Rails and Allowing ID Editing from Forms

Need to allow yours users to directly edit the ID of your model object?




By default, Rails will strip out the ID field from the hash of request parameters. This is a security measure, prohibitings the web interface from altering an object's ID.




Generally, this is a good practice. However, some legacy schemas have IDs that are not simply numbers. In those cases, the ID is created and managed by the user.




To tell Rails to allow the ID to be edited, you can use attr_protected and attr_allowed.




More information is available at http://wiki.rubyonrails.com/rails/pages/HowToEnsureValidAttributesInFormData

Post a Comment

Popular posts from this blog

Converting Array to List in Scala

I ported a JavaScript app to Dart. Here's what I learned.

Minification is not enough, you need tree shaking