Please refer to the ActiveModel MassAssignmentSecurity api<http://api.rubyonrails.org/classes/ActiveModel/MassAssignmentSecurity/ClassMethods.html>for this.
I'm on Rails3.2.3/Ruby1.9.3 and trying to use that technique in the controller as described. It is supposed to dynamically restrict the attributes that can be mass assigned. However, sanitize_for_mass_assignment is ignoring the scope and using the default attr_accessible instead. Is anyone else seeing this problem? Or has anyone successfully implemented it the way the docs describe? Seems like it's not working as advertised. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/iusmQT1UzIwJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
