Displaying 20 results from an estimated 700 matches similar to: "Can't mass-assign protected attributes even if I use attr_accessible"
2012 Apr 13
0
Scoped attr_accessible not working?
Please refer to the ActiveModel MassAssignmentSecurity api<http://api.rubyonrails.org/classes/ActiveModel/MassAssignmentSecurity/ClassMethods.html>for this.
I''m on Rails3.2.3/Ruby1.9.3 and trying to use that technique in the
controller as described. It is supposed to dynamically restrict the
attributes that can be mass assigned. However, sanitize_for_mass_assignment
is ignoring
2010 Dec 16
0
MassAssignmentSecurity for multiple contexts
I need to add some mass assignment protection (ala
ActiveModel::MassAssignmentSecurity) but I can''t find how to do it
contextually. For example, in one controller action I want to to
whitelist attributes x, y and z and in another I want to whitelist
attribs y and z. How can I do that? The attr_accessible function has a
class-wide scope, whether in a model or in a controller. But I would
2011 Feb 03
5
Ignore attr_accessible in seed file
Is there a way to tell Rails to ignore attr_accessible when seeding the
database and to allow mass assignment with create or new?
I know how to skip validations but do not find anything on mass
assignment...
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to
2012 Jul 09
10
attr_accessible on some properties + attr_protected on others makes class 'open-by-default'
(I posted this as a bug in GitHub
(https://github.com/rails/rails/issues/7018), but then someone there told
me I should post it here, so here it is.)
If you set attr_accessible on some properties in an ActiveRecord-descended
class, and then attr_protected on others - the class becomes ''default-open''
- if any properties are missed or added later, they will be accessible by
2011 Mar 07
3
difference between attr_accessor and attr_accessible?
Hi,
What''s the difference between attr_accessor and attr_accessible?
Is attr_accessor to create a virtual variable/object and attr_accessible
makes it accessible? Do you need attr_accessible if you already have
attr_accessor?
Thanks!
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails:
2005 Oct 14
1
Diff between attr_accessible and attr_accessor
I''m going though the paper back edition of agile development with Rails. On
page #128 I encountered following lines of code:
attr_accessor :password
attr_accessible :name,:password
What''s the difference between attr_accessor and attr_accessible?
-=- Neeraj
_______________________________________________
Rails mailing list
2008 Dec 28
0
:attr_accessible to protect all attributes
Hi,
I would like to protect all the attributes of one of my model. This
ticket talks about this issue: http://dev.rubyonrails.org/ticket/9631 ,
and a patch to the documentation was submitted:
http://dev.rubyonrails.org/changeset/8032 , which actually states that
defining :attr_accessible alone, means all attributes are protected.
However when I look at the rails API page for attr_accessible, I
2006 Jan 12
9
Scaffold shows all attributes altough I use attr_accessible!
Hi all
I have a Model like this:
class Member < ActiveRecord::Base
attr_accessible :username, :email, :first_name, :last_name
end
I have created a scaffold using script/generate scaffold member members
Using the URL localhost:3000/members/edit/1 I can edit all attributes,
including created_at, lock_version etc.! But it should only show the
attributes I listed in attr_accessible!
What
2009 Nov 27
2
attr_accessible & attr_accessor - what's the difference?
i''m still new to rails and working on digesting everything i come
across. recently i came across these two. what is the difference
between attr_accessor and attr_accessible?
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to
2008 Aug 31
0
attr_accessible & site administrator issue
I''m working on an app which has a :featured_at in Users and Groups
tables. The attribute enables a site admin to set records to a
:featured_at datetime. There''s named spaced admin controllers for the
Users and Groups. The problem is, to set the :featured_at in the admin
controllers for users and groups, the attribute had to be exposed under
attr_accessible in User.rb and
2007 Jan 24
2
attr_accessor vs attr_accessible
Please guide me how to use those two methods. I can''t differentiate
them. I was doing something on my model and I have put one field in the
attr_accessible method. After that when I try to run the app the app
always says my other fields are blank, but they''re all filled up.
What''s wrong with it?
Thanks
--~--~---------~--~----~------------~-------~--~----~
You received
2010 Nov 02
7
Testing attr_accessible (and/or attr_protected)
I''ve been puzzling over how to test that attr_accessible has been set
for the correct columns; but the tests I''ve come up with so far seem
to fail to fail when I expect. I came across this old message from
this list:
http://www.mail-archive.com/rspec-users at rubyforge.org/msg01570.html
Which seemed like a plausible example, but my attempt (modeled on the
example)
2014 Jun 11
0
my webpage does not send emails confimation/notification
Hello everybody
I have a problem with my inquireis, when I want to contact and I send the
message, I must receive two emails one of confirmation (client) and other
of notification (admin of the web page) but it does not send.
The webpage work in production environment.
When I watch the log (production.log) I seed this:
>
> There was an error delivering an inquiry confirmation:
> 503
2007 Oct 16
12
Example for attr_accessible?
Is anyone out there writing specs to check attr_accessible fields? I had
originally written my spec to check for allowing the desired fields, and
then none of the other regular db fields. Unfortunately this isn''t
satisfactory, because attr_protected could have been used instead, which
of course wouldn''t prevent mass assignment to any whatever=(val) method.
I''m thinking
2009 Jan 08
1
Which "acts_as_taggable" plugin is the best?
Hi all,
I want to implement tagging for my resources, but I found lots
"acts_as_taggable" available: "acts_as_tabble", "acts_as_taggable_on",
"acts_as_taggable_on_steroid", etc. Some of them are not in active
development, and I do not know which one is more popular. So, any
suggestions? Thanks in advance!
Difei.
--
Posted via http://www.ruby-forum.com/.
2009 Nov 22
2
WARNING: Can't mass-assign these protected attributes: active
Hi,
I''m trying to understand this error:
WARNING: Can''t mass-assign these protected attributes: active
I had this error before when creating a record.I did not mark the attibutes
posted from the form as attr_accessible, so when the following line tries to
execute it throwed an Warning in the log, and the record was not saved.
@user = User.new(params[:user])
I find out that I
2011 Aug 04
3
#create tests fail when I add FriendlyId to my model
I am doing controller testing, and I can''t seem to get the create
method test to pass when friendly_id is added to the mix. If I comment
it out of the model, the tests all pass perfectly. The moment I add it
back in, the error looks like this:
1) Error:
test_create_valid(BrandsControllerTest):
FriendlyId::BlankError: FriendlyId::BlankError
2010 Jan 21
2
nested forms and attr_accessable
Rails 2.3.5
I am working on a nested form that assigns roles to users through a
table called clearances. I have attr_acessable turned off globally in
an initializer:
ActiveRecord::Base.send(:attr_accessible, nil)
I have this set in clearance.rb
attr_accessible(:description,
:effective_from,
:role_id,
:superceded_after,
:user_id)
And this is what params looks like after the
2013 Mar 04
2
accepts_nested_attributes: undefined method 'association'_attributes
I have 2 models Timesheet and TimeEntry:
class Timesheet < ActiveRecord::Base
attr_accessible :status, :user_id, :time_entries_attributes
has_many :time_entries, dependent: :destroy
accepts_nested_attributes_for :time_entries, :reject_if => proc {
|attributes| attributes[''worktime''].blank? }
end
class TimeEntry < ActiveRecord::Base
attr_accessible :task_id,
2013 Jan 12
1
showing posts in blog
When I make a new post in my blog, it returns this when I try to view my
current posts:
---------------------------------------------------------------------------
ActiveModel::MassAssignmentSecurity::Error in PostsController#create
Can''t mass-assign protected attributes: text
Rails.root: C:/Users/Josh Koloff/Desktop/Programming Stuff/Rails
Stuff/blog
Application Trace | Framework