Skip to content

@iHiD /user.rb
Created

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Security Article Part 2 - 5
# Migration
create_table :users do |t|
t.boolean :can_do_dangerous_things, null: false
#...
t.timestamps
end
class User < ActiveRecord::Base
# Blacklisting attribute
attr_protected :can_do_dangerous_things
before_create do
return true if @permissions_set
self.permissions = {
:can_do_dangerous_things => false
#...
}
true
end
def permissions=(hash)
self.can_do_dangerous_things = hash[:can_do_dangerous_things]
#...
@permissions_set = true
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.