class method
self.attr_accessible
Ruby on Rails 2.3.18
Since v2.2.3 Last seen in v2.3.18Available in: v2.2.3 v2.3.18
Signature
self.attr_accessible(*attributes)Specifies a white list of model attributes that can be set via mass-assignment, such as new(attributes), update_attributes(attributes), or attributes=(attributes)
This is the opposite of the attr_protected macro: Mass-assignment will only set attributes in this list, to assign to the rest of attributes you can use direct writer methods. This is meant to protect sensitive attributes from being overwritten by malicious users tampering with URLs or forms. If you’d rather start from an all-open default and restrict attributes as needed, have a look at attr_protected.
class Customer < ActiveRecord::Base attr_accessible :name, :nickname end customer = Customer.new(:name => "David", :nickname => "Dave", :credit_rating => "Excellent") customer.credit_rating # => nil customer.attributes = { :name => "Jolly fellow", :credit_rating => "Superb" } customer.credit_rating # => nil customer.credit_rating = "Average" customer.credit_rating # => "Average"
Parameters
-
attributesrest
Source
# File activerecord/lib/active_record/base.rb, line 1085
def attr_accessible(*attributes)
write_inheritable_attribute(:attr_accessible, Set.new(attributes.map(&:to_s)) + (accessible_attributes || []))
end
Defined in activerecord/lib/active_record/base.rb line 1085
· View on GitHub
· Improve this page
· Find usages on GitHub
Defined in ActiveRecord::Base