1. Mass assignment doesn't care if the attributes are genreated by
ActiveRecord, defined using attr-accessor, or implemented explicitly.
It just doesn't allow some attributes to be mass assigned, so if
the :secret is protected then
user.attributes = {:secret => ...}
user.update_attributes(:secret => ...)
User.create(:secret => ...)
won't work, but
user.secret = ...
will work always for protected & for not-protected attributes.
attr_accesseble & attr_protected can be used interchangeably, just use
the one you like more, eg when User has 3 attributes: name, age &
salary, then:
attr_accessible :name, :age
is the same as
attr_protected :salary
In both case name & age will be accessible and salary will be
protected.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
