GitHub - jondahl/inaccessible_attributes: Disables mass assignment by default, requiring attr_accessible to specify safe attributes. Also improves mass-assignment related logging.

jondahl / inaccessible_attributes Public

Notifications You must be signed in to change notification settings
Fork 1
Star 1

Disables mass assignment by default, requiring attr_accessible to specify safe attributes. Also improves mass-assignment related logging.

www.railspikes.com

MIT license

1 star 2 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
lib/eric_chapweske		lib/eric_chapweske
tasks		tasks
test		test
MIT-LICENSE		MIT-LICENSE
README		README
Rakefile		Rakefile
init.rb		init.rb
install.rb		install.rb
uninstall.rb		uninstall.rb

Repository files navigation

Inaccessible Attributes
=======================

This plugin disables mass assignment by default, and prevents the use of attr_protected. Attributes safe for mass assignment must be specified using attr_accessible. Logging is also improved to help prevent attr_accessible-related errors:
* A message is displayed during migrations as a reminder to use attr_accessible for newly added attributes.
* The 'removed from mass assignment' logger warning is more noticeable in development.

Disabling Inaccessible Attributes
=================================
Some third party/legacy code may not play nice with this plugin.
The behavior can be disabled with the disable_mass_assignment method:
=> ThirdPartyModel.send(:disable_mass_assignment, false)

In your own classes, the plugin must be disabled before the offending code is mixed in.
class MyModel < ActiveRecord::Base
  disable_mass_assignment false
  include BehaviorWithAttrProtected 

  ...
end

Keep a look out for potential mass assignment problems during testing:
tail -f log/test.log | grep WARNING

Copyright (c) 2008 Eric Chapweske, released under the MIT license