicationController ...@@ -41,4 +41,8 @@ class UsersGroupsController < ApplicationController
return render_404 return render_404
end end
end end
def member_params
params.require(:users_group).permit(:group_access, :user_id)
end
end end
...@@ -14,8 +14,6 @@ ...@@ -14,8 +14,6 @@
# #
class BroadcastMessage < ActiveRecord::Base class BroadcastMessage < ActiveRecord::Base
attr_accessible :alert_type, :color, :ends_at, :font, :message, :starts_at
validates :message, presence: true validates :message, presence: true
validates :starts_at, presence: true validates :starts_at, presence: true
validates :ends_at, presence: true validates :ends_at, presence: true
......
...@@ -10,13 +10,10 @@ ...@@ -10,13 +10,10 @@
# #
class DeployKeysProject < ActiveRecord::Base class DeployKeysProject < ActiveRecord::Base
attr_accessible :key_id, :project_id
belongs_to :project belongs_to :project
belongs_to :deploy_key belongs_to :deploy_key
validates :deploy_key_id, presence: true validates :deploy_key_id, presence: true
validates :deploy_key_id, uniqueness: { scope: [:project_id], message: "already exists in project" } validates :deploy_key_id, uniqueness: { scope: [:project_id], message: "already exists in project" }
validates :project_id, presence: true validates :project_id, presence: true
end end
...@@ -10,10 +10,6 @@ ...@@ -10,10 +10,6 @@
# #
class ForkedProjectLink < ActiveRecord::Base class ForkedProjectLink < ActiveRecord::Base
attr_accessible :forked_from_project_id, :forked_to_project_id
# Relations
belongs_to :forked_to_project, class_name: Project belongs_to :forked_to_project, class_name: Project
belongs_to :forked_from_project, class_name: Project belongs_to :forked_from_project, class_name: Project
end end
...@@ -12,8 +12,6 @@ ...@@ -12,8 +12,6 @@
class ProtectedBranch < ActiveRecord::Base class ProtectedBranch < ActiveRecord::Base
include Gitlab::ShellAdapter include Gitlab::ShellAdapter
attr_accessible :name
belongs_to :project belongs_to :project
validates :name, presence: true validates :name, presence: true
validates :project, presence: true validates :project, presence: true
......
...@@ -19,8 +19,6 @@ class UsersGroup < ActiveRecord::Base ...@@ -19,8 +19,6 @@ class UsersGroup < ActiveRecord::Base
Gitlab::Access.options_with_owner Gitlab::Access.options_with_owner
end end
attr_accessible :group_access, :user_id
belongs_to :user belongs_to :user
belongs_to :group belongs_to :group
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment