From ad35e02ddb9fc8534bd4736eeaf5d35c7ba58123 Mon Sep 17 00:00:00 2001
From: JuliusR <>
Date: Sat, 18 Dec 2021 14:56:09 +0100
Subject: [PATCH 1/2] use Strong Parameters for Supplier

---
 app/controllers/suppliers_controller.rb | 32 +++++++++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/app/controllers/suppliers_controller.rb b/app/controllers/suppliers_controller.rb
index e11c069..5145c12 100644
--- a/app/controllers/suppliers_controller.rb
+++ b/app/controllers/suppliers_controller.rb
@@ -37,7 +37,7 @@ class SuppliersController < ApplicationController
   # POST /suppliers
   # POST /suppliers.xml
   def create
-    @supplier = Supplier.new(params[:supplier])
+    @supplier = Supplier.new(supplier_params)
 
     respond_to do |format|
       if @supplier.save
@@ -55,7 +55,7 @@ class SuppliersController < ApplicationController
   # PUT /suppliers/1.xml
   def update
     @supplier = Supplier.find(params[:id])
-    attrs = params[:supplier]
+    attrs = supplier_params
 
     respond_to do |format|
       # @todo fix by generating proper hidden input in html
@@ -86,4 +86,32 @@ class SuppliersController < ApplicationController
       format.xml  { head :ok }
     end
   end
+
+  private
+
+  def supplier_params
+    params
+      .require(:supplier)
+      .permit(
+        :name,
+        :address,
+        :phone,
+        :phone2,
+        :fax,
+        :email,
+        :url,
+        :delivery_days,
+        :note,
+        :ftp_sync,
+        :ftp_host,
+        :ftp_user,
+        :ftp_password,
+        :ftp_type,
+        :ftp_regexp,
+        :mail_sync,
+        :mail_type,
+        :mail_from,
+        :mail_subject
+      )
+  end
 end

From 4e18ab61d79abc7eb191a8ea534742d65e246c11 Mon Sep 17 00:00:00 2001
From: JuliusR <>
Date: Sat, 18 Dec 2021 14:56:27 +0100
Subject: [PATCH 2/2] update Gemfile.lock after
 fe027ff57fe6478c845c50b13a1d3e78ca69b3d1

---
 Gemfile.lock | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Gemfile.lock b/Gemfile.lock
index 3e7524c..10972b4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -114,6 +114,7 @@ GEM
     marcel (1.0.2)
     matrix (0.4.2)
     method_source (1.0.0)
+    midi-smtp-server (3.0.2)
     mini_mime (1.1.2)
     mini_portile2 (2.6.1)
     minitest (5.15.0)
@@ -246,6 +247,7 @@ DEPENDENCIES
   haml-rails (~> 2.0)
   jbuilder (~> 2.7)
   listen (~> 3.3)
+  midi-smtp-server
   puma (~> 5.0)
   rack-mini-profiler (~> 2.0)
   rails (~> 6.1.4, >= 6.1.4.4)