{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 ▲ chillily 的问题《attr_accessible in rails Active Record》','https://www.manongdao.com/q-158755.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
When I use the attr_accessible to specify which fields from my Model I will expose, is it true for script/console as well? I mean something that I didn't specify as attr_accessible won't be accessible as well through console ?
相关问题
- Question marks after images and js/css files in ra
- Using :remote => true with hover event
- Eager-loading association count with Arel (Rails 3
- How to specify memcache server to Rack::Session::M
- Why am I getting a “C compiler cannot create execu
相关文章
- Ruby using wrong version of openssl
- Right way to deploy Rails + Puma + Postgres app to
- AWS S3 in rails - how to set the s3_signature_vers
- Difference between Thread#run and Thread#wakeup?
- how to call a active record named scope with a str
- How to add a JSON column in MySQL with Rails 5 Mig
- “No explicit conversion of Symbol into String” for
- form_for wrong number of arguments in rails 4
I found why:
Specifies a white list of model attributes that can be set via mass-assignment, such as
new(attributes),update_attributes(attributes), orattributes=(attributes). This is the opposite of the attr_protected macro:So it means that it just avoid mass-assignment but i can still set a value.
If you want to expose a field form your model, you can use
or if you want add some behaviour to your attribute, you ll have to use virtual attributes
cheers.
This is only true for mass assignment. For instance, if you were to set
attr_protected :protectedin your model:Conversely, you could set all attributes you want as accessible using
attr_accessible.However, the following will still work:
This is the same behaviour as in controllers, views, etc.
attr_protectedonly protects against mass assignment of variables, primarily from forms, etc.The console behaves exactly as your Rails application. If you protected some attributes for a specific model, you won't be able to mass assign these attributes either from console or from the Rails app itself.
When you specify somethings to be
attr_accessibleonly those things can be accessed in console or by website Interface.eg: Suppose you made
nameandemailto beattr_accessible:and left out
created_atandupdated_at(which you are supposed to). Then you can only edit/update those fields in console.