Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
MassAssignmentSecurity: add ability to specify your own sanitizer #1334
With respect to discussion:
Added an ability to specify your own behavior on mass assingment
I hope this is right way to do it. Because I don't understand how the customizations can be done without monkey patch or configuration option.
BTW code seems more clean now even without customization benefits.
If there is still something I need to fix please let me know.
pushed a commit
this pull request
May 26, 2011
My plan now is to make
That do you think, guys?
This comment has been minimized.
This comment has been minimized.Show comment Hide comment
I think it is a good idea, but, if we are going to have a main API for that, we should support symbols to be given:
config.active_record.mass_assignment_sanitizer = :strict
And then we would do a constant lookup for StrictSanitizer in the current class, what do you think? And also what do you think about renaming DefaultSanitizer to LoggerSanitizer?