themidnightoil
Reputation: 13
I am able to mass assign a variable in rails 4
What I've come to understand is if a variable is not explicitly declared in
params.require(:emergency).permit(...)
the variable can not be mass assigned however when I run my test it passes and when I go into Rails console and type in
e = Emergency.new(id:10);
e.save, =>true returns
Which is really strange to me , is there a setting in my rails application thats faulty?
def create
@emergency = Emergency.new(emergency_params)
end
def emergency_params
params.require(:emergency).permit(:fire_severity,:police_severity,:medical_severity,:code)
end
test 'POST /emergencies/ cannot set id' do
post '/emergencies', emergency: { id: 1, fire_severity: 1, police_severity: 2, medical_severity: 3 }
assert_equal 201, response.status
end
Upvotes: 1
Views: 52
Answers (1)
Charles Duffy
Reputation: 296019
Per http://api.rubyonrails.org/classes/ActionController/Parameters.html --
Ensure that ActionController::Parameters.action_on_unpermitted_parameters is set to :raise if you want an exception raised in this scenario.
Upvotes: 1
Related Questions
- How to do mass variable assignment
- Mass Assignment issue in rails
- Ruby on Rails: Mass-Assignment on iteration in loop?
- mass-assignment issues in Rails 4
- Variable assignment
- Mass Assignment Issue Rails 3
- Rails mass assignment issue
- Mass Assignment Rails 4
- Can't mass assign attributes in Rails controller
- Mass assignment in rails3.1