I'm building a web app with Rails 4 strong parameters.
When building the admin back office controllers, I wonder what is the best way to permit all the model attributes?
For now, I wrote this:
def user_params
params.require(:user).permit(User.fields.keys)
end
Do you think of a better way?
Just in case someone need it for Rails 6, without even a model linked to your controller, you can use:
before_action :accept_all_params
private
def accept_all_params
params.permit!
end
And done, now you can play with 🔥 as much as you want!