Submit_tag?

casper_the_ghost · March 15, 2007, 5:58pm

I have a protected attribute that I wish to change with my edit form.
Is it possible to do this with the “options” for submit_tag?

I guess what I’m asking is if there is a way to have the submit
perform the, in this case, user.admin=user[admin] assignment I would
like to occur when the form is submitted?

casper_the_ghost · March 15, 2007, 8:24pm

[email protected] wrote:

I have a protected attribute that I wish to change with my edit form.
Is it possible to do this with the “options” for submit_tag?

I guess what I’m asking is if there is a way to have the submit
perform the, in this case, user.admin=user[admin] assignment I would
like to occur when the form is submitted?

I think if the attribute is protected, you would have to do a manual
assignment.

Nelson

Basedex - A Collaborative Index to organize and collect everything
related to Ruby on Rails
http://blazingrails.basedex.com/index/8

casper_the_ghost · March 15, 2007, 8:35pm

Thanks for the response. That is what I was fearing. I was hoping
someone knew of a way to tie the assignment to the submission of the
edit form so that it happened at the same time/transparently.

On Mar 15, 1:24 pm, Nelson H. [email protected]

casper_the_ghost · March 15, 2007, 8:39pm

[email protected] wrote:

Thanks for the response. That is what I was fearing. I was hoping
someone knew of a way to tie the assignment to the submission of the
edit form so that it happened at the same time/transparently.

On Mar 15, 1:24 pm, Nelson H. [email protected]

How are you protecting your attribute? Are you using Ruby’s access
control (i.e. public, protected, private), are you using ActiveRecord’s
attr_protected macro?

Nelson

Basedex - A Collaborative Index to organize and collect everything
related to Ruby on Rails
http://blazingrails.basedex.com/index/8

casper_the_ghost · March 15, 2007, 8:51pm

I’m using the attr_protected macro.

On Mar 15, 1:39 pm, Nelson H. [email protected]

casper_the_ghost · March 15, 2007, 9:14pm

[email protected] wrote:

I’m using the attr_protected macro.

On Mar 15, 1:39 pm, Nelson H. [email protected]

From the documentation:

Attributes named in this macro are protected from mass-assignment, such
as new(attributes) and attributes=(attributes). Their assignment will
simply be ignored. Instead, you can use the direct writer methods to do
assignment. This is meant to protect sensitive attributes from being
overwritten by URL/form hackers.

So basically, attr_protected was designed specifically to prevent what
you want to do.

Nelson

casper_the_ghost · March 22, 2007, 11:57pm

[email protected] wrote:

Yeah, I was hoping there was a way to embed or trigger a direct
assignment from the data provided in the form when they do a submit.

In the documentation there is a reference to “options” for submit_to
but it doesn’t elaborate in any way. I was hoping maybe there was a
way to pass a direct assignment as an “option” or something similar.

Oh well. Thanks though

On Mar 15, 2:14 pm, Nelson H. [email protected]

casper_the_ghost · March 15, 2007, 9:26pm

Yeah, I was hoping there was a way to embed or trigger a direct
assignment from the data provided in the form when they do a submit.

In the documentation there is a reference to “options” for submit_to
but it doesn’t elaborate in any way. I was hoping maybe there was a
way to pass a direct assignment as an “option” or something similar.

Oh well. Thanks though

On Mar 15, 2:14 pm, Nelson H. [email protected]