问题描述

当我使用 attr_accessible 来指定从我的示范田，我会公开，这是真的脚本/控制台呢？我的意思是，我并没有指定为 attr_accessible 以及通过控制台将无法访问？

When I use the attr_accessible to specify which fields from my Model I will expose, is it true for script/console as well? I mean something that I didn't specify as attr_accessible won't be accessible as well through console ?

推荐答案

这是唯一真正的质量分配。举例来说，如果你要设置 attr_protected：保护在模型：

This is only true for mass assignment. For instance, if you were to set attr_protected :protected in your model:

>> Person.new(:protected => "test")
=> #<Person protected: nil>

相反，你可以设置所有的属性你想要的访问使用 attr_accessible 。

不过，下面仍然可以工作：

However, the following will still work:

>> person = Person.new
=> #<Person protected: nil>
>> person.protected = "test"
=> #<Person protected: "test">

这是相同的行为控制器，视图等 attr_protected 只是防止变量质量分配，主要是从表格等。

This is the same behaviour as in controllers, views, etc. attr_protected only protects against mass assignment of variables, primarily from forms, etc.

这篇关于attr_accessible在轨活动记录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！