Reputation:
Dynamic scope for accessing Model Attributes
I'm currently using the mass assignment security baked into rails 3 to scope what level of users can update about their model. For example this code allows me to protect attributes based on the user level.
class Customer
attr_accessor :name, :credit_rating
attr_accessible :name
attr_accessible :name, :credit_rating, :as => :admin
end
I would like to be able to use this same idea for which attributes appear when I do a find. For example I would like to be able to say
Customer.all.as(:admin)
and get back the credit rating. Compare this to doing
Customer.all
and getting back all the attributes except the credit_rating
Is this something rails supports and I've missed?
Upvotes: 0
Views: 601
Answers (1)
Reputation: 7887
attr_accessible is used to filter incoming attributes on mass assignment. This is a convenience method created so that a developer does not need to manually clean the incoming hash of params, something he does not control.
When displaying information a developer is in full control of what he/she desires to show, so there seems to be no reason to limit the read functionality.
However, rails allows you to "select" the attributes you desire in a query: see http://guides.rubyonrails.org/active_record_querying.html#selecting-specific-fields
You could easily create a scope with the name admin that would limit the selected values.
If you do not desire to have the full models, but only the values, you could use the generated sql. e:g.
ActiveRecord::Base.connection.select_values(Customer.select('name').to_sql)
Upvotes: 0
Related Questions
- Dynamically generate scopes in rails models
- Create dynamic scopes based on other model
- Dynamically adding ActiveRecord scopes
- Rails: Scope an entire model
- Rails scope query on model
- ActiveRecord: Scope for where attribute is present
- Scope dependable attributes
- Create Rails scope for associated model
- Get scope from within model in ActiveRecord
- How do I dynamically access ActiveRecord instance attributes?