diff options
| author | Bogdan Gusiev <agresso@gmail.com> | 2011-12-22 10:57:06 +0200 |
|---|---|---|
| committer | Bogdan Gusiev <agresso@gmail.com> | 2011-12-22 10:57:06 +0200 |
| commit | 46ec75661d00d788da40a06f6c71092250a7103e (patch) | |
| tree | 2e9b783d216c49a29f6932596156bfeb477b46c7 /activemodel/lib | |
| parent | 24a6609ea3a41f3ddc82f06e0ead429d01532ceb (diff) | |
| download | rails-46ec75661d00d788da40a06f6c71092250a7103e.tar.gz rails-46ec75661d00d788da40a06f6c71092250a7103e.tar.bz2 rails-46ec75661d00d788da40a06f6c71092250a7103e.zip | |
Fixed AM::MasAsSec.attr_protected usage example.
Problems with current example:
* DOESN'T WORK
** attr_protected :last_login, :as => :admin # doesn't make it accessible for admin
* Uses ActiveSupport Fixnum extension
Diffstat (limited to 'activemodel/lib')
| -rw-r--r-- | activemodel/lib/active_model/mass_assignment_security.rb | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security.rb b/activemodel/lib/active_model/mass_assignment_security.rb index 659f6b3916..b2a54902a6 100644 --- a/activemodel/lib/active_model/mass_assignment_security.rb +++ b/activemodel/lib/active_model/mass_assignment_security.rb @@ -70,12 +70,13 @@ module ActiveModel # # class Customer # include ActiveModel::MassAssignmentSecurity - # - # attr_accessor :name, :credit_rating, :last_login - # - # attr_protected :credit_rating, :last_login - # attr_protected :last_login, :as => :admin - # + # + # attr_accessor :name, :password, :logins_count + # + # attr_protected :logins_count + # # Suppose that admin can not change password for employee + # attr_protected :password, :as => :admin + # # def assign_attributes(values, options = {}) # sanitize_for_mass_assignment(values, options[:as]).each do |k, v| # send("#{k}=", v) @@ -86,21 +87,21 @@ module ActiveModel # When using the :default role : # # customer = Customer.new - # customer.assign_attributes({ "name" => "David", "credit_rating" => "Excellent", :last_login => 1.day.ago }, :as => :default) + # customer.assign_attributes({ "name" => "David", "password" => "firstpass", :logins_count => 5 }, :as => :default) # customer.name # => "David" - # customer.credit_rating # => nil - # customer.last_login # => nil - # - # customer.credit_rating = "Average" - # customer.credit_rating # => "Average" + # customer.password # => "firstpass" + # customer.logins_count # => nil # # And using the :admin role : # # customer = Customer.new - # customer.assign_attributes({ "name" => "David", "credit_rating" => "Excellent", :last_login => 1.day.ago }, :as => :admin) + # customer.assign_attributes({ "name" => "David", "password" => "firstpass", :logins_count => 5}, :as => :admin) # customer.name # => "David" - # customer.credit_rating # => "Excellent" - # customer.last_login # => nil + # customer.password # => nil + # customer.logins_count # => nil + # + # customer.password = "alternative" + # customer.password # => "alternative" # # To start from an all-closed default and enable attributes as needed, # have a look at +attr_accessible+. |