From b0a70f0ba33f8b61ae25c1b73afd736f188f78ba Mon Sep 17 00:00:00 2001
From: Matt-Yorkley <9029026+Matt-Yorkley@users.noreply.github.com>
Date: Tue, 17 Nov 2020 19:48:27 +0000
Subject: [PATCH] Improve TaxonController strong params handling

---
 app/controllers/api/taxons_controller.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/api/taxons_controller.rb b/app/controllers/api/taxons_controller.rb
index e389caea7b..4732c52361 100644
--- a/app/controllers/api/taxons_controller.rb
+++ b/app/controllers/api/taxons_controller.rb
@@ -22,7 +22,7 @@ module Api
 
     def create
       authorize! :create, Spree::Taxon
-      @taxon = Spree::Taxon.new(taxon_params[:taxon])
+      @taxon = Spree::Taxon.new(taxon_params)
       @taxon.taxonomy_id = params[:taxonomy_id]
       taxonomy = Spree::Taxonomy.find_by(id: params[:taxonomy_id])
 
@@ -68,7 +68,9 @@ module Api
     end
 
     def taxon_params
-      params.permit(taxon: [:name, :parent_id])
+      return if params[:taxon].blank?
+
+      params.require(:taxon).permit([:name, :parent_id])
     end
   end
 end