Routes are actually ensuring the id is always there

This commit is contained in:
David Heinemeier Hansson
2024-10-19 19:37:46 -07:00
parent aef3c8ca32
commit e75e585f03
+1 -1
View File
@@ -13,7 +13,7 @@ class Accounts::UsersController < ApplicationController
private
def set_user
@user = Current.account.users.active.find(params.expect(:id))
@user = Current.account.users.active.find(params[:id])
end
def ensure_permission_to_remove