alexjsharp.com

I recently published my first public plugin called mass_assignment_murderer. You can get it here from github. Currently, a subversion release is not planned. Basically, the plugin addresses the mass assignment problem covered in Railscast Episode 26.

mass_assignment_murderer provides an ActiveRecord class method cleverly titled, has_mass_assignment_murderer, which protects your models from mass assignment through a has_many or many-to-many association. Specifically, it looks for an methods that end with “_ids” and then calls attr_protected on those methods.

For a future version, I’m thinking of simply auto-protecting all such methods in all models, without having to make any sort of declaration.