0d01c33482
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that. The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method. It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments. |
||
|---|---|---|
| .. | ||
| admin | ||
| application_controller_spec.rb | ||
| categories_controller_spec.rb | ||
| clicks_controller_spec.rb | ||
| draft_controller_spec.rb | ||
| education_controller_spec.rb | ||
| email_controller_spec.rb | ||
| invites_controller_spec.rb | ||
| list_controller_spec.rb | ||
| notifications_controller_spec.rb | ||
| omniauth_callbacks_controller_spec.rb | ||
| onebox_controller_spec.rb | ||
| post_actions_controller_spec.rb | ||
| posts_controller_spec.rb | ||
| request_access_controller_spec.rb | ||
| robots_txt_controller_spec.rb | ||
| search_controller_spec.rb | ||
| session_controller_spec.rb | ||
| static_controller_spec.rb | ||
| topics_controller_spec.rb | ||
| uploads_controller_spec.rb | ||
| user_actions_controller_spec.rb | ||
| users_controller_spec.rb | ||