Extract permitted params constant in v1/admin/tags (#30652)

2024-06-11 11:29:41 -04:00 · 2024-06-11 11:29:41 -04:00 · 978601a0ae
parent 62d070c438
commit 978601a0ae
1 changed files with 10 additions and 1 deletions
--- a/app/controllers/api/v1/admin/tags_controller.rb
+++ b/app/controllers/api/v1/admin/tags_controller.rb
@ -13,6 +13,13 @@ class Api::V1::Admin::TagsController < Api::BaseController

  LIMIT = 100

+  PERMITTED_PARAMS = %i(
+    display_name
+    listable
+    trendable
+    usable
+  ).freeze
+
  def index
    authorize :tag, :index?
    render json: @tags, each_serializer: REST::Admin::TagSerializer
@ -40,7 +47,9 @@ class Api::V1::Admin::TagsController < Api::BaseController
  end

  def tag_params
-    params.permit(:display_name, :trendable, :usable, :listable)
+    params
+      .slice(*PERMITTED_PARAMS)
+      .permit(*PERMITTED_PARAMS)
  end

  def next_path