dnestoff
10/3/2016 - 2:35 AM

Rails: Controllers

class PeopleController < ActionController::Base
  # This will raise an ActiveModel::ForbiddenAttributes exception
  # because it's using mass assignment without an explicit permit
  # step.
  def create
    Person.create(params[:person])
  end
 
  # This will pass with flying colors as long as there's a person key
  # in the parameters, otherwise it'll raise a
  # ActionController::ParameterMissing exception, which will get
  # caught by ActionController::Base and turned into that 400 Bad
  # Request reply.
  def update
    person = current_account.people.find(params[:id])
    person.update!(person_params)
    redirect_to person
  end
 
  private
    # Using a private method to encapsulate the permissible parameters
    # is just a good pattern since you'll be able to reuse the same
    # permit list between create and update. Also, you can specialize
    # this method with per-user checking of permissible attributes.
    def person_params
      params.require(:person).permit(:name, :age)
    end
end
# The least specific route (wildcard) goes at the very end 
# that's how to eliminate false positives

get '/cats' do
  
end

## '/cats/new' needs to come before wildcard 
get '/cats/new' do

end

get '/cats/:id' do

end

#this applies for every verb and not just GET
# Setting a root

Rails.application.routes.draw do
  get 'welcome/index'
  ### below dictates what happens when we visit '/'
  root 'welcome#index'
end

# Rails provides a resources method which can be used to declare a standard REST resource. 
Rails.application.routes.draw do  
  # Add the article resource to the config/routes.rb so the file will look as follows:
  resources :articles
  
  root 'welcome#index'
end