I have a model with two attr_accessible lines
attr_accessible ...., :as => :user
at开发者_开发问答tr_accessible ...., :as => :admin
Then in my controller I do this
if @user.update_attributes(params[:user],:as => :user)
And I get wrong number of parameters 2 for 1, however: @user.assign_atrributes(params[:user],:as => :user) works.
I am using mongoid. Any ideas?
I think you found something that has not been implemented yet in your version of Mongoid -- but please check a later Mongoid version, where it seems to be implemented since 2.2.1!
The doc says that :as is a valid option in Mongoid::Document
http://mongoid.org/docs/documents/access.html (see bottom of page)
But it says: You can scope the mass assignment by role by providing the role as an option to the constructor or create methods.
It doesn't speak of update_attributes in particular - update_attributes is not a constructor
Checking in the source code reveals that it's not implemented in update_attributes() in Mongoid versions < 2.2.1 , but later versions have it implemented!
If you're using a later version of Mongoid, and still experience problems, I would recommend to post this on the Google Mongoid Group as a bug, mentioning your Mongoid version number.
See also:
http://groups.google.com/group/mongoid/
EDIT:
Looks like it's a missing feature in Mongoid 2.1.7
in the mongoid source code, update_attributes() calles write_attributes(), which does not know about the option :as
but if you look at the source code of Mongoid 2.3.1 , you'll see that it's implemented there since 2.2.1!
write_attributes() calls assign_attributes , which honors the option :as
# Allows you to set all the attributes for a particular mass-assignment security role
# by passing in a hash of attributes with keys matching the attribute names
# (which again matches the column names) and the role name using the :as option.
# To bypass mass-assignment security you can use the :without_protection => true option.
#
# @example Assign the attributes.
# person.assign_attributes(:title => "Mr.")
#
# @example Assign the attributes (with a role).
# person.assign_attributes({ :title => "Mr." }, :as => :admin)
#
# @param [ Hash ] attrs The new attributes to set.
# @param [ Hash ] options Supported options: :without_protection, :as
#
# @since 2.2.1
def assign_attributes(attrs = nil, options = {})
_assigning do
process(attrs, options[:as] || :default, !options[:without_protection]) do |document|
document.identify if new? && id.blank?
end
end
end
You can find the source code this way:
$ find ~/.rvm/gems/ruby-1.9.2-p0/gems/mongoid-2.1.7/lib/ -type f -exec grep -l 'def write_attributes' {} \;
~/.rvm/gems/ruby-1.9.2-p0/gems/mongoid-2.1.7/lib/mongoid/attributes.rb
$ emacs ~/.rvm/gems/ruby-1.9.2-p0/gems/mongoid-2.1.7/lib/mongoid/attributes.rb
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论