discourse/app/models/topic_allowed_user.rb
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00

23 lines
599 B
Ruby

class TopicAllowedUser < ActiveRecord::Base
belongs_to :topic
belongs_to :user
validates_uniqueness_of :topic_id, scope: :user_id
end
# == Schema Information
#
# Table name: topic_allowed_users
#
# id :integer not null, primary key
# user_id :integer not null
# topic_id :integer not null
# created_at :datetime not null
# updated_at :datetime not null
#
# Indexes
#
# index_topic_allowed_users_on_topic_id_and_user_id (topic_id,user_id) UNIQUE
# index_topic_allowed_users_on_user_id_and_topic_id (user_id,topic_id) UNIQUE
#