Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Access control for ActiveModel/ActiveRecord attributes
branch: master
Failed to load latest commit information.
lib Initial commit
spec Initial commit
.gitignore Initial commit
.rspec Initial commit
Gemfile Initial commit
LICENSE.txt Initial commit
README.rdoc Initial commit
Rakefile Initial commit
VERSION Initial commit
active_access.gemspec Initial commit



The ActiveAccess mixin makes it easy to limit access to ActiveModel and ActiveRecord attributes by declaring generated attribute accessor methods private.

Mixing the ActiveAcess::AttributeMethods into a class that mixes in ActiveModel::AttributeMethods or is derived from ActiveRecord::Base adds the attr_private and attr_private_writer macros.

These macros change the behavior of define_attribute_methods to declare generated attribute accessors private: attr_private declares all accessors for an attribute private; attr_private_writer declares only writer methods private.

ActiveAccess recognizes the following attribute reader method name patterns:


ActiveAccess recognizes the following attribute writer method name patterns:



class Widget < ActiveRecord::Base

  include ActiveAccess::AttributeMethods

  attr_private_writer :read_me

  attr_private :secret

end :read_me  # => true = "new value" # raises NoMethodError :secret   # => false = "new value"  # raises NoMethodError


ActiveAccess only restricts access to named attribute accessors. Unnamed accessors such as ActiveRecord read_attribute and write_attribute as well as hash-style access are not restricted. Attribute aliases are also unrestricted.

ActiveRecord does not allow attributes with private writers to be initialized (i.e. passed as parameters to new) or mass-assigned (passed as parameters to assign_attributes or attributes=).


Copyright © 2012 Riley Lynch, Teleological Software, LLC. See LICENSE.txt for further details.

Something went wrong with that request. Please try again.