Gradual upgrade path to strong_parameters
rhomeister opened this issue · comments
During my upgrade to Rails 4, I decided to postpone the removal of attr_accessible and use this gem. Now, I would like to drop this in favor of strong_parameters. Since our application is fairly large, I would like to do this gradually.
I've been trying to follow the instructions here: https://github.com/rails/strong_parameters#migration-path-to-rails-4. However, when I set config.active_record.whitelist_attributes = false
and include ActiveModel::ForbiddenAttributesProtection
in one of my models, the following statement still proceeds to instantiate a user without any problems:
User.new(ActionController::Parameters.new(first_name: 'Ruben'))
According to my understanding of strong_parameters, this should throw a ActiveModel::ForbiddenAttributesError
. Basically, strong_parameters does not seem to be working, or the protected_attributes
is conflicting somehow.
Can anyone help me with this problem?
Apologies, I was using an older version of this gem. After upgrading to 1.1.3 it seems to be working correctly.