From 1596e331f7674d3272f692b534f01ade56278a54 Mon Sep 17 00:00:00 2001 From: Rob Zolkos Date: Fri, 2 Feb 2024 16:46:37 +0000 Subject: [PATCH 1/3] Update README to mention devcontainer --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index bbe5cc4a..5571ad31 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,8 @@ You'll need: - ruby >3 (specific version is in `Gemfile`) - postgresql (if using stock `config/database.yml`) +For convenience, the project contains configuration for a devcontainer. Open up the project in your editor that supports devcontainers and run the commands mentioned below. + ```shell cd maybe bundle install @@ -69,7 +71,7 @@ If you've got feature ideas, simply [open a new issues](https://github.com/maybe ## Repo Activity -![Repo Activity](https://repobeats.axiom.co/api/embed/7866c9790deba0baf63ca1688b209130b306ea4e.svg 'Repobeats analytics image') +![Repo Activity](https://repobeats.axiom.co/api/embed/7866c9790deba0baf63ca1688b209130b306ea4e.svg "Repobeats analytics image") ## Copyright & license From 9aa9f9981029543ef51ccb1788de32e416a0b91a Mon Sep 17 00:00:00 2001 From: Rob Zolkos Date: Fri, 2 Feb 2024 16:54:15 +0000 Subject: [PATCH 2/3] Fix account param safety --- app/controllers/accounts_controller.rb | 10 +++++++--- app/models/depository.rb | 2 +- config/routes.rb | 6 +++--- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 52e05739..18d6106e 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -33,8 +33,12 @@ class AccountsController < ApplicationController end def account_type_class - params[:type].constantize - rescue - Account # Default to Account if type is not provided or invalid + valid_account_types = %w[Checking CreditCard] + + if params[:type].present? && valid_account_types.include?(params[:type]) + params[:type].constantizes + else + Account # Default to Account if type is not provided or invalid + end end end diff --git a/app/models/depository.rb b/app/models/depository.rb index 64413a49..bacbb9e6 100644 --- a/app/models/depository.rb +++ b/app/models/depository.rb @@ -1,2 +1,2 @@ class Depository < Account -end \ No newline at end of file +end diff --git a/config/routes.rb b/config/routes.rb index 0a4af242..3edbdf2a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,9 +6,9 @@ Rails.application.routes.draw do resources :accounts - scope 'accounts/new' do - scope 'bank' do - get '', to: 'accounts#new_bank', as: 'new_bank' + scope "accounts/new" do + scope "bank" do + get "", to: "accounts#new_bank", as: "new_bank" end end From f1909b3bf26d15fb7919b5d37a269d7822cbf1fb Mon Sep 17 00:00:00 2001 From: Rob Zolkos Date: Fri, 2 Feb 2024 17:01:47 +0000 Subject: [PATCH 3/3] Add initial list of valid account types --- app/controllers/accounts_controller.rb | 4 +--- app/models/account.rb | 2 ++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 18d6106e..44b1aff9 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -33,9 +33,7 @@ class AccountsController < ApplicationController end def account_type_class - valid_account_types = %w[Checking CreditCard] - - if params[:type].present? && valid_account_types.include?(params[:type]) + if params[:type].present? && Account::VALID_ACCOUNT_TYPES.include?(params[:type]) params[:type].constantizes else Account # Default to Account if type is not provided or invalid diff --git a/app/models/account.rb b/app/models/account.rb index 9f130896..73a8b482 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -1,3 +1,5 @@ class Account < ApplicationRecord belongs_to :family + + VALID_ACCOUNT_TYPES = %w[Investment Depository Credit Loan Property Vehicle OtherAsset OtherLiability].freeze end