Please refer to the ActiveModel MassAssignmentSecurity
apihttp://api.rubyonrails.org/classes/ActiveModel/MassAssignmentSecurity/ClassMethods.htmlfor
this.
I’m on Rails3.2.3/Ruby1.9.3 and trying to use that technique in the
controller as described. It is supposed to dynamically restrict the
attributes that can be mass assigned. However,
sanitize_for_mass_assignment
is ignoring the scope and using the default attr_accessible instead.
Is anyone else seeing this problem? Or has anyone successfully
implemented
it the way the docs describe? Seems like it’s not working as advertised.