2012-07-13 08:51:13 +00:00
|
|
|
module ActiveModel
|
2012-09-20 16:47:32 +00:00
|
|
|
# Raised when forbidden attributes are used for mass assignment.
|
|
|
|
#
|
|
|
|
# class Person < ActiveRecord::Base
|
|
|
|
# end
|
|
|
|
#
|
|
|
|
# params = ActionController::Parameters.new(name: 'Bob')
|
|
|
|
# Person.new(params)
|
|
|
|
# # => ActiveModel::ForbiddenAttributesError
|
|
|
|
#
|
|
|
|
# params.permit!
|
|
|
|
# Person.new(params)
|
|
|
|
# # => #<Person id: nil, name: "Bob">
|
2012-08-13 05:41:04 +00:00
|
|
|
class ForbiddenAttributesError < StandardError
|
2012-07-13 08:51:13 +00:00
|
|
|
end
|
|
|
|
|
2012-09-20 17:14:29 +00:00
|
|
|
module ForbiddenAttributesProtection # :nodoc:
|
|
|
|
protected
|
|
|
|
def sanitize_for_mass_assignment(attributes, options = {})
|
|
|
|
if attributes.respond_to?(:permitted?) && !attributes.permitted?
|
|
|
|
raise ActiveModel::ForbiddenAttributesError
|
|
|
|
else
|
|
|
|
attributes
|
|
|
|
end
|
2012-07-13 08:51:13 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|