aboutsummaryrefslogtreecommitdiffstats
path: root/activemodel/lib/active_model
diff options
context:
space:
mode:
Diffstat (limited to 'activemodel/lib/active_model')
-rw-r--r--activemodel/lib/active_model/deprecated_mass_assignment_security.rb4
-rw-r--r--activemodel/lib/active_model/forbidden_attributes_protection.rb27
2 files changed, 22 insertions, 9 deletions
diff --git a/activemodel/lib/active_model/deprecated_mass_assignment_security.rb b/activemodel/lib/active_model/deprecated_mass_assignment_security.rb
index 16b8466e55..2ea69991fc 100644
--- a/activemodel/lib/active_model/deprecated_mass_assignment_security.rb
+++ b/activemodel/lib/active_model/deprecated_mass_assignment_security.rb
@@ -1,8 +1,8 @@
module ActiveModel
- module DeprecatedMassAssignmentSecurity
+ module DeprecatedMassAssignmentSecurity # :nodoc:
extend ActiveSupport::Concern
- module ClassMethods
+ module ClassMethods # :nodoc:
def attr_protected(*args)
raise "`attr_protected` is extracted out of Rails into a gem. " \
"Please use new recommended protection model for params " \
diff --git a/activemodel/lib/active_model/forbidden_attributes_protection.rb b/activemodel/lib/active_model/forbidden_attributes_protection.rb
index a5e4c4f650..4c05b19cba 100644
--- a/activemodel/lib/active_model/forbidden_attributes_protection.rb
+++ b/activemodel/lib/active_model/forbidden_attributes_protection.rb
@@ -1,14 +1,27 @@
module ActiveModel
+ # Raised when forbidden attributes are used for mass assignment.
+ #
+ # class Person < ActiveRecord::Base
+ # end
+ #
+ # params = ActionController::Parameters.new(name: 'Bob')
+ # Person.new(params)
+ # # => ActiveModel::ForbiddenAttributesError
+ #
+ # params.permit!
+ # Person.new(params)
+ # # => #<Person id: nil, name: "Bob">
class ForbiddenAttributesError < StandardError
end
- module ForbiddenAttributesProtection
- def sanitize_for_mass_assignment(attributes, options = {})
- if attributes.respond_to?(:permitted?) && !attributes.permitted?
- raise ActiveModel::ForbiddenAttributesError
- else
- attributes
+ module ForbiddenAttributesProtection # :nodoc:
+ protected
+ def sanitize_for_mass_assignment(attributes, options = {})
+ if attributes.respond_to?(:permitted?) && !attributes.permitted?
+ raise ActiveModel::ForbiddenAttributesError
+ else
+ attributes
+ end
end
- end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-22 11:04:24 +0000