Sinatra::AcceptParams - Parameter whitelisting for Sinatra

This plugin adds parameter whitelisting, type checking, and validation at the routing level to a Sinatra application. While model-level validations are good for CRUD operations, in many cases there are other input parameters which are either not part or a model, or which you want to verify before executing lots of (potentially unsafe) code just to have your model raise an error. Examples include:

page numbers for pagination
search strings
routing prefixes such as region or language

In addition, this plugin provides several extended capabilities which come in handy:

type checking of parameters (eg, integers vs strings)
automatic type casting of parameters (helps with plugins such as +will_paginate+)
default values and post-processing of params

Example

# GET /channels # GET /channels.xml def index accept_params do |p| p.integer :page, :default => 1, :minvalue => 1 p.integer :per_page, :default => 50, :minvalue => 1 end end

# POST /rating # POST /rating.xml def create accept_params do |p| p.namespace :rating do |p| p.integer :user_id, :required => true, :minvalue => 1 p.integer :rating, :required => true p.string :comments, :process => Proc.new(value){ my_value_cleaner(value) } end end

@rating = Rating.new(params[:rating])
@rating.save

# format/response code

end

# GET /players/1 # GET /players/1.xml def show accept_only_id @player = Player.find(params[:id])

respond_to do |format|
  format.html # show.html.erb
  format.xml  { render :xml => @player }
end

end

Sinatra::AcceptParams - Parameter whitelisting for Sinatra

Example

Author