How would you improve the following controller method?

fizzi · June 2, 2015, 5:09pm

I made this code but someone told me it was flawed

How would you improve this piece of code in the reviewcontroller (mainly the namereview method)?

class ReviewController < ApplicationController before_action :set_reviews, only: [:show, :edit, :update, :destroy]

def index @reviews = Review.all end

def namereview @review = Review.find(params[:id]) if @review.update_attribute(:description, sanitize(params[:description])) format.json { render json: { status: 200 } } else format.json { render json: { status: 500 } } end end end

``

Thanks in advance

Frederick_Cheung · June 3, 2015, 6:39am

I made this code but someone told me it was flawed

How would you improve this piece of code in the reviewcontroller (mainly the namereview method)?

Looking just at that method:

I wouldn’t call it namereview - that seems to suggest that it sets a review name but it doesn’t. I’d call it update, and make it behave like a normal update method (i.e. it should use params[:review][:description]). You can leave it only updating the description attribute, but at least bring the semantics closer to the ‘normal’ update action
422 is the usual http status for failed validations
your code seems to let anyone edit any review - not sure if that is appropriate.

Fred

Topic		Replies	Views
How can I improve my "reviewname" method rubyonrails-talk	2	232	June 10, 2015
simple validation silently fails on update or save rubyonrails-talk	0	163	September 3, 2006
rendering original view rubyonrails-talk	3	101	February 10, 2009
Newbie doubt in links and controllers rubyonrails-talk	3	126	February 7, 2011
Unable to update form... rubyonrails-talk	4	149	September 28, 2008

How would you improve the following controller method?

Related topics

More Resources