How is attr_accessible used in Rails 4?

by

Rails 4 now uses strong parameters.

Protecting attributes is now done in the controller. This is an example:

class PeopleController < ApplicationController
  def create
    Person.create(person_params)
  end

  private

  def person_params
    params.require(:person).permit(:name, :age)
  end
end

No need to set attr_accessible in the model anymore.

Dealing with accepts_nested_attributes_for

In order to use accepts_nested_attribute_for with strong parameters, you will need to specify which nested attributes should be whitelisted.

class Person
  has_many :pets
  accepts_nested_attributes_for :pets
end

class PeopleController < ApplicationController
  def create
    Person.create(person_params)
  end

  # ...

  private

  def person_params
    params.require(:person).permit(:name, :age, pets_attributes: [:name, :category])
  end
end

Keywords are self-explanatory, but just in case, you can find more information about strong parameters in the Rails Action Controller guide.

Note: If you still want to use attr_accessible, you need to add protected_attributes to your Gemfile. Otherwise, you will be faced with a RuntimeError.

More Related Contents:

  1. Boolean Validation
  2. Nested attributes unpermitted parameters
  3. Rails: How to reference images in CSS within Rails 4
  4. How to solve error “Missing `secret_key_base` for ‘production’ environment” (Rails 4.1)
  5. Rails 4: List of available datatypes
  6. Disable ActiveRecord for Rails 4
  7. ActiveRecord OR query Hash notation
  8. Rails association with multiple foreign keys
  9. rescue_from ActionController::RoutingError in Rails 4
  10. Rails 4: before_filter vs. before_action
  11. Saving enum from select in Rails 4.1
  12. How to configure Google Domains + Heroku w a Naked Domain
  13. Add a reference column migration in Rails 4
  14. Rails 4: organize rails models in sub path without namespacing models?
  15. Rails update_attributes without save?
  16. GroupingError: ERROR: column must appear in the GROUP BY clause or be used in an aggregate function
  17. Rails 4: assets not loading in production
  18. Redis + ActionController::Live threads not dying
  19. Form Submit button only works after reload
  20. Rails I18n validation deprecation warning
  21. First argument in form cannot contain nil or be empty – Rails 4
  22. Rails 4 – checkboxes for has_and_belongs_to_many association
  23. Rails 4: Why are fonts not loading in production?
  24. Ruby on rails 4 app does not work in iframe
  25. strong parameters permit all attributes for nested attributes
  26. Refresh token using Omniauth-oauth2 in Rails application
  27. How to integrate a Wrap Bootstrap theme into an Rails application?
  28. API Authentication for user logged in to a Web App server
  29. Is the server running on host “localhost” (::1) and accepting TCP/IP connections on port 5432?
  30. ActionController::ParameterMissing (param is missing or the value is empty: film):

Leave a Comment