attr_protected(*attributes)
Attributes named in this macro are protected from mass-assignment, such
as new(attributes) and attributes=(attributes). Their assignment will
simply be ignored. Instead, you can use the direct writer methods to do
assignment. This is meant to protect sensitive attributes from being
overwritten by URL/form hackers.
class Customer < ActiveRecord::Base
attr_protected :credit_rating
end
by setting this for an attribute (column), you always have to
explicitly change it like
@something.attribute = “bla”
or with your toggle. @something = @something.toggle(:attribute)