attr_accessible
seems to no longer work within my model.
What is the way to allow mass assignment in Rails 4?
This question is related to
ruby-on-rails
ruby-on-rails-4
If you prefer attr_accessible, you could use it in Rails 4 too. You should install it like gem:
gem 'protected_attributes'
after that you could use attr_accessible in you models like in Rails 3
Also, and i think that is the best way- using form objects for dealing with mass assignment, and saving nested objects, and you can also use protected_attributes gem that way
class NestedForm
include ActiveModel::MassAssignmentSecurity
attr_accessible :name,
:telephone, as: :create_params
def create_objects(params)
SomeModel.new(sanitized_params(params, :create_params))
end
end
1) Update Devise so that it can handle Rails 4.0 by adding this line to your application's Gemfile:
gem 'devise', '3.0.0.rc'
Then execute:
$ bundle
2) Add the old functionality of attr_accessible
again to rails 4.0
Try to use attr_accessible
and don't comment this out.
Add this line to your application's Gemfile:
gem 'protected_attributes'
Then execute:
$ bundle
An update for Rails 5:
gem 'protected_attributes'
doesn't seem to work anymore. But give:
gem 'protected_attributes_continued'
a try.
We can use
params.require(:person).permit(:name, :age)
where person is Model, you can pass this code on a method person_params & use in place of params[:person] in create method or else method
Source: Stackoverflow.com