Clever Geek Handbook

Is there a way to set the default attr_accessible in a rails project with Mongoid?

Recommended solution:

config.active_record.whitelist_attributes = true

But this only works if you are using active recording. Is there a similar approach in mongoid rails project? It uses an active model, but not an active entry.

+3


source to share


3 answers


I asked the same question

https://groups.google.com/forum/?fromgroups#!topic/mongoid/xuBbuyhiFEU

It is not currently supported, but you can do a (straight forward) monkey patch (as Benedict suggested)



https://gist.github.com/1977438

It looks a lot like AR (you can check the AR code, I'll copy it here for simplicity)

ActiveSupport.on_load(:active_record) do
    if app.config.active_record.delete(:whitelist_attributes)
      attr_accessible(nil)
    end
    app.config.active_record.each do |k,v|
      send "#{k}=", v
    end
  end
+1


source


I've never used Mongoid, so it's pretty speculative, but due to the look and feel, AR uses the Railtie initializer to set attr_accessible (nil) when this config is right.

It doesn't look like it can be done in the config at the moment, but you can probably hook it up in some way to your own initializer. In Mongoid :: Fields, if the config for protected_sensitive_fields is true (default), it calls attr_protected for id, _id, and _type. This also blacklists active_authorizer. Perhaps you could fix this and provide a better configuration for the whitelist that calls attr_accessible (nil).



So yeah, it wouldn't be a bad idea to just make a patch and then submit a pull request. The last thing the ruby ​​community wants is another high profile mass-use fiasco.

+2


source


This will do the trick:

http://groups.google.com/group/mongoid/browse_thread/thread/de5a93a350b49c02?pli=1

+1


source






More articles:


All Articles