[katello-devel] Proposal: use API documentation for param_rules
Eric D Helms
ericdhelms at gmail.com
Fri Feb 1 15:50:07 UTC 2013
I am not quite clear on the use of API documentation to produce the
param_rules and would be curious how this would apply to our UI controllers
that use the same mechanism.
But more so, I will point out that the historical reason for param_rules
was due to mass assignment issues in Rails that could cause unwanted
consequences. This was addressed in Rails 3.2 by requiring mass assigned
attributes to be specifically declared as such at the model level, e.g.:
class ActivationKey < ActiveRecord::Base
attr_accessible :name, :description, :environment, :organization,
:usage_limit,
:system_template, :system_groups, :user, :system_template_id,
:environment_id
On Fri, Feb 1, 2013 at 10:45 AM, Ivan Necas <inecas at redhat.com> wrote:
> Hi there,
>
> When you look at our API controllers today: you might notice one duplicity
> quite often:
>
> 1. There is param_rules method defined, which lists all the params that
> are acceptable for given action
>
> 2. There is API documenation, listing the parmas that are acceptable.
>
> Proposal:
>
> Use the API documentatoin to produce the param_rules. Benefits:
>
> 1. code duplicates reduction
> 2. more accurate API documentation
>
> Opinions?
>
> -- Ivan
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/katello-devel/attachments/20130201/4587de89/attachment.htm>
More information about the katello-devel
mailing list