Disables mass assignment by default, requiring attr_accessible to specify safe attributes. Also improves mass-assignment related logging.
Ruby
Pull request Compare This branch is 12 commits ahead of eac:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
test
MIT-LICENSE
README.markdown
Rakefile
init.rb
install.rb
uninstall.rb

README.markdown

Inaccessible Attributes

This plugin disables mass assignment by default, and prevents the use of attr_protected. Attributes safe for mass assignment must be specified using attr_accessible. Logging is also improved to help prevent attr_accessible-related errors:

  • A message is displayed during migrations as a reminder to use attr_accessible for newly added attributes.
  • Exceptions are raised on mass assignment of unsafe attributes

Disabling Inaccessible Attributes

Some third party/legacy code may not play nice with this plugin. The behavior can be disabled with the disable_mass_assignment method:

ThirdPartyModel.send(:disable\_mass\_assignment, false)

In your own classes, the plugin must be disabled before the offending code is mixed in.

class MyModel < ActiveRecord::Base
  disable_mass_assignment false
  include BehaviorWithAttrProtected 

  ...
end

Copyright (c) 2008 Eric Chapweske, released under the MIT license

Updated by Zencoder for use with Rails 2.3