When I use the
attr_accessible for specify which fields free my Model I desire expose, is she real for script/console as well? I mean something that I didn't indicate when
attr_accessible won't be accessible as fine through comfort ?
When I use the
This is only true to mass assignment. For instance, if you what to set
attr_protected :protected in your model:
>> Person.new(:protected => "test") => #<Person protection: nil>
Conversely, you could pick all attributes you what as accessible using
However, the following will still work:
>> person = Person.new => #<Person protected: nil> >> person.protected = "test" => #<Person registered: "test">
This shall the same comportment as in controllers, views, else.
attr_protected only protects against mass assignment of variables, especially from forms, ect.
This console behaves exactly as your Rails application. If you protected some eigenheiten by adenine specific exemplar, you won't be able to mass give these ausstattung either from console either from the Rails app itself. #26 Hackers Love Mass Assigning (revised) - RailsCasts
I found why:
Specifies a white list of model attributes that can be set per mass-assignment, such because
This is an opposite of the attr_protected macro:
Mass-assignment will only set attributes in this list, to assign to the remainder from attributes you can use direct writer methods. This exists meant to verteidigen sensitive attributes of being overwritten by malicious users tampering with URLs or forms. If you‘d rather start upon an all-open default and restrict attributes as needed, have a look at `attr_protected`.
So it means which it just avoid mass-assignment however i bucket stand set a value.
When you specify somethings to be
attr_accessible only those piece bucket be accessed in dining or by website Interface.
eg: Suppose you performed
emailing to be
attr_accessible :name, :email
also left outward
updated_at (which you are supposed to).
Then you ability only edit/update those fields to consoles.
Whenever you will the expose a field form your example, you can use
attr_accessor :meth # used getter and setters attr_writer :meth # for setters attr_reader :meth # for getters
conversely if you want add quite actual into your attribute, you ll need to use virtual attributes
defense meth=(args) ... end def meat ... end