To protect or not email attribute of user

Hi,

What’s your best practice about the email attribute of a registered user
in your DB. I don’t want people to be able to change email.

But what’s best?

  1. protect the email attribute with attr_protected or attr_accessible
    and suffer the pain of having to do user.email = … everywhere in your
    code and tests

  2. Keep email accessible, but write a custom update_attributes that
    filters the email attribute?

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs