Controllers

Just like models, controllers are written using Ruby code, so their customization is similar, only we'll use the app/controllers/custom/ folder instead of the app/models/custom/ folder. Check the models customization section for more information.

Customizing allowed parameters

When customizing Consul Democracy, sometimes you might want to add a new field to a form. Other than customizing the view or the component that renders that form, you need to modify the controller so the new field is accepted. If not, the new field will silently be ignored; this is done to prevent mass assignment attacks.

For example, let's say you've modified the SiteCustomization::Page model so it uses a field called author_nickname and you've added that field to the form to create a custom page in the admin area. To add the allowed parameter to the controller, create a file app/controllers/custom/admin/site_customization/pages_controller.rb with the following content:

load Rails.root.join("app", "controllers", "admin", "site_customization", "pages_controller.rb")

class Admin::SiteCustomization::PagesController

  private

    alias_method :consul_allowed_params, :allowed_params

    def allowed_params
      consul_allowed_params + [:author_nickname]
    end
end

Note we're aliasing and then calling the original allowed_params method, so all the parameters allowed in the original code will also be allowed in our custom method.