t.string "username" t.string "password" t.boolean "admin" t.datetime "created_at" t.datetime "updated_at" end end # ... user = User.new params[:user] MASS ASSIGNMENT Monday, October 29, 12
t.string "username" t.string "password" t.boolean "admin" t.datetime "created_at" t.datetime "updated_at" end end # ... user = User.new params[:user] MASS ASSIGNMENT Monday, October 29, 12
# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::MassAssignmentSecurity::Error MASS ASSIGNMENT Monday, October 29, 12
# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::ForbiddenAttributesError MASS ASSIGNMENT Monday, October 29, 12
attr_accessible :username, :password end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end MASS ASSIGNMENT Monday, October 29, 12
attr_accessible :username, :password end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end MASS ASSIGNMENT Monday, October 29, 12
@user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end ASYNC MAILERS Monday, October 29, 12
do resources :comments end resources :forwards do resources :comments end resources :uploads do resources :comments end resources :documents do resources :comments end resources :todos do resources :comments end ROUTING CONCERNS Monday, October 29, 12