diff options
| author | Carlos Antonio da Silva <carlosantoniodasilva@gmail.com> | 2012-03-06 09:12:29 -0300 |
|---|---|---|
| committer | Vijay Dev <vijaydev.cse@gmail.com> | 2012-03-09 00:21:45 +0530 |
| commit | e63f04cc0c7d517010f1d6840680b46e69dc75a9 (patch) | |
| tree | a6f6431382b3890de90247664acf8179eaf2c467 /activemodel | |
| parent | 9bcd6622dde4896b54fc0e1f843c624771e3e425 (diff) | |
| download | rails-e63f04cc0c7d517010f1d6840680b46e69dc75a9.tar.gz rails-e63f04cc0c7d517010f1d6840680b46e69dc75a9.tar.bz2 rails-e63f04cc0c7d517010f1d6840680b46e69dc75a9.zip | |
Improve docs for attr_accessible|protected related to Hash#except|slice
Diffstat (limited to 'activemodel')
| -rw-r--r-- | activemodel/lib/active_model/mass_assignment_security.rb | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/activemodel/lib/active_model/mass_assignment_security.rb b/activemodel/lib/active_model/mass_assignment_security.rb index e1fb1e3231..f0041f5fee 100644 --- a/activemodel/lib/active_model/mass_assignment_security.rb +++ b/activemodel/lib/active_model/mass_assignment_security.rb @@ -83,7 +83,7 @@ module ActiveModel # end # end # - # When using the :default role : + # When using the :default role: # # customer = Customer.new # customer.assign_attributes({ "name" => "David", "credit_rating" => "Excellent", :last_login => 1.day.ago }, :as => :default) @@ -94,7 +94,7 @@ module ActiveModel # customer.credit_rating = "Average" # customer.credit_rating # => "Average" # - # And using the :admin role : + # And using the :admin role: # # customer = Customer.new # customer.assign_attributes({ "name" => "David", "credit_rating" => "Excellent", :last_login => 1.day.ago }, :as => :admin) @@ -105,8 +105,9 @@ module ActiveModel # To start from an all-closed default and enable attributes as needed, # have a look at +attr_accessible+. # - # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of +attr_protected+ - # to sanitize attributes won't provide sufficient protection. + # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of + # +attr_protected+ to sanitize attributes provides basically the same + # functionality, but it makes a bit tricky to deal with nested attributes. def attr_protected(*args) options = args.extract_options! role = options[:as] || :default @@ -150,7 +151,7 @@ module ActiveModel # end # end # - # When using the :default role : + # When using the :default role: # # customer = Customer.new # customer.assign_attributes({ "name" => "David", "credit_rating" => "Excellent", :last_login => 1.day.ago }, :as => :default) @@ -160,15 +161,16 @@ module ActiveModel # customer.credit_rating = "Average" # customer.credit_rating # => "Average" # - # And using the :admin role : + # And using the :admin role: # # customer = Customer.new # customer.assign_attributes({ "name" => "David", "credit_rating" => "Excellent", :last_login => 1.day.ago }, :as => :admin) # customer.name # => "David" # customer.credit_rating # => "Excellent" # - # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of +attr_accessible+ - # to sanitize attributes won't provide sufficient protection. + # Note that using <tt>Hash#except</tt> or <tt>Hash#slice</tt> in place of + # +attr_accessible+ to sanitize attributes provides basically the same + # functionality, but it makes a bit tricky to deal with nested attributes. def attr_accessible(*args) options = args.extract_options! role = options[:as] || :default |