Skip to content

Allow to specify roles for mass-assignment as array #1829

Merged
merged 2 commits into from Jun 23, 2011

4 participants

@wildchild

Currently we must write:

class User
  attr_accessible :email
  attr_accessible :email, :as => :admin
end

I believe alternate syntax is useful:

class User
  attr_accessible :email, :as => [:default, :admin]
end
@dmathieu dmathieu commented on the diff Jun 23, 2011
activemodel/lib/active_model/mass_assignment_security.rb
@@ -111,7 +111,10 @@ module ActiveModel
role = options[:as] || :default
@dmathieu
dmathieu added a note Jun 23, 2011

As there can be several roles now, this variable should be roles to improve readability.

@wildchild
wildchild added a note Jun 23, 2011

But there can be just one role. It's actually role(s).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@josevalim josevalim commented on an outdated diff Jun 23, 2011
activemodel/lib/active_model/mass_assignment_security.rb
@@ -111,7 +111,10 @@ module ActiveModel
role = options[:as] || :default
self._protected_attributes = protected_attributes_configs.dup
- self._protected_attributes[role] = self.protected_attributes(role) + args
+
+ Array(role).each do |name|
@josevalim
Ruby on Rails member
josevalim added a note Jun 23, 2011

Please require and use Array.wrap here. It is a convention inside Rails source code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@josevalim
Ruby on Rails member

I have added a comment. Besides that, everything is great. Thanks for the pull request.

@wildchild

Done. Could it be applied to 3.1-stable?

@josevalim josevalim merged commit 4389fc9 into rails:master Jun 23, 2011
@josevalim
Ruby on Rails member

Please provide a pull request for 3-1-stable.

@crizCraig

Shouldn't the active_authorizer be set on a role by role basis as well? For example if I set

attr_protected :as => :admin

All attributes will be accessible to all roles.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.