Rails and Allowing ID Editing from Forms
Need to allow yours users to directly edit the ID of your model object?
By default, Rails will strip out the ID field from the hash of request parameters. This is a security measure, prohibitings the web interface from altering an object's ID.
Generally, this is a good practice. However, some legacy schemas have IDs that are not simply numbers. In those cases, the ID is created and managed by the user.
To tell Rails to allow the ID to be edited, you can use attr_protected
and attr_allowed
.
More information is available at http://wiki.rubyonrails.com/rails/pages/HowToEnsureValidAttributesInFormData