Hello,
I want to be able to pass scope param into my embedded scaffold and
wrote this method and put it the controller (should it go into
helper?)
def beginning_of_chain
scope = params[:scope] ? params[:scope].to_sym : nil
if scope and super.send(scope).class == ActiveRecord::Relation
super.send scope
end
end
My question is security related. What would prevent some one to pass
param=delete_all and mess up my database and how can I protect against
this.
thank you.
--
You received this message because you are subscribed to the Google Groups
"ActiveScaffold : Ruby on Rails plugin" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/activescaffold?hl=en.
