Commit 16f0a4bd
Changed files (2)
app
controllers
spec
controllers
app/controllers/photos_controller.rb
@@ -16,7 +16,7 @@ class PhotosController < ApplicationController
end
def create
- attributes = params[:photo]
+ attributes = photo_params
attributes[:image] = params[:photo][:image].first if params[:photo][:image].class == Array
@photo = @creation.photos.build(attributes)
@@ -45,4 +45,8 @@ class PhotosController < ApplicationController
@creation = current_user.creations.find(params[:creation_id])
raise ActiveRecord::RecordNotFound unless @creation
end
+
+ def photo_params
+ params.require(:photo).permit(:image)
+ end
end
spec/controllers/photos_controller_spec.rb
@@ -1,15 +1,15 @@
require 'spec_helper'
describe PhotosController do
- let(:user){ FactoryGirl.create(:user) }
- let(:creation){ FactoryGirl.create(:creation) }
+ let(:user){ create(:user) }
+ let(:creation){ create(:creation) }
before(:each) do
user.creations << creation
http_login(user)
end
- describe "POST create" do
+ describe :post do
let(:image) { Rack::Test::UploadedFile.new("spec/fixtures/images/gorilla.jpg", "image/jpeg") }
before :each do
@@ -26,8 +26,8 @@ describe PhotosController do
end
end
- describe "DELETE 'destroy'" do
- let!(:photo) { FactoryGirl.create(:photo) }
+ describe :delete do
+ let!(:photo) { create(:photo) }
before :each do
creation.photos << photo