Last active
November 25, 2015 10:20
-
-
Save dv/282e81600698a962f4aa to your computer and use it in GitHub Desktop.
If you're using `protected_attributes` gem and would like to smoothly switch over to `strong_params`, this is a possible useful monkey patch to only use the mass assignment protection when handling controller params.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Not fully tested, use at own risk! | |
| module ActiveModel | |
| module MassAssignmentSecurity | |
| # Original source: https://github.com/rails/protected_attributes/blob/0421e825911b05a77c6521171b43070c9e6c4b35/lib/active_model/mass_assignment_security.rb#L350 | |
| def sanitize_for_mass_assignment(attributes, role = nil) #:nodoc: | |
| if attributes.respond_to?(:permitted?) && _uses_mass_assignment_security | |
| _mass_assignment_sanitizer.sanitize(self.class, attributes, mass_assignment_authorizer(role)) | |
| else | |
| sanitize_forbidden_attributes(attributes) | |
| end | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment