diff --git a/app/controllers/badges_controller.rb b/app/controllers/badges_controller.rb
index 5d7b3d28e81ae339e10a20ec594c642329234f1b..a96a27f072fe27a7a67d089fed180d05c96ef990 100644
--- a/app/controllers/badges_controller.rb
+++ b/app/controllers/badges_controller.rb
@@ -62,16 +62,16 @@ class BadgesController < ApplicationController
end
def award_save
+ permitted_parameters = params.require(:user_badge).permit(:badge_type, :badge_source_type,
+ :badge_source_id, :user, :badge)
+ @user = User.find_by(id: permitted_parameters[:user])
+ @badge = Badge.find_by(id: permitted_parameters[:badge])
+ @user_badge = UserBadge.new(permitted_parameters.merge(user: @user, badge: @badge,
+ badge_type: permitted_parameters[:badge_type]))
+
@entity_types = badge_source_types
- @user = User.find_by(id: params[:user_badge][:user])
- @badge = Badge.find_by(id: params[:user_badge][:badge])
- @user_badge = UserBadge.new(params.require(:user_badge).permit(:badge_type, :badge_source_type,
- :badge_source_id)
- .merge(user: @user, badge: @badge,
- badge_type: params[:user_badge][:badge_type].to_i))
-
- unless badge_source_types.include? @user_badge.badge_source_type
- flash[:danger] = 'Post Type is invalid.'
+ unless @entity_types.include? @user_badge.badge_source_type
+ flash[:danger] = 'Entity Type is invalid.'
redirect_to :award, status: :bad_request
return
end
diff --git a/app/views/badges/award.html.erb b/app/views/badges/award.html.erb
index af291cd3a41ab9b9394986fa78c8729da26f1c99..ddadfed590011457ab41fa367f25f665b32c3b29 100644
--- a/app/views/badges/award.html.erb
+++ b/app/views/badges/award.html.erb
@@ -21,7 +21,7 @@
<div class="form-group">
<%= f.label :badge_type, 'Type', class: 'form-element' %>
- <%= f.select :badge_type, UserBadge.badge_types.keys,
+ <%= f.select :badge_type, options_for_select(UserBadge.badge_types.keys.to_a ),
{ include_blank: false }, class: 'form-element' %>
</div>