Overview
GeneralizedApi will currently expose all models within the application to requests provided the requestor knows the exact name of the model in camel case form. This is enough to delete, show and index records, even if there is no permitted_params listing for the model.
Ideally in the same way that the user can set the permitted attributes for modification on each model, there should be a way to state which models may be exposed.
Overview
GeneralizedApi will currently expose all models within the application to requests provided the requestor knows the exact name of the model in camel case form. This is enough to delete, show and index records, even if there is no permitted_params listing for the model.
Ideally in the same way that the user can set the permitted attributes for modification on each model, there should be a way to state which models may be exposed.