I’m fairly new to rails and I am viewing some other’s code. I notice

Question

0

Asked: June 13, 20262026-06-13T03:04:16+00:00 2026-06-13T03:04:16+00:00

I’m fairly new to rails and I am viewing some other’s code. I notice

0

I’m fairly new to rails and I am viewing some other’s code. I notice that if I attempt to create an instance of a model object using create() I get an error telling me that I cannot create model objects using mass assignment. I am aware of the dangers associated with mass assignment in object creation. However this does not seem to be necessary in some of the source I am using as a reference. Is this new to rails 3.2.7?? Or am I doing something incorrectly?

So if I have a model called “Person” and I want to create a new one:

person = Person.create(:first_name => "Some", :last_name => "Dude") #throws exception

What I have been doing is adding this to the Person class definition:

attr_accessible :first_name, :last_name

person = Person.create(:first_name => "Some", :last_name => "Dude") #now this is OK

Is defining the accessible attributes on each model class the correct way?

Thanks!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T03:04:17+00:00

Editorial Team

2026-06-13T03:04:17+00:00Added an answer on June 13, 2026 at 3:04 am

This is new in rails 3.2 due to the security upgrade. you can learn more at hackers love massignment

attr_accessible :first_name,  :last_name

http://api.rubyonrails.org/classes/ActiveModel/MassAssignmentSecurity/ClassMethods.html

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m fairly new to rails and I am viewing some other’s code. I notice

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply