> Initially this thought was inspired by the fact that DataMapper does > not support protected attributes on mass-assign, the way ActiveRecord > does. Right now, User.new(params[:user]) is highly unsafe if there > are any sensitive properties of User.
I've not really looked into this at all, but I thought you could declare datamapper properties as private or protected to achieve similar functionality to activerecord's attr_protected functionality.... property :secret, :private => true property :login, :protected => true As I say I've no idea if this is actually so or exactly what these options do but it could be worth looking into if you are after this type of behavior Rupert --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "merb" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/merb?hl=en -~----------~----~----~----~------~----~------~--~---
