search for: attr_protect

Displaying 20 results from an estimated 59 matches for "attr_protect".

Did you mean: attr_protected
2012 Jul 09
10
attr_accessible on some properties + attr_protected on others makes class 'open-by-default'
(I posted this as a bug in GitHub (https://github.com/rails/rails/issues/7018), but then someone there told me I should post it here, so here it is.) If you set attr_accessible on some properties in an ActiveRecord-descended class, and then attr_protected on others - the class becomes ''default-open'' - if any properties are missed or added later, they will be accessible by default to MassAssignment. This undoes the entire point of having put attr_accessible in one''s class. Two possible solutions - #1) ''defau...
2006 Jun 07
4
Question: coding protected methods
...ramp up on Ruby and coding Ruby in Rails, however it''s my 3rd day with this beast :) so I''m asking : When I added protected methods to the model before it was like: protected method.................... end Would this be a valid way to write a protected method as well ?: attr_protected :column1, :column2 Perhaps this particular call is already protected inherent to the call, yet do I need to surround it with "protected" and "end" ? TIA Stuart -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/piper...
2005 Sep 28
0
Is the primary key of a model already attr_protected?
Offhand does anyone know if the primary key of a model (typically id) attr_protected by default? If its not, why isn''t it? - Jeff _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
2007 Jan 26
7
How to protect attributes from being updated?
Hi! I''m new to Rails! Rails rox! 1 quesion so far: I have :email attribute in User model. I dont'' want :email to allow to be updated. How do i do this with Rails? Do I have to implement required validation manually? Thanks! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails:
2007 May 30
9
Specify attr_protected
...rom mass assignment. The example looks like this: describe Order do it "should protect total attribute from mass assignment" do @order = Order.new(:total => 0.05) @order.total.should_not == 0.05 end end And the code to implement it: class Order < ActiveRecord::Base attr_protected :total end It seems to work, but is there a better way? Not saying that this way is bad, just that I''m very green :) Question Two: I actually have a bunch of attributes that need to be protected. Rather than hand-writing a call to the ''it'' method for each attribute,...
2010 Nov 02
7
Testing attr_accessible (and/or attr_protected)
I''ve been puzzling over how to test that attr_accessible has been set for the correct columns; but the tests I''ve come up with so far seem to fail to fail when I expect. I came across this old message from this list: http://www.mail-archive.com/rspec-users at rubyforge.org/msg01570.html Which seemed like a plausible example, but my attempt (modeled on the example)
2005 Mar 07
3
exclude an attribute from save
Hi, I''ve used .save to save the attributes, but on my table there is an autoincrementing id (not the primary key) that doesn''t need to be inserted... but save try to INSERT it anyway... is there a way to avoid save from acting this way or to whisper him to be more polite this time? ;) Thanks, Enrico -- "The only thing necessary for the triumph of evil is for good men to do
2006 Mar 22
3
STI and ActiveRecord attributes unprotected
Hi, This does not seem to be covered anywhere. Since base class extends ActiveRecord with a table that has fields for all heirs, would that mean that any heir class can access any of those attributes, including ones that belong to other heirs? Or I am missing something? -- Posted via http://www.ruby-forum.com/.
2009 Jun 21
1
cannot do mass_assignment when inherited class ?
I got the following error when trying to create the elibrary instance (rdb:21) @elibrary = Elibrary.new(params[:elibrary]) RuntimeError Exception: Declare either attr_protected or attr_accessible for Elibrary, but not both. params : "elibrary"=>{"title"=>"bingo three", "short_description"=>"something new", "description"=>"<p>fsdfgdsg</ p>"} Elibrary is declared as inheri...
2011 Apr 27
2
Can not create model instance via params on specific model but can on others....
Anyone have an idea on this? Got a weird situation where on a specific model I can not create an instance using params, yet it works fine on other models. The model which does not work is a stock model, there is no logic in it. Ruby 1.8.7/Rails 3.0.5. Does not work: (rdb:1) PaymentTransaction.create(:purchase_id => 3) #<PaymentTransaction id: 2, purchase_id: nil, action: nil, amount: nil,
2006 Jun 30
3
@foo = Bar.new(params[:foo])
While doing @foo = Bar.new(params[:foo]) in a controller, the application is open to injection attacks. For example, My model has following attributes : name password admin - boolean Now, if on my form I''m just acception name & password, and doing @foo = Bar.new(params[:foo]) in my controller, someone can just enter following in form : <%= text_field ''foo'',
2006 Jun 21
5
model with not te be updated attributes ?
Hi List, I have a table that contains several fields that must be initialized when first created, but may not be altered afterwards (when updating the other fields) because they can be changed by external processes. I noticed that the ActiveRecord update commands (even update_attribute) only seem to work by loading the complete record, changing fields that need to be changed and doing a full
2008 May 25
2
record will absolutely not save! so weird, please help.
...uot;2008-05-25", amount: #<BigDecimal: 46958f8,''0.5E1'',4(8)>, created_at: nil, updated_at: nil, invoice_id: nil, creator: nil, check_number: nil, payable_type: "Student", payable_id: 608> >> p.valid? => false >> p.school_id = 1 # school_id is attr_protected => 1 >> p.valid? => true >> p.save => nil >> p.save! => nil >> p.save_with_validation => true Why is save returning nil? Why is save_with_validation working? I have a Tuition model that is very similar to the Payment model and it does not have this problem...
2007 Dec 16
4
Make AR setter methods private?
Hi, I have a AR model that I want to limit changes to be only via instance methods that I''ve added. How do I prevent my other sw from setting the instance''s attributes? I know about #attr_protected and #attr_readonly. But the first leaves the individual setters as they were and the second stops all changes. I want something like "attr_private" Thoughts? Thanks, Larry -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received...
2009 Jun 09
3
protect_from_forgery doesnt protect from forgery
Maybe I am grasping the full usage of this protect_from_forgery function, but it does not seem to work for me. Imagine the following: A simple website with a user that needs to log in to do certain stuff and a closed off admin section that only certain users can access that have the is_admin field set to true. So to be clear, my User model has a login, password and is_admin. When displaying the
2007 May 21
7
How do I stop a column being updated by model.save?
...er, the UPDATE statement produced by update_attributes will still assign a value to this column. Even though its unlikely, if the separate process updates the record in the time betweent the find, and the update, then the new value will be lost. Is there a way to prevent this from happening? p.s. attr_protected doesn''t help me -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA...
2006 Jun 07
1
validates_presence_of in a mixed-in module?
Anyone got any idea of how to use built-in validation methods in a mixed-in module. What I''ve got at the moment is each class that needs ranking methods includes [the module] Ranking. Then the module Ranking has a bunch of instance methods and a submodule ClassMethods. The ClassMethods in this are mixed in to the class with self.included. So far so good. But I want the module to
2006 May 30
1
Read-Only Model Attributes AFTER creation?
Howdy, I''m writing an ''edit profile'' screen. I was writing some tests first (yay!), and I realized that, if you were smart, you could use the edit form to change your username. I know I could use attr_protected on username, but that would still allow for usernames to be changed (abeit not through the form). How can I make the username read only AFTER the object has been created? Is attr_reader what I need? I thought about doing it with before_validation_on_update, but I''m not sure as to wh...
2008 Jul 10
0
User.protected_attributes returning empty Set instead of nil -- causing activerecord/lib/base:2307 to raise
I have a model that uses attr_accessible, and in my tests I get this: RuntimeError (Declare either attr_protected or attr_accessible for User, but not both.): /var/lib/gems/1.8/gems/activerecord-2.0.2/lib/active_record/ base.rb:2307:in `remove_attributes_protected_from_mass_assignment'' /var/lib/gems/1.8/gems/activerecord-2.0.2/lib/active_record/ base.rb:2114:in `attributes='' /va...
2009 Mar 02
0
Implementing conditional read-only attributes of ActiveRecord objects
Hello, my goal is to implement the option of specifying a condition in attr_protected, attr_readonly and possibly other attribute methods in ActiveRecord objects. Rationale (example): class User < AR:Base # User should not be able to modify fields any more once they have been verified attr_readonly :firstname, :lastname, :gender_id, :birthdate, :if => :passport_verifie...