On 5 May 2013 19:33, rihad <[email protected]> wrote: > p.s. I wonder if this repetitiveness is needed here. For the simple > case such as Post.new(params[:post]), I guess Rails should just "know" > what fields comprise a model and permit relevant safe fields coming > from POSTed data. Of course one can always override that with the > second permit variant, but not be forced to do so, introducing > possibility for error (dreaded DRY).
I believe you can still use attr_accessible in the model if you want to. This feature is a change for Rails 4 that gives greater flexibility in that it allows permitting or require parameters from within the controller. Why would it not be DRY? By the way, could you not top post please, it makes it difficult to follow the thread. Insert your replies inline at appropriate points in the previous message. Thanks. Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.

