When I use the attr_accessible
to specify which fields from my Model I will expose, is it true for script/console as well? I mean something that I didn't specify as attr_accessible
won't be accessible as well through console ?
This is only true for mass assignment. For instance, if you were to set attr_protected :protected
in your model:
>> Person.new(:protected => "test")
=> #<Person protected: nil>
Conversely, you could set all attributes you want as accessible using attr_accessible
.
However, the following will still work:
>> person = Person.new
=> #<Person protected: nil>
>> person.protected = "test"
=> #<Person protected: "test">
This is the same behaviour as in controllers, views, etc. attr_protected
only protects against mass assignment of variables, primarily from forms, etc.