Our Books | Resources | Discussions | Support |

 

Aug 29, 2008 2:20pm Daniel Nelson 2 posts	For example, given a User model with a :role attribute, such that the default value for that attribute is defined in the database, the application needs to ensure that the user creation form is not spoofed and a :role provided. Otherwise, @user = User.new(params[:user]) would enable new users to be created with arbitrary roles. I know that I could create my own validate function, but it seems like validates_absence_of functionality is as foundational as validates_presence_of, so I’m wondering if I am misunderstanding something. Thank You, Daniel
Sep 19, 2008 1:51pm Daniel Nelson 2 posts	attr_protected does this Also see attr_accessible

2 posts, 1 voice

Discussions

Go

• Forums
• Recent Posts

Voices

• Daniel Nelson

RSS Feed for Topic

Home | About Us | Connect! | Write For Us | Privacy Policy | Terms of Use | Credits | Contact Us

The Pragmatic Bookshelf™ is an imprint of The Pragmatic Programmers, LLC.
Copyright © 1999–2007 The Pragmatic Programmers, LLC. All Rights Reserved.

Beast Forums, Copyright © 2006 Josh Goebel and Rick Olson