Hey guys, is there a validation that essentially acts the opposite way
of “validates_presence_of”. That is, the attribute in question must be
nil, or blank, non-existent. If not, what’s the best way to prevent a
user from altering a web form attempting to submit data to a field
that they should never have access to?
Thanks!
Seirie wrote:
Hey guys, is there a validation that essentially acts the opposite way
of “validates_presence_of”. That is, the attribute in question must be
nil, or blank, non-existent. If not, what’s the best way to prevent a
user from altering a web form attempting to submit data to a field
that they should never have access to?
What you’re looking for is attr_accessible and/or attr_protected:
http://railsapi.com/doc/rails-v2.3.5/classes/ActiveRecord/Base.html#M000920
If you were to do that in validation it would render the attribute
virtually useless. You would have to bypass validation altogether in
order to set it at all. What you really want is to disallow mass
assignment of the attribute. That’s what the above methods do.
brilliant, exactly what I was looking for. Thank you much Robert.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs