Rails "Action" Params Key Conflict

Rails action params key conflict

Its awkward to use this, but if ever its required, you can get the info using:

 request.POST

Why can't I use a param called action?

because action, controller are prohibited words.

Look around debug params

--- !map:ActiveSupport::HashWithIndifferentAccess 
action: index
controller: main

so you can't use those params. Because they will be REWRITED AUTOMATICALLY

How to make params[:action] work if I pass parameters action=test in the end of url?

Have a look at this question.

action, controller are prohibited words. You should not use it in your params.

Rails default_url_options conflicts with params in path/url-helpers

In short, in addition to setting default_url_options in application_controller.rb, set it in config/routes.rb for the test environment as

 # config/routes.rb
Rails.application.routes.draw do
  filter :locale
    default_url_options(locale: I18n.locale) if Rails.env.test?

It seems this is the way to set default_url_options in Rails 6.1 ([EDIT] the setting in application_controller.rb is still required for the development environment; the test environment demands this setting). This works fine in both test and development environments except when path helpers are called out of the context, I mean not from a Controller or in Views, in which case the OP's dirty workaround solved the issue:

Rails.application.routes.url_helpers.article_url(
  article,
  {only_path: true}.merge(ApplicationController.new.default_url_options)
)

Background

Gem routing-filter works by modifying a path as if the locale word (like "en") contained in the (head of the) path is passed as a URL parameter (like ?locale=en), while removing the locale part from the path. Therefore, to set default_url_options is the right strategy.

It is true "Setting the Locale from URL Params" in Rail's official guide does tell, at the time of writing (Rails-6.1.4), that
default_url_options is set in app/controllers/application_controller.rb
to set a default locale URL-parameter.

But perhaps the description is outdated — I mean, not accurate in Rails 6.1 any more?

Note that it seems default_url_options has been causing a trouble in Rails 6; see Set locale via default_url_options for Rails tests (Rails 6 and newer).

Ruby on Rails - When to use params.permit! and how to replace it

params.permit! whitelists all attributes leading to the vulnerabilities of mass assignment. The best way to get around this is by whitelisting only the necessary attributes like so

params.permit(:attr1,:attr2..)

Even better, use require with permit

Allows you to choose which attributes should be whitelisted for mass
updating and thus prevent accidentally exposing that which shouldn't
be exposed. Provides two methods for this purpose: require and permit.
The former is used to mark parameters as required. The latter is used
to set the parameter as permitted and limit which attributes should be
allowed for mass updating.

params.require(:key).permit(:attr1, :attr2..)

Strong params not permit dynamic keys

what you want to do goes against the idea of strong parameters, because you would basically have no control over what is in that hash of lotacao_ids.

Note that if you use permit in a key that points to a hash, it won't
allow all the hash. You also need to specify which attributes inside
the hash should be whitelisted.

the part of the params that you gave as an example indicate that this should actually be an array of ids instead of a hash?

in any case, if you don't care about the content of that field, you can still merge it into the hash that you get after permitting stuff in the first place. it's still just a hash...

Rails "Action" Params Key Conflict