virajkulkarni14/mass_assignment_authorizer.rb

## mass_assignment_authorizer.rb
# based on Railscast 237, http://railscasts.com/episodes/237-dynamic-attr-accessible
private
  # take care of attr_accessible based on user role
  def mass_assignment_authorizer
    if accessible == :all
      # original hack, doesn't work with AR attribute type
      # self.class.protected_attributes

      # This hack should work as well with AR attribute type
      ActiveModel::MassAssignmentSecurity::BlackList.new {:id}
    else
      super + ( accessible || [] )
    end
  end
	# based on Railscast 237, http://railscasts.com/episodes/237-dynamic-attr-accessible
	private
	# take care of attr_accessible based on user role
	def mass_assignment_authorizer
	if accessible == :all
	# original hack, doesn't work with AR attribute type
	# self.class.protected_attributes

	# This hack should work as well with AR attribute type
	ActiveModel::MassAssignmentSecurity::BlackList.new {:id}
	else
	super + ( accessible \|\| [] )
	end
	end