prevent mass assignment of polymorphic type when using `build`

Closes #8265
author: Yves Senn <yves.senn@garaio.com> 2012-11-21 09:48:48 +0100
committer: Yves Senn <yves.senn@garaio.com> 2012-11-22 08:58:00 +0100
commit: 053bfa2304517fd2eb4e8e7dcb4eb9897f121271 (patch)
tree: b95f4ac2bb19b24eae1dc7abe722146cbfffbdf1 /activerecord/lib/active_record
parent: 293c121feeb93544c1f9594bd1bee3ce046301d5 (diff)
download: rails-053bfa2304517fd2eb4e8e7dcb4eb9897f121271.tar.gz
rails-053bfa2304517fd2eb4e8e7dcb4eb9897f121271.tar.bz2
rails-053bfa2304517fd2eb4e8e7dcb4eb9897f121271.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/activerecord/lib/active_record/associations/association.rb b/activerecord/lib/active_record/associations/association.rb
index 99e7383d42..3f0e4ca999 100644
--- a/activerecord/lib/active_record/associations/association.rb
+++ b/activerecord/lib/active_record/associations/association.rb
@@ -232,7 +232,8 @@ module ActiveRecord
 
         def build_record(attributes)
           reflection.build_association(attributes) do |record|
-            attributes = create_scope.except(*(record.changed - [reflection.foreign_key]))
+            skip_assign = [reflection.foreign_key, reflection.type].compact
+            attributes = create_scope.except(*(record.changed - skip_assign))
             record.assign_attributes(attributes)
           end
         end
author	Yves Senn <yves.senn@garaio.com>	2012-11-21 09:48:48 +0100
committer	Yves Senn <yves.senn@garaio.com>	2012-11-22 08:58:00 +0100
commit	053bfa2304517fd2eb4e8e7dcb4eb9897f121271 (patch)
tree	b95f4ac2bb19b24eae1dc7abe722146cbfffbdf1 /activerecord/lib/active_record
parent	293c121feeb93544c1f9594bd1bee3ce046301d5 (diff)
download	rails-053bfa2304517fd2eb4e8e7dcb4eb9897f121271.tar.gz rails-053bfa2304517fd2eb4e8e7dcb4eb9897f121271.tar.bz2 rails-053bfa2304517fd2eb4e8e7dcb4eb9897f121271.zip