RSpec
Ruby on Rails
Ruby
v3.0.0 -
Show latest stable
-
0 notes
- 1.0.0
- 1.1.0
- 1.1.1
- 1.1.6
- 1.2.0
- 1.2.6
- 2.0.0
- 2.0.1
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.2
- 2.3.8
- 3.0.0 (0)
- 3.0.5 (0)
- 3.0.7 (0)
- 3.0.9 (-5)
- 3.1.0 (-3)
- 3.2.1 (38)
- 3.2.3 (0)
- 3.2.8 (0)
- 3.2.13 (0)
- What's this?
-
accessible_attributes
-
accessible_attributes_configs
(>= v3.1.0)
-
active_authorizer
-
active_authorizers
(>= v3.1.0)
-
attr_accessible
-
attributes_protected_by_def...
-
attr_protected
-
mass_assignment_sanitizer=
(>= v3.2.1)
-
protected_attributes
-
protected_attributes_configs
(>= v3.1.0)
= private
= protected
Mass assignment security provides an interface for protecting attributes from end-user assignment. For more complex permissions, mass assignment security may be handled outside the model by extending a non-ActiveRecord class, such as a controller, with this behavior.
For example, a logged in user may need to assign additional attributes depending on their role:
class AccountsController < ApplicationController
include ActiveModel::MassAssignmentSecurity attr_accessible :first_name, :last_name def self.admin_accessible_attributes accessible_attributes + [ :plan_id ] end def update ... @account.update_attributes(account_params) ... end protected def account_params sanitize_for_mass_assignment(params[:account]) end def mass_assignment_authorizer admin ? admin_accessible_attributes : super end
end
