How I can set 'attr_accessible' in order to NOT allow access to ANY of the fields FOR a model using Ruby on Rails?

Question

If in a model file I have just this code:

class Users < ActiveRecord::Base
end

what this means? All attributes related to the model are acce

Answer 1

By default the attributes are all attr_accessible (which means they can be set my mass-assignment).

• attr_accessible - only this list of attributes can be set by mass-assignment (white-listing).
• attr_protected - these attributes cannot be set by mass-assignment (black-listing).
• attr_readonly - these attributes cannot be set except for when the record is created.

To disable mass-assignment entirely, use something like this:

ActiveRecord::Base.send(:attr_accessible, nil)

This command will disable mass-assignment for all active record objects, but you can specify one or more models to perform this command on if you want mass-assignment in some cases but not in others.