Created
October 27, 2011 17:17
-
-
Save fadhlirahim/1320181 to your computer and use it in GitHub Desktop.
Filter params allowed to go thru
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure that we don't allow attributes to be mass assigned from Backbone saves | |
| # http://www.quora.com/Backbone-js-1/How-well-does-backbone-js-work-with-rails | |
| # Always whitelist and validate your incoming attributes. | |
| # | |
| # Usage | |
| # | |
| # model.update_attributes pick(params, :title, :description) | |
| # | |
| def pick(hash, *keys) | |
| filtered = {} | |
| hash.each do |key, value| | |
| filtered[key.to_sym] = value if keys.include?(key.to_sym) | |
| end | |
| filtered | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment