Thursday, September 26, 2013

attr_accessible list in rails / Mass assignment

The attr_accessible list is used as a security precaution in certain versions of rails to ensure people can not get access to model variables by modifying form data. If you want to turn off the mass assignment protection in your dev/test environments, you can do so by modifying your environment configuration file in /environments.

Look for  "config.active_record.mass_assignment_sanitizer = :strict"

I don't really think you should need turn this off, but if you are running into mass assignment exceptions with your testing tools you can't resolve by adding attributes to your attr_accessible list, it might be useful.

No comments:

Post a Comment