Skip to content

Commit 3cb79ca

Browse files
ccutrerccutrer
committed
mark several models as using strong_params
Change-Id: Ia925f291df671630dd6a30f3a4e566cfebe08d4b Reviewed-on: https://gerrit.instructure.com/57842 Tested-by: Jenkins Reviewed-by: Simon Williams <simon@instructure.com> Product-Review: Cody Cutrer <cody@instructure.com> QA-Review: Cody Cutrer <cody@instructure.com>
1 parent 88244da commit 3cb79ca

6 files changed

Lines changed: 10 additions & 1 deletion

File tree

app/controllers/bookmarks/bookmarks_controller.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -148,7 +148,7 @@ def find_bookmark
148148
end
149149

150150
def valid_params
151-
params.slice(:name, :url, :data).merge({user_id: user_id})
151+
strong_params.permit(:name, :url).merge(user_id: user_id).merge(params.slice(:data))
152152
end
153153

154154
def set_position

app/models/bookmarks/bookmark.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
class Bookmarks::Bookmark < ActiveRecord::Base
22
acts_as_list scope: :user_id
3+
strong_params
34

45
def data
56
json ? JSON.parse(json) : nil

app/models/gradebook_csv.rb

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@
1616
# with this program. If not, see <http://www.gnu.org/licenses/>.
1717
#
1818
class GradebookCsv < ActiveRecord::Base
19+
strong_params
20+
1921
belongs_to :course, inverse_of: :gradebook_csvs
2022
belongs_to :user
2123
belongs_to :attachment

app/models/gradebook_upload.rb

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@
1717
#
1818

1919
class GradebookUpload < ActiveRecord::Base
20+
strong_params
21+
2022
belongs_to :course
2123
belongs_to :user
2224
belongs_to :progress

app/models/quizzes/quiz_submission_event.rb

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@
1717
#
1818

1919
class Quizzes::QuizSubmissionEvent < ActiveRecord::Base
20+
strong_params
21+
2022
include CanvasPartman::Concerns::Partitioned
2123

2224
# An event describing the student choosing an answer to a question.

app/models/sis_post_grades_status.rb

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@
1717
#
1818

1919
class SisPostGradesStatus < ActiveRecord::Base
20+
strong_params
21+
2022
ALLOWED_STATUSES = %w{success warning failed}
2123
belongs_to :course
2224
belongs_to :course_section

0 commit comments

Comments
 (0)