问题
I just spent quite some time trying to resolve a virtual attribute issue in my model. It turned out I'd simply forgotten to add it to attr_accesible in my model. Granted I should have caught it earlier or better should have started the whole endeavor by adding it to attr_accessible in the first place.
To keep this from happening again, is there a configuration setting I can flag to throw an exception on development if I try to mass assign something and validate it when it is protected/inaccessible? I know I can use set config.active_record.whitelist_attributes = true to require whitelist for all but my question is more on an individual attribute basis.
The line above for example does not warn me if I have a model with attr_accessible :name then later add :nickname (virtual or not), and try to mass assign it checking for presence=>true. I want it to warn me that I tried to validate a protected attribute through mass assignment.
回答1:
Rails 3.2 has a configuration option to raise a ActiveModel::MassAssignmentSecurity::Error in that case
config.active_record.mass_assignment_sanitizer = :strict
See Rails 3.2 release notes and the commit in Rails
来源:https://stackoverflow.com/questions/9678778/rails-3-config-setting-for-attr-accessible-protected