mass-assignment

I would like to save query result into redis using JSON serialization and query it back. Getting query results to json is pretty easy: JSON.generate(Model.all.collect {|item| item.attributes}) However I did not find a proper way to deserialize it back to ActiveRecord. The most straight-forward way: JSON.parse(@json_string).collect {|item| Model.new.from_json(item)} Gives me an error: WARNING: Can't mass-assign protected attributes: id So id gets empty. I thought of just using OpenStruct for the views instead of ActiveRecord but I am sure there is a better way. You could instantiate the new

Models: class Topic < ActiveRecord::Base has_many :posts, :dependent => :destroy validates :name, :presence => true, :length => { :maximum => 32 } attr_accessible :name, :post_id end class Post < ActiveRecord::Base belongs_to :topic, :touch => true has_many :comments, :dependent => :destroy accepts_nested_attributes_for :topic attr_accessible :name, :title, :content, :topic, :topic_attributes end View: <%= simple_form_for :post, :url => { :controller => :posts, :action => "create" } do |f| %> <h1>Create a Post</h1> <%= f.input :name, :label => false, :placeholder => "Name" %> <%= f.input

I am currently trying to set up a form with nested fields on a belongs_to relationship, but I am running into a mass assignment error. My code so far is as follows (some html removed): Sale model: class Sale < ActiveRecord::Base attr_accessible :customer_attributes belongs_to :customer accepts_nested_attributes_for :customer end new.html.erb: <div class="container"> <%= form_for :sale, :url => sales_path do |sale| -%> <%= sale.fields_for :customer do |customer_builder| %> <%= render :partial => "customers/form", :locals => {:customer => customer_builder, :form_actions_visible => false} %> <%

I've watched the RailsCast, another nested attributes video, lots of SO posts, and fought with this for a while, but I still can't figure it out. I hope it's something tiny. I have two models, User (created by Devise), and Locker (aka, a product wishlist), and I'm trying to create a Locker for a User when they sign up. My login form has a field for the name of their new Locker (aptly called :name ) that I'm trying to assign to the locker that gets created upon new user registration. All I'm ever greeted with is: WARNING: Can't mass-assign protected attributes: locker I've tried every

The official way of preventing security risks with mass-assignment is using attr_accessible . However, some programmers feel this is not a job for the model (or at least not only for the model). The simplest way of doing it in a controller is slicing the params hash: @user = User.update_attributes(params[:user].slice(:name)) However the documentation states: Note that using Hash#except or Hash#slice in place of attr_accessible to sanitize attributes won’t provide sufficient protection. Why is that? Why a whitelist-slicing of params does not provide enough protection? UPDATE: Rails 4.0 will

In this post , slice function is used to get only necessary elements of params. What would be the function I should use to exclude an element of params (such as user_id)? Article.new(params[:article].slice(:title, :body)) Thank you. Guillaume Use except : a = {"foo" => 0, "bar" => 42, "baz" => 1024 } a.except("foo") # returns => {"bar" => 42, "baz" => 1024} Ritesh Choudhary Try this params = { :title => "title", :other => "other", :body => "body" } params.select {|k,v| [:title, :body].include? k } #=> {:title => "title", :body => "body"} 来源： https://stackoverflow.com/questions/8790381/is-there

As the title says,i need to mass-assign products to a category and from the admin i can only edit one product at a time; i dont know why it just doesnt work to mass add them from the "category products" tab in the category page. Thats why i need another method that's fast,like using phpMyAdmin or something alike. Any help? Thanks in advance! I created a simple script to do this outside of Magento. Be sure to test this first on a single product and make sure it looks as you'd expect. // Load Magento require_once 'path/to/app/Mage.php'; Mage::app(); // $productIds is an array of the products you