fix: updating controllers to use class methods

app/controllers/api/api_controller.rb

@@ -1,5 +1,12 @@
 module Api
-  class ApiController < ApplicationController
+  class ApiController < ActionController::Base
+    include Authentication
+    include Authorization
+    include Localization
+    include PublicActivity::StoreController
+    include Searchable
+    include StrongParams
+
     skip_before_action :verify_authenticity_token
   end
 end

app/controllers/api/commands_controller.rb

@@ -1,8 +1,10 @@
 class Api::CommandsController < ApplicationController
+  skip_before_action :authenticate_user!, only: [:execute]
+
   expose :commands, -> { Command.all }
   expose :command, id: -> { params[:slug] }, scope: -> { Command.includes_associated }, find_by: :slug
 
-  skip_before_action :authenticate_user!, only: [:execute]
+  strong_params :command, permit: [:title, :address, :payload_type, :allow_custom_value, :description, :server_id, command_values_attributes: [:id, :label, :value, :_destroy]]
 
   # @route GET /api/commands (api_commands)
   def index

app/controllers/api/controls_controller.rb

@@ -2,6 +2,8 @@ class Api::ControlsController < ApplicationController
   expose :control
   expose :controls, -> { Control.all }
 
+  strong_params :control, permit: [:title, :control_type, :order, :color, :screen_id, :min_value, :max_value, :value, :protocol_id]
+
   # @route GET /api/options/controls (api_controls_options)
   def options
     authorize controls

app/controllers/api/protocols_controller.rb

@@ -1,8 +1,12 @@
 class Api::ProtocolsController < ApplicationController
+  skip_before_action :authenticate_user!, only: [:execute]
+
   expose :protocols, -> { Protocol.includes_associated.all }
   expose :protocol, id: -> { params[:slug] }, find_by: :slug
 
-  skip_before_action :authenticate_user!, only: [:execute]
+  strong_params :protocol, permit: [:title, :description, protocols_commands_attributes: [
+    :id, :protocol_id, :command_id, :command_value_id, :value, :delay, :order
+  ]]
 
   # @route GET /api/protocols/:slug (api_protocol)
   def show

app/controllers/api/servers_controller.rb

@@ -2,6 +2,8 @@ class Api::ServersController < ApplicationController
   expose :server
   expose :servers, -> { Server.all }
 
+  strong_params :server, permit: [:title, :hostname, :port, :description]
+
   # @route GET /api/servers (api_servers)
   def index
     render json: servers.render(view: :options), staus: :ok

app/controllers/api/smtps_controller.rb

@@ -1,6 +1,8 @@
 require 'net/smtp'
 
 class Api::SmtpsController < Api::ApiController
+  strong_params :smtp, permit: [:name, :host, :domain, :port, :security, :username, :password, :address, :notes]
+
   # @route POST /api/smtp/test (api_smtp_test)
   def test
     render json: test_smtp_auth(Smtp.new(smtp_params)), status: :ok
@@ -21,7 +23,4 @@ def test_smtp_auth(smtp)
     { success: false, message: "An error occurred: #{e.message}" }
   end
 
-  def smtp_params
-    params.require(:smtp).permit(:name, :host, :domain, :port, :security, :username, :password, :address, :notes)
-  end
 end

app/controllers/api/users_controller.rb

@@ -1,6 +1,8 @@
 class Api::UsersController < Api::ApiController
   expose :user
 
+  strong_params :user, permit: [:email, :password, :active, :first_name, :last_name, :number, :table_preferences, :user_preferences]
+
   # @route PATCH /api/users/:id (api_user)
   # @route PUT /api/users/:id (api_user)
   def update
@@ -16,7 +18,7 @@ def update
   def update_table_preferences
     authorize user
     if user.update(
-      table_preferences: current_user.table_preferences.deep_merge(request.params[:user][:table_preferences]),
+      table_preferences: current_user.table_preferences.deep_merge(user_params[:table_preferences]),
     )
       head :ok, content_type: "text/html"
     end
@@ -32,10 +34,4 @@ def update_user_preferences
     end
   end
 
-  private
-
-  def user_params
-    params.require(:user).permit(:email, :password, :active_company_id, :active, person: [:first_name, :last_name], company: [:name], user_preferences: [:colorScheme])
-  end
-
 end

app/controllers/commands_controller.rb

@@ -2,10 +2,15 @@ class CommandsController < ApplicationController
   expose :commands, -> { search(Command.includes_associated, sortable_fields) }
   expose :command, id: -> { params[:slug] }, scope: -> { Command.includes_associated }, find_by: :slug
 
+  sortable_fields %w(title address payload_type)
+
+  strong_params :command, permit: [:title, :address, :payload_type, :allow_custom_value, :description, :server_id, command_values_attributes: [:id, :label, :value, :_destroy]]
+
   # @route GET /commands (commands)
   def index
     authorize commands
-    paginated_commands = commands.page(params[:page] || 1)
+
+    paginated_commands = paginate(commands, :commands)
 
     render inertia: "Commands/Index", props: {
       commands: paginated_commands.render,
@@ -68,13 +73,4 @@ def destroy
     redirect_to commands_url, notice: "Command was successfully destroyed."
   end
 
-  private
-
-  def sortable_fields
-    %w(title address payload_type).freeze
-  end
-
-  def command_params
-    params.require(:command).permit(:title, :address, :payload_type, :allow_custom_value, :description, :server_id, command_values_attributes: [:id, :label, :value, :_destroy])
-  end
 end

app/controllers/concerns/searchable.rb

@@ -20,7 +20,11 @@ def search(model, sortable_fields = [])
       sort(search_by_params(model), model, sortable_fields)
     end
 
+    ##
     # Apply defaults to the paginate method
+    # resource: ActiveRecord object to call `page` on
+    # key: Per user defined key stored in User model for persisted pagination limits
+    ##
     def paginate(resource, key)
       resource.page(params[:page] || 1).per(key ? current_user.limit(key) : nil)
     end

app/controllers/controls_controller.rb

@@ -2,6 +2,10 @@ class ControlsController < ApplicationController
   expose :controls, -> { search(Control.includes_associated, sortable_fields) }
   expose :control, find: ->(id, scope) { scope.includes_associated.find(id) }
 
+  sortable_fields %w(title type screen_id min_value max_value value protocol_id)
+
+  strong_params :control, permit: [:title, :control_type, :order, :color, :screen_id, :min_value, :max_value, :value, :protocol_id]
+
   # @route POST /controls (controls)
   def create
     authorize Control.new
@@ -31,14 +35,4 @@ def destroy
     control.destroy!
     redirect_to controls_url, notice: "Control was successfully destroyed."
   end
-
-  private
-
-  def sortable_fields
-    %w(title type screen_id min_value max_value value protocol_id).freeze
-  end
-
-  def control_params
-    params.require(:control).permit(:title, :control_type, :order, :color, :screen_id, :min_value, :max_value, :value, :protocol_id)
-  end
 end

app/controllers/protocols_controller.rb

@@ -2,6 +2,12 @@ class ProtocolsController < ApplicationController
   expose :protocols, -> { search(Protocol, sortable_fields) }
   expose :protocol, id: -> { params[:slug] }, scope: -> { Protocol.includes_associated }, find_by: :slug
 
+  sortable_fields %w(title)
+
+  strong_params :protocol, permit: [:title, :description, protocols_commands_attributes: [
+    :id, :protocol_id, :command_id, :command_value_id, :value, :delay, :order
+  ]]
+
   # @route GET /protocols (protocols)
   def index
     authorize protocols
@@ -72,19 +78,4 @@ def destroy
     redirect_to protocols_url, notice: "Protocol was successfully destroyed."
   end
 
-  private
-
-  def sortable_fields
-    %w(title).freeze
-  end
-
-  def protocol_params
-    params.require(:protocol).permit(
-      :title,
-      :description,
-      protocols_commands_attributes: [
-        :id, :protocol_id, :command_id, :command_value_id, :value, :delay, :order
-      ],
-    )
-  end
 end

app/controllers/screens_controller.rb

@@ -1,9 +1,15 @@
 class ScreensController < ApplicationController
+  skip_before_action :authenticate_user!, only: [:index, :show]
+
   expose :screens, -> { Screen.includes_associated }
   expose :screen, id: -> { params[:slug] }, scope: -> { Screen.includes_associated }, find_by: :slug
   expose :main_screen, -> { Screen.order(:order).first }
 
-  skip_before_action :authenticate_user!, only: [:index, :show]
+  sortable_fields %w(title order)
+
+  strong_params :screen, permit: [:title, :order, controls_attributes: [
+    :id, :title, :order
+  ]]
 
   # @route GET / (root)
   # @route GET /screens (screens)
@@ -70,16 +76,4 @@ def destroy
     screen.destroy!
     redirect_to edit_screens_path, notice: "Screen was successfully destroyed."
   end
-
-  private
-
-  def sortable_fields
-    %w(title order).freeze
-  end
-
-  def screen_params
-    params.require(:screen).permit(:title, :order, controls_attributes: [
-      :id, :title, :order
-    ],)
-  end
 end

app/controllers/servers_controller.rb

@@ -2,6 +2,10 @@ class ServersController < ApplicationController
   expose :servers, -> { search(Server.includes_associated, sortable_fields) }
   expose :server, id: -> { params[:slug] }, scope: -> { Server.includes_associated }, find_by: :slug
 
+  sortable_fields %w(title hostname port description)
+
+  strong_params :server, permit: [:title, :hostname, :port, :description]
+
   # @route GET /servers (servers)
   def index
     authorize servers
@@ -64,14 +68,4 @@ def destroy
     server.destroy!
     redirect_to servers_url, notice: "Server was successfully destroyed."
   end
-
-  private
-
-  def sortable_fields
-    %w(title hostname port description).freeze
-  end
-
-  def server_params
-    params.require(:server).permit(:title, :hostname, :port, :description)
-  end
 end

app/controllers/settings/appearance_controller.rb

@@ -1,5 +1,7 @@
 module Admin
   class Settings::AppearanceController < ApplicationController
+    strong_params :settings, permit: [:primary_color]
+
     # @route GET /settings/appearance (settings_appearance)
     def index
       render inertia: "Settings/Appearance/Index", props: {
@@ -17,11 +19,5 @@ def update
       #   redirect_to settings_appearance_index_path, inertia: { errors: @active_company.errors }
       # end
     end
-
-    private
-
-    def settings_params
-      params.require(:settings).permit(:primary_color)
-    end
   end
 end

app/controllers/settings/smtps_controller.rb

@@ -3,6 +3,8 @@ class Settings::SmtpsController < ApplicationController
     expose :smtps, -> { @active_company.smtps }
     expose :smtp
 
+    strong_params :smtp, permit: [:name, :host, :domain, :port, :security, :username, :password, :address, :notes]
+
     # GET /settings/mail
     def index
       render inertia: "Settings/Mail/Index", props: {
@@ -54,11 +56,5 @@ def update
     def destroy
     end
 
-    private
-
-    def smtp_params
-      params.require(:smtp).permit(:name, :host, :domain, :port, :security, :username, :password, :address, :notes)
-    end
-
   end
 end

app/controllers/users_controller.rb

@@ -2,6 +2,10 @@ class UsersController < ApplicationController
   expose :users, -> { search(User.all.includes_associated, sortable_fields) }
   expose :user, id: -> { params[:slug] }, scope: -> { Circle.includes_associated }, find_by: :slug
 
+  sortable_fields %w(email active first_name last_name number)
+
+  strong_params :user, permit: [:email, :password, :active, :first_name, :last_name, :number]
+
   # @route GET /users (users)
   def index
     authorize users
@@ -77,13 +81,4 @@ def destroy
     end
   end
 
-  private
-
-  def sortable_fields
-    %w(email active first_name last_name number).freeze
-  end
-
-  def user_params
-    params.require(:user).permit(:email, :password, :active, :first_name, :last_name, :number)
-  end
 end