I need to add some mass assignment protection (ala
ActiveModel::MassAssignmentSecurity) but I can’t find how to do it
contextually. For example, in one controller action I want to to
whitelist attributes x, y and z and in another I want to whitelist
attribs y and z. How can I do that? The attr_accessible function has a
class-wide scope, whether in a model or in a controller. But I would
like to whitelist mass attribute assignment attributes in a more
granular context.
Some helpful resources:
https://rails.lighthouseapp.com/projects/8994/tickets/3178-mass-assignment-security-refactoring
http://api.rubyonrails.org/classes/ActiveModel/MassAssignmentSecurity/ClassMethods.html
Thanks!
Shimon