If you're like me you inherit a lot of projects which have very different styles. Today I ran into a project that had never used attr_accessible and I found a total gotcha: * If there are no attr_accessible attributes on a model it's open, any attribute can be written with .update_attributes() or a similar mass-assignment function. * If there is even one attr_accessible the model is closed except for those attributes defined to be attr_accessible. So there is an implicit toggle involved in attr_accessible as well as the actual desired functionality of allowing an attribute to be mass-assigned. I'd never worked on a project that wasn't using attr_accessible (count my lucky stars it seems) so i'd never seen this problem before. Also, try not to confuse attr_accessor and attr_accessible. The latter is a rails security function, the former just defines an instance variable. Mass assignment, or assignment of any kind won't really work on the former from within rails.
Recent Nuggets
-
How to write onboarding docs for...
April 11, 2024 -
What does Chuck actually _do_
November 09, 2023 -
Announcing 'Bite-sized Chuck nug...
October 19, 2023
Recent Posts
-
Setting Bulkhead parameters befo...
August 24, 2023 -
How does `docker build` even work?
August 02, 2023 -
Testing rack middleware in a req...
January 06, 2015 -
Rails attr_accessible gotcha
June 29, 2011 -
Playing Drupal the card game the...
September 20, 2010