diff options
Diffstat (limited to 'activemodel/lib/active_model/forbidden_attributes_protection.rb')
| -rw-r--r-- | activemodel/lib/active_model/forbidden_attributes_protection.rb | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/activemodel/lib/active_model/forbidden_attributes_protection.rb b/activemodel/lib/active_model/forbidden_attributes_protection.rb index a5e4c4f650..4c05b19cba 100644 --- a/activemodel/lib/active_model/forbidden_attributes_protection.rb +++ b/activemodel/lib/active_model/forbidden_attributes_protection.rb @@ -1,14 +1,27 @@ module ActiveModel + # Raised when forbidden attributes are used for mass assignment. + # + # class Person < ActiveRecord::Base + # end + # + # params = ActionController::Parameters.new(name: 'Bob') + # Person.new(params) + # # => ActiveModel::ForbiddenAttributesError + # + # params.permit! + # Person.new(params) + # # => #<Person id: nil, name: "Bob"> class ForbiddenAttributesError < StandardError end - module ForbiddenAttributesProtection - def sanitize_for_mass_assignment(attributes, options = {}) - if attributes.respond_to?(:permitted?) && !attributes.permitted? - raise ActiveModel::ForbiddenAttributesError - else - attributes + module ForbiddenAttributesProtection # :nodoc: + protected + def sanitize_for_mass_assignment(attributes, options = {}) + if attributes.respond_to?(:permitted?) && !attributes.permitted? + raise ActiveModel::ForbiddenAttributesError + else + attributes + end end - end end end |