On 5 May 2013 19:33, rihad <[email protected]> wrote:
> p.s. I wonder if this repetitiveness is needed here. For the simple
> case such as Post.new(params[:post]), I guess Rails should just "know"
> what fields comprise a model and permit relevant safe fields coming
> from POSTed data. Of course one can always override that with the
> second permit variant, but not be forced to do so, introducing
> possibility for error (dreaded DRY).

I believe you can still use attr_accessible in the model if you want to.
This feature is a change for Rails 4 that gives greater flexibility in
that it allows permitting or require parameters from within the
controller.  Why would it not be DRY?

By the way, could you not top post please, it makes it difficult to
follow the thread.  Insert your replies inline at appropriate points
in the previous message.  Thanks.

Colin

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.


Reply via email to