diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-04-04 01:33:34 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-04-04 01:33:34 +0200 |
commit | 4c53af64f0b10bc11473df5e3fd1cd7a11b755f6 (patch) | |
tree | 9bad122ae3a66b4171f48947cbb33496e2f8b2de /app/controllers/api/v1/reports_controller.rb | |
parent | f722bd2387df9163760014e9555928ec487ae95f (diff) |
Fix ActionController::Parameters in API issue
Diffstat (limited to 'app/controllers/api/v1/reports_controller.rb')
-rw-r--r-- | app/controllers/api/v1/reports_controller.rb | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/app/controllers/api/v1/reports_controller.rb b/app/controllers/api/v1/reports_controller.rb index 46bdddbc1..f83c573cb 100644 --- a/app/controllers/api/v1/reports_controller.rb +++ b/app/controllers/api/v1/reports_controller.rb @@ -12,13 +12,19 @@ class Api::V1::ReportsController < ApiController end def create - status_ids = params[:status_ids].is_a?(Enumerable) ? params[:status_ids] : [params[:status_ids]] + status_ids = report_params[:status_ids].is_a?(Enumerable) ? report_params[:status_ids] : [report_params[:status_ids]] @report = Report.create!(account: current_account, - target_account: Account.find(params[:account_id]), + target_account: Account.find(report_params[:account_id]), status_ids: Status.find(status_ids).pluck(:id), - comment: params[:comment]) + comment: report_params[:comment]) render :show end + + private + + def report_params + params.permit(:account_id, :comment, status_ids: []) + end end |