Ruby on Rails

Peter Bell <peter@...> writes:

>
> A User has many teachers. I'm trying to lock down my API. I have
a "user.add_teacher teacher" method and want
> to make that the *only* way to "user.teachers << teacher". Any way to lock
down the teachers association so
> it is read only from outside the user class and only settable within self?
>
> I'm not just looking for attr_protected to avoid mass assignment. I'm
specifically looking to ensure that
> nobody on the team will write "user.teachers << teacher" and bypass all of
the additional business logic
> in the add_teacher method. I know I can do a "find within project"
for "teachers <<" but don't want to
> remember to have to do that.
>
> I know my specs should catch anything that's amiss, and I'm not sure whether
this is an idiomatic approach in
> Ruby/Rails but I'd appreciate any thoughts/suggestions.
>
> Thanks,
> Peter
>

It seems there is business logic to check when adding teachers to users which
goes beyond a simple "validates_associated :teacher". Rather than restrict
developers to a single method call, I would investigate custom validations.

See http://guides.rubyonrails.org/active_record_validations_callbacks.html

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.