Replace attr_accessible with strong parameters

[rails.git] / app / controllers / notes_controller.rb

diff --git a/app/controllers/notes_controller.rb b/app/controllers/notes_controller.rb
index 9c6eb94572488e75e5a99e6ddeb3b8a3c2617491..cab04a0b921a845dd647a8a99bd75f725b074173 100644 (file)
--- a/app/controllers/notes_controller.rb
+++ b/app/controllers/notes_controller.rb
@@ -59,16 +59,8 @@ class NotesController < ApplicationController
     raise OSM::APIBadUserInput.new("No text was given") if params[:text].blank?
 
     # Extract the arguments
-    begin
-      lon = Float(params[:lon])
-    rescue
-      raise OSM::APIBadUserInput.new("lon was not a number")
-    end
-    begin
-      lat = Float(params[:lat])
-    rescue
-      raise OSM::APIBadUserInput.new("lat was not a number")
-    end
+    lon = OSM.parse_float(params[:lon], OSM::APIBadUserInput, "lon was not a number")
+    lat = OSM.parse_float(params[:lat], OSM::APIBadUserInput, "lat was not a number")
     comment = params[:text]
 
     # Include in a transaction to ensure that there is always a note_comment for every note
@@ -355,7 +347,7 @@ private
       attributes[:author_ip] = request.remote_ip
     end
 
-    comment = note.comments.create(attributes, :without_protection => true)
+    comment = note.comments.create(attributes)
 
     note.comments.map { |c| c.author }.uniq.each do |user|
       if notify and user and user != @user