Merge remote-tracking branch 'upstream/master'

author: Olli Jokinen <olli.jokinen@enemy.fi> 2011-12-01 15:32:59 +0200
committer: Olli Jokinen <olli.jokinen@enemy.fi> 2011-12-01 15:32:59 +0200
commit: b4e1903d23a760028d58bc3bb20a1d491bfd4a4b (patch)
tree: a40bdce1bd4800124ab6eaed2a6be017bf9cfd3d /activemodel/lib/active_model/mass_assignment_security
parent: fae9ad9c712decef70b379f5aa1faa0149902831 (diff)
parent: 1e51cd957e3c90f4be35f1f0c4c380d8f7d40d66 (diff)
download: rails-b4e1903d23a760028d58bc3bb20a1d491bfd4a4b.tar.gz
rails-b4e1903d23a760028d58bc3bb20a1d491bfd4a4b.tar.bz2
rails-b4e1903d23a760028d58bc3bb20a1d491bfd4a4b.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
index bb0526adc3..bbdddfb50d 100644
--- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
+++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
@@ -44,8 +44,13 @@ module ActiveModel
 
     class StrictSanitizer < Sanitizer
       def process_removed_attributes(attrs)
+        return if (attrs - insensitive_attributes).empty?
         raise ActiveModel::MassAssignmentSecurity::Error, "Can't mass-assign protected attributes: #{attrs.join(', ')}"
       end
+
+      def insensitive_attributes
+        ['id']
+      end
     end
 
     class Error < StandardError
author	Olli Jokinen <olli.jokinen@enemy.fi>	2011-12-01 15:32:59 +0200
committer	Olli Jokinen <olli.jokinen@enemy.fi>	2011-12-01 15:32:59 +0200
commit	b4e1903d23a760028d58bc3bb20a1d491bfd4a4b (patch)
tree	a40bdce1bd4800124ab6eaed2a6be017bf9cfd3d /activemodel/lib/active_model/mass_assignment_security
parent	fae9ad9c712decef70b379f5aa1faa0149902831 (diff)
parent	1e51cd957e3c90f4be35f1f0c4c380d8f7d40d66 (diff)
download	rails-b4e1903d23a760028d58bc3bb20a1d491bfd4a4b.tar.gz rails-b4e1903d23a760028d58bc3bb20a1d491bfd4a4b.tar.bz2 rails-b4e1903d23a760028d58bc3bb20a1d491bfd4a4b.zip