Commit graph

4 commits

Author SHA1 Message Date
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam
2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Sam
65cd00cf25 moderators now have teeth, more at http://meta.discourse.org/t/moderator-permission-set/6307/5
allow pms to be targetted at groups
2013-05-02 15:15:53 +10:00