eac / inaccessible_attributes
watch download tarball
public
Forks1Right
Watchers5Right
Description: Disables mass assignment by default, requiring attr_accessible to specify safe attributes. Also improves mass-assignment related logging.
Homepage: http://www.railspikes.com
Clone URL: git://github.com/eac/inaccessible_attributes.git
100644 26 lines (19 sloc) 1.123 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

Inaccessible Attributes
=======================
 
This plugin disables mass assignment by default, and prevents the use of attr_protected. Attributes safe for mass assignment must be specified using attr_accessible. Logging is also improved to help prevent attr_accessible-related errors:
* A message is displayed during migrations as a reminder to use attr_accessible for newly added attributes.
* The 'removed from mass assignment' logger warning is more noticeable in development.
 
Disabling Inaccessible Attributes
=================================
Some third party/legacy code may not play nice with this plugin.
The behavior can be disabled with the disable_mass_assignment method:
=> ThirdPartyModel.send(:disable_mass_assignment, false)
 
In your own classes, the plugin must be disabled before the offending code is mixed in.
class MyModel < ActiveRecord::Base
  disable_mass_assignment false
  include BehaviorWithAttrProtected 
 
  ...
end
 
Keep a look out for potential mass assignment problems during testing:
tail -f log/test.log | grep WARNING
 
Copyright (c) 2008 Eric Chapweske, released under the MIT license