scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2024-09-21 07:26:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add sanitization to sample groups/types [SCI-902]

Browse source
This commit is contained in:
Oleksii Kriuchykhin 2017-01-24 13:06:39 +01:00
parent 53699193a2
commit a04f05eeb3
1 changed files with 12 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
app/controllers/samples_controller.rb
View file

@ -11,12 +11,18 @@ class SamplesController < ApplicationController
respond_to do |format|
format.html
if can_create_samples(@organization)
format.json {
groups = @organization.sample_groups.map do |g|
{ id: g.id, name: sanitize_input(g.name), color: g.color }
end
types = @organization.sample_types.map do |t|
{ id: t.id, name: sanitize_input(t.name) }
end
format.json do
render json: {
sample_groups: @organization.sample_groups.as_json(only: [:id, :name, :color]),
sample_types: @organization.sample_types.as_json(only: [:id, :name])
}
sample_groups: groups.as_json,
sample_types: types.as_json
}
end
else
format.json { render json: {}, status: :unauthorized }
end