Re: [Rails] attrs_accessible.

Ruby on Rails Saturday, February 26, 2011

On 26 February 2011 14:31, Mauro <mrsanna1@gmail.com> wrote:
> I know it's a good practice setting attr_accesible for models.
> As an example if I have a model with admin: boolean attribute and if I
> don't set attr_accessible, a user can do: put /users/17?admin=1 making
> user 17 an admin.
> But if I have attr_accessible set and I want to create new users with
> a html form, how can I set admin true or false?
> I have to do an update directly in the database?

You don't need a separate operation on the db. In create or update in
the controller, before you call save or update_attributes, then set
the admin attribute if appropriate.

Colin

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Posted by Ruby on Rails at 8:42 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)