Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Joseph Weakley's Profile

GitHub User: jweakley

Site: digitalaugment.com

Comments by Joseph Weakley

Avatar

attr_accessible can also take an option role using the :as option which allows you to define multiple levels of accessors. You can then use the :as option with new, create, create!, update_attributes, and update_attributes! methods to use the different levels of accessors. Alternatively you could use :without_protection => true if you wanted to bypass all of the mass assignment protection for a single statement, e.g., in a seed file.

http://guides.rubyonrails.org/security.html#countermeasures