Which columns should be the only columns allowed in a call to a mass assignment method (e.g. set) (default: not set, so all columns not otherwise restricted are allowed).
Freeze allowed columns when freezing model class.
# File lib/sequel/plugins/whitelist_security.rb, line 27 def freeze @allowed_columns.freeze super end
Set the columns to allow when using mass assignment (e.g.
set
). Using this means that any columns not listed here will
not be modified. If you have any virtual setter methods (methods that end
in =) that you want to be used during mass assignment, they need to be
listed here as well (without the =).
It may be better to use a method such as set_only
or
set_fields
that lets you specify the allowed fields per call.
Artist.set_allowed_columns(:name, :hometown) Artist.set(:name=>'Bob', :hometown=>'Sactown') # No Error Artist.set(:name=>'Bob', :records_sold=>30000) # Error
# File lib/sequel/plugins/whitelist_security.rb, line 43 def set_allowed_columns(*cols) clear_setter_methods_cache @allowed_columns = cols end