deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Protect users projects_limit from mass assignment.

Browse source
This commit is contained in:
Marin Jankovski 2012-09-26 13:20:44 +02:00
parent 8ec956421c
commit 5928388b1c
3 changed files with 32 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/models/user.rb
View file

@ -6,8 +6,9 @@ class User < ActiveRecord::Base
:recoverable, :rememberable, :trackable, :validatable, :omniauthable
attr_accessible :email, :password, :password_confirmation, :remember_me, :bio,
:name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme,
:theme_id, :force_random_password, :extern_uid, :provider
:name, :skype, :linkedin, :twitter, :dark_scheme,
:theme_id, :force_random_password, :extern_uid, :provider, :as => [:default, :admin]
attr_accessible :projects_limit, :as => :admin
attr_accessor :force_random_password