summaryrefslogtreecommitdiff
path: root/app/controllers/creations_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/creations_controller.rb')
-rw-r--r--app/controllers/creations_controller.rb12
1 files changed, 9 insertions, 3 deletions
diff --git a/app/controllers/creations_controller.rb b/app/controllers/creations_controller.rb
index e944a0e1..d426ff2d 100644
--- a/app/controllers/creations_controller.rb
+++ b/app/controllers/creations_controller.rb
@@ -20,7 +20,7 @@ class CreationsController < ApplicationController
end
def create
- @creation = current_user.creations.create(params[:creation])
+ @creation = current_user.creations.create(creation_params)
@creation.categories << Category.find(params[:category_id]) if params[:category_id]
current_user.tag(@creation, :with => params[:creation_tags], :on => :tags)
@@ -39,11 +39,11 @@ class CreationsController < ApplicationController
@creation.categories << Category.find(params[:category_id]) if params[:category_id]
current_user.tag(@creation, :with => params[:creation_tags], :on => :tags)
- if @creation.update_attributes(params[:creation])
+ if @creation.update_attributes(creation_params)
redirect_to new_creation_photo_url(@creation)
else
flash[:error] = @creation.errors.full_messages
- render :action => "edit"
+ render :edit
end
end
@@ -55,4 +55,10 @@ class CreationsController < ApplicationController
def mine
@creations = current_user.creations.includes([:user]).page(params[:page]).per(12)
end
+
+ private
+
+ def creation_params
+ params.require(:creation).permit(:name, :story, :is_restricted, :watermark)
+ end
end
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 22:41:03 +0000