Home/ Questions/Q 8362397
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T11:55:50+00:00

I have 3 models, User, Army and Engineer. When a User creates an Army

  • 0

I have 3 models, User, Army and Engineer. When a User creates an Army which belongs to them, they can check a checkbox called siege that will create an Engineer which belongs to that Army and User. I have a concern about mass assignment though. The Engineer gets created by my method in my Army model:

attr_reader :siege
after_save :if_siege
private
 def if_siege
   if self.siege
    Engineer.create!( :user_id => self.user.id, :army_id => self.id )
   end
 end
end

But the only way that I know of to have both of the ID’s be assigned is to do this in my Engineer model:

class Engineer
 attr_accessible :user_id, :army_id

This doesn’t seem safe even though engineers can never be created on a form but will automatically be created by a link or checkbox. The ideal is Auto-assign these two attributes like whats done in the controller. e.g.

example = current_user.examples.build(params[:example])

What do you think? Is their an alternative to this design?

Mass assignment is a tricky issue for me…..

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    What’s wrong with:

    engineer = Engineer.new
engineer.user_id = self.user.id
engineer.army_id = self.id
engineer.save!

    You could alternatively specify that you don’t care about the mass assignment issues here only:

    params = { :user_id => self.user.id, :army_id => self.id }
Engineer.create!(params, without_protection: true)
    • 0