search

hashrocket / decent_exposure

A helper for creating declarative interfaces in controllers
MIT License
1.81k stars 107 forks source link

HEAD request causes parameter assignment #110

Closed hashrocketeer closed 10 years ago

hashrocketeer commented 10 years ago

When making a HEAD request to a view that accesses an exposed resource, Decent Exposure (at least with the Strong Parameters strategy) attempts to assign parameters. In our particular case, a HEAD request to the /sessions/new route, which exposes a UserSession object results in a ActionController::ParameterMissing: param is missing or the value is empty: user_session error.

The exposure in question looks like:

expose(:user_session, :attributes => :user_session_params)

The attribute method it is using looks like:

def user_session_params
    params.require(:user_session).permit(:email, :password)
end

And the associated route:

resource :session, only: [:new, :create, :destroy]
hashrocketeer commented 10 years ago

This issue is also referenced in #99 here.