Mass assignment protectionRuby1,278EditAllow users to only assign values for fields they may access.
Taint and required checking for Action Pack and enforcement in Active Model
Related categories
User Authorization23,633Rubypundit, cancancan and 10 more »Authorize user actions on resources based on policies, abilities or roles. Authenticate your users beforehand.
Around the webAdd