RailsCasts Pro episodes are now free!

Learn more or hide this

rahulcee's Profile

GitHub User: rahulcee

Comments by


Ryan, What if you have a model where none of the attributes should be modified by the user (an e-commerce app for example where the admin only can add products)? You say that attr_protected leaves a vulnerability and should be avoided...so what is the alternative? Should I simply have a line for attr_accessible and assign no attributes to it?

Thanks for the screencast!