aboutsummaryrefslogblamecommitdiffstats
path: root/activemodel/lib/active_model/forbidden_attributes_protection.rb
blob: d2c6a89cc2b89e744b303b11bc47b44603bd5b8f (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
12
13
                  











                                                                  
                                                

     

                                                
                                                  


                                                                               


                    
         
                                                                        

     
module ActiveModel
  # Raised when forbidden attributes are used for mass assignment.
  #
  #   class Person < ActiveRecord::Base
  #   end
  #
  #   params = ActionController::Parameters.new(name: 'Bob')
  #   Person.new(params)
  #   # => ActiveModel::ForbiddenAttributesError
  #
  #   params.permit!
  #   Person.new(params)
  #   # => #<Person id: nil, name: "Bob">
  class ForbiddenAttributesError < StandardError
  end

  module ForbiddenAttributesProtection # :nodoc:
    protected
      def sanitize_for_mass_assignment(attributes)
        if attributes.respond_to?(:permitted?)
          raise ActiveModel::ForbiddenAttributesError if !attributes.permitted?
          attributes.to_h
        else
          attributes
        end
      end
      alias :sanitize_forbidden_attributes :sanitize_for_mass_assignment
  end
end