<div dir="ltr">I am not quite clear on the use of API documentation to produce the param_rules and would be curious how this would apply to our UI controllers that use the same mechanism.<div><br></div><div>But more so, I will point out that the historical reason for param_rules was due to mass assignment issues in Rails that could cause unwanted consequences. 燭his was addressed in Rails 3.2 by requiring mass assigned attributes to be specifically declared as such at the model level, e.g.:</div> <div><br></div><div><pre style="margin-top:0px;margin-bottom:0px;padding:0px;border:0px;font-size:12px;font-family:Consolas,'Liberation Mono',Courier,monospace;color:rgb(51,51,51);line-height:16px"><div class="" id="LC13" style="margin:0px;padding:0px 0px 0px 10px;border:0px"> <span class="" style="margin:0px;padding:0px;border:0px;font-weight:bold">class</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(68,85,136);font-weight:bold">ActivationKey</span> <span class="" style="margin:0px;padding:0px;border:0px;font-weight:bold"><</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(0,128,128)">ActiveRecord</span><span class="" style="margin:0px;padding:0px;border:0px;font-weight:bold">::</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(0,128,128)">Base</span></div> <div class="" id="LC14" style="margin:0px;padding:0px 0px 0px 10px;border:0px">牋<span class="" style="margin:0px;padding:0px;border:0px">attr_accessible</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:name</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:description</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:environment</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:organization</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:usage_limit</span><span class="" style="margin:0px;padding:0px;border:0px">,</span></div> <div class="" id="LC15" style="margin:0px;padding:0px 0px 0px 10px;border:0px">牋牋牋牋牋牋牋牋牋<span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:system_template</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:system_groups</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:user</span><span class="" style="margin:0px;padding:0px;border:0px">,</span> <span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:system_template_id</span><span class="" style="margin:0px;padding:0px;border:0px">,</span></div> <div class="" id="LC16" style="margin:0px;padding:0px 0px 0px 10px;border:0px">牋牋牋牋牋牋牋牋牋<span class="" style="margin:0px;padding:0px;border:0px;color:rgb(153,0,115)">:environment_id</span></div></pre><div class="gmail_extra"> <br><br><div class="gmail_quote">On Fri, Feb 1, 2013 at 10:45 AM, Ivan Necas <span dir="ltr"><<a href="mailto:inecas@redhat.com" target="_blank">inecas@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"> Hi there,<br> <br> When you look at our API controllers today: you might notice one duplicity quite often:<br> <br> 1. There is param_rules method defined, which lists all the params that are acceptable for given action<br> <br> 2. There is API documenation, listing the parmas that are acceptable.<br> <br> Proposal:<br> <br> Use the API documentatoin to produce the param_rules. Benefits:<br> <br> 1. code duplicates reduction<br> 2. more accurate API documentation<br> <br> Opinions?<br> <br> -- Ivan<br> <br> _______________________________________________<br> katello-devel mailing list<br> <a href="mailto:katello-devel@redhat.com">katello-devel@redhat.com</a><br> <a href="https://www.redhat.com/mailman/listinfo/katello-devel" target="_blank">https://www.redhat.com/mailman/listinfo/katello-devel</a><br> </blockquote></div><br></div></div></div>