aboutsummaryrefslogblamecommitdiffstats
path: root/activemodel/lib/active_model/forbidden_attributes_protection.rb
blob: 4c05b19cba2b56e6ca6c59ef64c5ddb92192102f (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
12
13
                  











                                                                  
                                                

     







                                                                        
         

     
module ActiveModel
  # Raised when forbidden attributes are used for mass assignment.
  #
  #   class Person < ActiveRecord::Base
  #   end
  #
  #   params = ActionController::Parameters.new(name: 'Bob')
  #   Person.new(params)
  #   # => ActiveModel::ForbiddenAttributesError
  #
  #   params.permit!
  #   Person.new(params)
  #   # => #<Person id: nil, name: "Bob">
  class ForbiddenAttributesError < StandardError
  end

  module ForbiddenAttributesProtection # :nodoc:
    protected
      def sanitize_for_mass_assignment(attributes, options = {})
        if attributes.respond_to?(:permitted?) && !attributes.permitted?
          raise ActiveModel::ForbiddenAttributesError
        else
          attributes
        end
      end
  end
end