Merge pull request #23 from turniere/ticket/TURNIERE-132

Permit and test parameters without root key
2019-04-07 16:33:08 +02:00 · 2019-04-07 16:33:08 +02:00 · 420ea76191
parent 9d914774a2 e78de72f3d
commit 420ea76191
6 changed files with 13 additions and 13 deletions
--- a/app/controllers/match_scores_controller.rb
+++ b/app/controllers/match_scores_controller.rb
@ -28,6 +28,6 @@ class MatchScoresController < ApplicationController

  # Only allow a trusted parameter "white list" through.
  def match_score_params
-    params.require(:match_score).permit(:points)
+    params.slice(:points).permit!
  end
 end
--- a/app/controllers/teams_controller.rb
+++ b/app/controllers/teams_controller.rb
@ -26,6 +26,6 @@ class TeamsController < ApplicationController
  end

  def team_params
-    params.require(:team).permit(:name)
+    params.slice(:name).permit!
  end
 end
--- a/app/controllers/tournaments_controller.rb
+++ b/app/controllers/tournaments_controller.rb
@ -48,6 +48,6 @@ class TournamentsController < ApplicationController
  end

  def tournament_params
-    params.require(:tournament).permit(:name, :description, :public, :teams)
+    params.slice(:name, :description, :public, :teams).permit!
  end
 end
--- a/spec/controllers/match_scores_controller_spec.rb
+++ b/spec/controllers/match_scores_controller_spec.rb
@ -36,13 +36,13 @@ RSpec.describe MatchScoresController, type: :controller do
        end

        it 'updates the requested score' do
-          put :update, params: { id: @match_score.to_param, match_score: valid_update }
+          put :update, params: { id: @match_score.to_param }.merge(valid_update)
          @match_score.reload
          expect(@match_score.points).to eq(valid_update[:points])
        end

        it 'renders a response with the updated team' do
-          put :update, params: { id: @match_score.to_param, match_score: valid_update }
+          put :update, params: { id: @match_score.to_param }.merge(valid_update)
          expect(response).to be_successful
          body = deserialize_response response
          expect(body[:points]).to eq(valid_update[:points])
@ -55,7 +55,7 @@ RSpec.describe MatchScoresController, type: :controller do
        end

        it 'renders a forbidden error response' do
-          put :update, params: { id: @match_score.to_param, match_score: valid_update }
+          put :update, params: { id: @match_score.to_param }.merge(valid_update)
          expect(response).to have_http_status(:forbidden)
        end
      end
--- a/spec/controllers/teams_controller_spec.rb
+++ b/spec/controllers/teams_controller_spec.rb
@ -34,14 +34,14 @@ RSpec.describe TeamsController, type: :controller do
      end

      it 'updates the requested team' do
-        put :update, params: { id: @team.to_param, team: valid_update }
+        put :update, params: { id: @team.to_param }.merge(valid_update)
        @team.reload
        expect(response).to be_successful
        expect(@team.name).to eq(valid_update[:name])
      end

      it 'renders a response with the updated team' do
-        put :update, params: { id: @team.to_param, team: valid_update }
+        put :update, params: { id: @team.to_param }.merge(valid_update)
        expect(response).to be_successful
        body = deserialize_response response
        expect(body[:name]).to eq(valid_update[:name])
@ -54,7 +54,7 @@ RSpec.describe TeamsController, type: :controller do
      end

      it 'renders a forbidden error response' do
-        put :update, params: { id: @team.to_param, team: valid_update }
+        put :update, params: { id: @team.to_param }.merge(valid_update)
        expect(response).to have_http_status(:forbidden)
      end
    end
--- a/spec/controllers/tournaments_controller_spec.rb
+++ b/spec/controllers/tournaments_controller_spec.rb
@ -116,7 +116,7 @@ RSpec.describe TournamentsController, type: :controller do
    context 'with valid params' do
      context 'without authentication headers' do
        it 'renders a unauthorized error response' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
          expect(response).to have_http_status(:unauthorized)
        end
      end
@ -127,13 +127,13 @@ RSpec.describe TournamentsController, type: :controller do
        end

        it 'updates the requested tournament' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
          @tournament.reload
          expect(@tournament.name).to eq(valid_update[:name])
        end

        it 'renders a JSON response with the tournament' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
          expect(response).to have_http_status(:ok)
          expect(response.content_type).to eq('application/json')
        end
@ -145,7 +145,7 @@ RSpec.describe TournamentsController, type: :controller do
        end

        it 'renders a forbidden error response' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
          expect(response).to have_http_status(:forbidden)
        end
      end