问题描述
当我使用 attr_accessible
来指定从我的示范田,我会公开,这是真的脚本/控制台呢?我的意思是,我并没有指定为 attr_accessible
以及通过控制台将无法访问?
When I use the attr_accessible
to specify which fields from my Model I will expose, is it true for script/console as well? I mean something that I didn't specify as attr_accessible
won't be accessible as well through console ?
推荐答案
这是唯一真正的质量分配。举例来说,如果你要设置 attr_protected:保护
在模型:
This is only true for mass assignment. For instance, if you were to set attr_protected :protected
in your model:
>> Person.new(:protected => "test")
=> #<Person protected: nil>
相反,你可以设置所有的属性你想要的访问使用 attr_accessible
。
不过,下面仍然可以工作:
However, the following will still work:
>> person = Person.new
=> #<Person protected: nil>
>> person.protected = "test"
=> #<Person protected: "test">
这是相同的行为控制器,视图等 attr_protected
只是防止变量质量分配,主要是从表格等。
This is the same behaviour as in controllers, views, etc. attr_protected
only protects against mass assignment of variables, primarily from forms, etc.
这篇关于attr_accessible在轨活动记录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!