Hello,
I’m facing a small issue here with protected columns from being updated.
(email, username)
So I thought attr_protected is the solution, but this destroy my
creation of user?
I cannot assign email when creating new user?
How do I solve this small issue?
On Aug 12, 9:47 am, Jamal S. [email protected]
wrote:
Hello,
I’m facing a small issue here with protected columns from being updated.
(email, username)So I thought attr_protected is the solution, but this destroy my
creation of user?
attr_protected means you cannot assign the attribute using create (or
update_attributes etc…)
It does not mean that you can’t do user.email = ‘…’
Fred
Frederick C. wrote:
On Aug 12, 9:47�am, Jamal S. [email protected]
wrote:Hello,
I’m facing a small issue here with protected columns from being updated.
(email, username)So I thought attr_protected is the solution, but this destroy my
creation of user?attr_protected means you cannot assign the attribute using create (or
update_attributes etc…)It does not mean that you can’t do user.email = ‘…’
Fred
Thanks for fast answer.
well, that’s a problem then because I need to assign everything myself?
In my controller I did this normally.
For new user
@user = User.new(params[:user])
@user.save
When updating
@user = session[:user] // when logged in
@user.update_attributes(params[:user])
Is this wrong?
When can I use before_update and before_create to handle these cases?
I also think update_attributes goes through all the columns before
updating to check if any variable has changed :S
On Aug 12, 10:02 am, Jamal S. [email protected]
wrote:
Thanks for fast answer.
well, that’s a problem then because I need to assign everything myself?
only for those attributes marked as protected.
Fred
So I must do something like this then for now…
@user = session[:user]
@user.postal = params[:user][:postal]
@user.birthday = params[:user][:birthday]
@user.save
Just to be 100% sure that no one can update anything else 
Or you could use attr_readonly method (http://api.rubyonrails.org/
classes/ActiveRecord/Base.html#M002282).
On 12 août, 05:07, Jamal S. [email protected]
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs